Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93098 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

my laptop randomly turns off. [Closed]

hp windows 7 webcam laptop monta

  • This topic is locked This topic is locked
15 replies to this topic

#1 montabellrose

montabellrose

    Authentic Member

  • Authentic Member
  • PipPip
  • 59 posts

Posted 09 December 2014 - 02:54 PM

Hi there, i recently just bought a laptop off of someone which appears to be in good condition however it likes to randomly shut off after i've been using it for a bit...    I haven't noticed too many patters yet in this behavior, but it seems if im not using it it will stay on fine...   i guess itsmostly when im browsing the web ..

 

It's a hp tx 1210ca ultrabook laptop

its running a pre installed windows 7 ultimate os....

 

also when i got it, i said i was interested in the webcam but he told me i would have to download some drivers for it....

i couldnt find ones on the hp site because apparently they only offer them for windows vista (which is what im guessing this is what this comp came with)    i managed to download some other ones, but i don't know if theyre doing the webcam justice...  the cam does work now, but it doesn't seem as good as it should be.

 

anyways ...I really hope you guys can help and i didnt waste my money.

 

HERE'S MY HIJACKTHIS LOG.....

 

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 3:41:33 AM, on 12/9/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v8.00 (8.00.7601.17514)
Boot mode: Normal

Running processes:
C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\pc\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles(x86)%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [YouCam Service6] "C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe" /s
O4 - HKLM\..\RunOnce: [freetodownload] "C:\Users\pc\AppData\Local\Temp\\BI_RunOnce.exe" /initurl http://sub.stepjump....3dV5KD1C/:uid:? /affid "-" /id "0" /name " " /uniqid Q3dV5KD1C /uuid 37464E43-3432-5233-5352-001B244A3E56 /biosserial CNF7243RSR /biosversion HPQOEM - 6040000 /csname HP Pavilion tx1000 Notebook PC
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Support Solutions Framework Service (HPSupportSolutionsFrameworkService) - Hewlett-Packard Company - C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SMIRegistryTool - Unknown owner - C:\Program Files (x86)\Camera Vendor\Virtual WebCam\DriverPackage\XYNTService.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7318 bytes
 

 

 


    Advertisements

Register to Remove


#2 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 09 December 2014 - 07:49 PM

Hi montabellrose,

My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

  • I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for the issues on this machine.
  • Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  • It's often worth reading through these instructions and printing them for ease of reference.
  • If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  • Please reply to this thread. Do not start a new topic.
  • Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.

IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.

DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.

Please stay with this topic until I let you know that your system appears to be "All Clear"

Important: All tools MUST be run from the Desktop.

=========================

HijackThis isn't used much anymore to diagnose malware issues, please run the following scans for review.

=========================

bullseye_zpse9eaf36e.gif Security Check

Download Security Check by screen317 from here or here.

  • Save it to your Desktop.
    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

=========================

bullseye_zpse9eaf36e.gif aswMBR

Download aswMBR.exe and save it to your desktop.

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • When asked if you want to download Avast's virus definitions please select Yes.
  • Click Scan
  • Upon completion of the scan, click Save log and save it to your desktop, and post that log in your next reply for review. Note - do NOT attempt any Fix yet.
  • You will also notice another file created on the desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) file. Attach that zipped file in your next reply as well.

=========================

bullseye_zpse9eaf36e.gif Download Farbar Recovery Scan Tool and save to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply

=========================

In your next post please provide the following:


  • checkup.txt
  • aswMBR.txt
  • attach MBR.zip
  • FRST.txt
  • Addition.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#3 montabellrose

montabellrose

    Authentic Member

  • Authentic Member
  • PipPip
  • 59 posts

Posted 09 December 2014 - 10:43 PM

sweet! thank you.  Here are the requested logs and file....

 

also before you replied, i noticed that there had not been any updates done to this computer in  a VERY long time, aproxx 123 important updates....  i tried updating them, but the farthest i made it was 81 before it shut off again and then when i would restart the comp it would start from the beginning again....     anywho, i wont do anything else to this comp until you say :) 

 

 

Check up :

 

 Results of screen317's Security Check version 0.99.91  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 15.0.0.239  
 Mozilla Firefox (34.0.5)
 Google Chrome (39.0.2171.71)
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 9%
````````````````````End of Log``````````````````````

 

 

aswMBR :

 

aswMBR version 1.0.1.2252 Copyright© 2014 AVAST Software
Run date: 2014-12-09 20:25:35
-----------------------------
20:25:35.365    OS Version: Windows x64 6.1.7601 Service Pack 1
20:25:35.365    Number of processors: 2 586 0x6801
20:25:35.365    ComputerName: PC-PC  UserName: pc
20:25:38.220    Initialize success
20:25:38.314    VM: initialized successfully
20:25:38.329    VM: Amd CPU virtualization not supported
20:26:06.600    AVAST engine download error: 0
20:26:10.594    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000006a
20:26:10.610    Disk 0 Vendor: Hitachi_ FB2O Size: 152627MB BusType: 6
20:26:10.750    Disk 0 MBR read successfully
20:26:10.750    Disk 0 MBR scan
20:26:10.766    Disk 0 Windows 7 default MBR code
20:26:10.781    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
20:26:10.797    Disk 0 Boot: NTFS     code=2
20:26:10.828    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       152525 MB offset 206848
20:26:10.875    Disk 0 scanning C:\Windows\system32\drivers
20:26:18.410    Service scanning
20:26:51.014    Modules scanning
20:26:51.045    Disk 0 trace - called modules:
20:26:51.138    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys hal.dll nvstor64.sys
20:26:51.154    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c04760]
20:26:51.185    3 CLASSPNP.SYS[fffff880019aa43f] -> nt!IofCallDriver -> [0xfffffa80048fec60]
20:26:51.201    5 ACPI.sys[fffff88000edc7a1] -> nt!IofCallDriver -> \Device\0000006a[0xfffffa800490d370]
20:26:51.216    Disk 0 statistics 94654/0/0 @ 9.16 MB/s
20:26:51.232    Scan finished successfully
20:27:09.078    Disk 0 MBR has been saved successfully to "C:\Users\pc\Desktop\logs\MBR.dat"
20:27:09.110    The log file has been saved successfully to "C:\Users\pc\Desktop\logs\aswMBR.txt"


FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by pc (administrator) on PC-PC on 09-12-2014 20:30:14
Running from C:\Users\pc\Desktop
Loaded Profiles: pc & UpdatusUser (Available profiles: pc & UpdatusUser)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Camera Vendor\Virtual WebCam\DriverPackage\XYNTService.exe
(SiliconMotion Inc.) C:\Program Files (x86)\Camera Vendor\Virtual WebCam\DriverPackage\SMIRegistryTool.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(BitTorrent Inc.) C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe
( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_239.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [nwiz] => C:\Program Files\NVIDIA Corporation\nView\nwiz.exe [1875048 2010-08-19] ()
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [120320 2007-09-14] (Synaptics, Inc.)
HKLM-x32\...\Run: [QlbCtrl] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [202032 2007-12-06] ( Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [YouCam Service6] => C:\Program Files (x86)\CyberLink\YouCam6\YouCamService6.exe [504792 2014-03-27] (CyberLink Corp.)
HKLM-x32\...\RunOnce: [freetodownload] => C:\Users\pc\AppData\Local\Temp\\BI_RunOnce.exe [198144 2014-09-16] ()
HKU\S-1-5-21-2513945851-19090857-1081133418-1000\...\Run: [BitTorrent] => C:\Users\pc\AppData\Roaming\BitTorrent\BitTorrent.exe [1685080 2014-12-09] (BitTorrent Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2513945851-19090857-1081133418-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/en-ca/?ocid=iehp
HKU\S-1-5-21-2513945851-19090857-1081133418-1001\Software\Microsoft\Internet Explorer\Main,Local Page =
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-2513945851-19090857-1081133418-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 64.59.144.92 64.59.150.138

FireFox:
========
FF ProfilePath: C:\Users\pc\AppData\Roaming\Mozilla\Firefox\Profiles\q5twmidn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)

Chrome:
=======
CHR Profile: C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-08]
CHR Extension: (Google Docs) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-08]
CHR Extension: (Google Drive) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-08]
CHR Extension: (YouTube) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-08]
CHR Extension: (Google Search) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-08]
CHR Extension: (Google Sheets) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-08]
CHR Extension: (Google Wallet) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-08]
CHR Extension: (Gmail) - C:\Users\pc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89352 2014-09-15] (Hewlett-Packard Company)
R2 SMIRegistryTool; C:\Program Files (x86)\Camera Vendor\Virtual WebCam\DriverPackage\XYNTService.exe [77824 2009-07-23] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 clwvd6; C:\Windows\System32\DRIVERS\clwvd6.sys [41704 2013-10-28] (CyberLink Corporation)
R3 smserial; C:\Windows\System32\DRIVERS\SmSerl64.sys [1227776 2009-06-10] (Motorola Inc.)
U1 eabfiltr; No ImagePath
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 aswMBR; \??\C:\Users\pc\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\pc\AppData\Local\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-09 20:30 - 2014-12-09 20:31 - 00008701 _____ () C:\Users\pc\Desktop\FRST.txt
2014-12-09 20:29 - 2014-12-09 20:30 - 00000000 ____D () C:\FRST
2014-12-09 20:21 - 2014-12-09 20:22 - 02119680 _____ (Farbar) C:\Users\pc\Desktop\FRST64.exe
2014-12-09 20:17 - 2014-12-09 20:17 - 05198336 _____ (AVAST Software) C:\Users\pc\Desktop\aswMBR.exe
2014-12-09 20:13 - 2014-12-09 20:14 - 00852487 _____ () C:\Users\pc\Desktop\SecurityCheck.exe
2014-12-09 15:02 - 2012-02-29 22:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-12-09 15:02 - 2012-02-29 22:38 - 00220672 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-12-09 15:02 - 2012-02-29 22:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-12-09 15:02 - 2012-02-29 22:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-12-09 15:02 - 2012-02-29 21:37 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-12-09 15:02 - 2012-02-29 21:33 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-12-09 15:02 - 2012-02-29 21:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-12-09 14:18 - 2014-06-30 14:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-12-09 14:18 - 2014-06-30 14:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-12-09 14:18 - 2014-03-09 13:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-12-09 14:18 - 2014-03-09 13:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-12-09 14:18 - 2014-03-09 13:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-12-09 14:18 - 2014-03-09 13:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-12-09 14:17 - 2014-06-05 22:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-12-09 14:17 - 2014-06-05 22:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-12-09 14:11 - 2014-07-16 18:07 - 03722240 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-12-09 14:11 - 2014-07-16 18:07 - 01113088 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-12-09 14:11 - 2014-07-16 18:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-12-09 14:11 - 2014-07-16 17:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-12-09 14:10 - 2014-07-16 18:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-12-09 14:10 - 2014-07-16 18:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-12-09 14:10 - 2014-07-16 18:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-12-09 14:10 - 2014-07-16 18:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-12-09 14:10 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-12-09 14:10 - 2014-07-16 17:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-12-09 14:10 - 2014-07-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-12-09 14:10 - 2014-07-16 17:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-12-09 14:10 - 2014-07-16 17:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-12-09 14:10 - 2013-02-14 22:08 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-12-09 14:10 - 2013-02-14 22:02 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-12-09 14:10 - 2013-02-14 19:25 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-12-09 14:10 - 2012-04-25 21:41 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2014-12-09 14:10 - 2012-04-25 21:34 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2014-12-09 14:09 - 2014-11-10 19:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-12-09 14:09 - 2014-11-10 19:08 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2014-12-09 14:09 - 2014-11-10 18:44 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-12-09 14:09 - 2014-11-10 18:44 - 00186880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2014-12-09 14:09 - 2014-10-13 18:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-12-09 14:09 - 2014-10-13 18:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-12-09 14:09 - 2014-10-13 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-12-09 14:09 - 2014-10-13 17:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-12-09 14:09 - 2014-04-11 18:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-12-09 14:09 - 2014-04-11 18:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-12-09 14:09 - 2014-04-11 18:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-12-09 14:09 - 2014-04-11 18:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-12-09 14:09 - 2014-04-11 18:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-12-09 14:08 - 2014-09-19 01:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-09 14:08 - 2014-09-19 01:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-12-09 14:08 - 2014-09-19 01:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-12-09 14:08 - 2014-09-19 01:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-12-09 14:08 - 2014-09-19 01:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-12-09 14:08 - 2014-09-19 01:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-12-09 14:08 - 2014-09-19 01:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-12-09 14:08 - 2014-09-19 01:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-09 14:08 - 2014-09-19 01:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-12-09 14:08 - 2014-09-19 01:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-12-09 14:08 - 2014-09-19 01:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-12-09 14:08 - 2014-09-19 01:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-12-09 14:08 - 2014-03-04 01:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-12-09 14:08 - 2014-03-04 01:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-12-09 14:08 - 2014-03-04 01:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-12-09 14:08 - 2014-03-04 01:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-12-09 14:08 - 2014-03-04 01:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-12-09 14:08 - 2014-03-04 01:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-12-09 14:08 - 2014-03-04 01:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-12-09 14:08 - 2014-03-04 01:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-12-09 14:08 - 2014-03-04 01:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-12-09 14:08 - 2014-03-04 00:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-12-09 14:08 - 2014-03-04 00:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-12-09 14:08 - 2013-08-01 18:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-12-09 14:08 - 2013-08-01 18:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 18:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 17:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-12-09 14:08 - 2013-08-01 16:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 16:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 16:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-12-09 14:08 - 2013-08-01 16:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-12-09 14:08 - 2012-06-15 21:16 - 00609792 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 14:08 - 2012-06-15 21:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-09 14:08 - 2012-06-15 20:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-09 14:08 - 2012-06-15 20:26 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 14:07 - 2013-07-25 18:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-12-09 14:07 - 2013-07-25 18:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-12-09 14:07 - 2013-07-25 17:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-12-09 14:07 - 2013-07-25 17:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-12-09 14:07 - 2013-05-12 21:51 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-12-09 14:07 - 2013-05-12 21:51 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-12-09 14:07 - 2013-05-12 21:51 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-12-09 14:07 - 2013-05-12 21:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-12-09 14:07 - 2013-05-12 20:45 - 01160192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-12-09 14:07 - 2013-05-12 20:45 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-12-09 14:07 - 2013-05-12 20:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-12-09 14:07 - 2013-05-12 19:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-12-09 14:07 - 2013-05-12 19:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-12-09 14:07 - 2013-05-12 19:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-12-09 14:07 - 2012-11-22 19:13 - 00068608 _____ (Microsoft Corporation) C:\Windows\system32\taskhost.exe
2014-12-09 14:07 - 2011-04-08 22:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-12-09 14:07 - 2011-04-08 21:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-12-09 14:06 - 2014-10-09 16:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-12-09 14:06 - 2014-10-02 18:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-12-09 14:06 - 2014-10-02 18:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-12-09 14:06 - 2014-10-02 18:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-12-09 14:06 - 2014-10-02 18:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-12-09 14:06 - 2014-10-02 18:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-12-09 14:06 - 2014-10-02 17:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-12-09 14:06 - 2014-10-02 17:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-12-09 14:06 - 2014-10-02 17:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-12-09 14:05 - 2013-08-27 01:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-12-09 14:05 - 2013-08-27 01:01 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-12-09 14:05 - 2013-08-27 00:21 - 01077760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-12-09 14:05 - 2012-03-16 23:58 - 00075120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-12-09 14:04 - 2014-10-24 17:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-12-09 14:04 - 2014-10-24 17:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-12-09 14:04 - 2013-07-20 02:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-12-09 14:04 - 2013-07-20 02:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-12-09 14:04 - 2013-04-25 21:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-12-09 14:04 - 2013-04-25 20:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-12-09 14:04 - 2012-09-25 14:47 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-12-09 14:04 - 2012-09-25 14:46 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-12-09 14:04 - 2012-07-04 14:16 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-12-09 14:04 - 2012-07-04 14:13 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2014-12-09 14:04 - 2012-07-04 14:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2014-12-09 14:04 - 2012-07-04 13:16 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-12-09 14:04 - 2012-07-04 13:14 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2014-12-09 14:04 - 2012-02-16 22:38 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2014-12-09 14:04 - 2012-02-16 21:34 - 00826880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2014-12-09 14:04 - 2012-02-16 20:57 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2014-12-09 14:04 - 2011-08-16 21:26 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-12-09 14:04 - 2011-08-16 21:25 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-12-09 14:04 - 2011-08-16 20:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-12-09 14:04 - 2011-08-16 20:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-12-09 14:04 - 2011-05-02 21:29 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2014-12-09 14:04 - 2011-05-02 20:30 - 00741376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2014-12-09 14:04 - 2011-02-05 09:10 - 00642944 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-12-09 14:04 - 2011-02-05 09:10 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2014-12-09 14:04 - 2011-02-05 09:10 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2014-12-09 14:04 - 2011-02-05 09:10 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2014-12-09 14:04 - 2011-02-05 09:06 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-12-09 14:04 - 2011-02-05 09:06 - 00566208 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-12-09 14:04 - 2011-02-05 09:06 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-12-09 14:03 - 2014-09-03 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-12-09 14:03 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-12-09 14:03 - 2013-07-04 04:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-12-09 14:03 - 2012-06-05 22:02 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2014-12-09 14:03 - 2012-06-05 21:03 - 00805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2014-12-09 14:03 - 2011-12-16 00:46 - 00634880 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-12-09 14:03 - 2011-12-15 23:52 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-12-09 14:03 - 2011-05-24 03:42 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2014-12-09 14:03 - 2011-05-24 02:40 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2014-12-09 14:03 - 2011-05-24 02:40 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2014-12-09 14:03 - 2011-05-24 02:39 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2014-12-09 14:03 - 2011-05-24 02:37 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2014-12-09 14:03 - 2011-02-12 03:34 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2014-12-09 14:00 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-12-09 14:00 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-12-09 14:00 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-12-09 14:00 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-12-09 14:00 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-12-09 14:00 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-12-09 14:00 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-12-09 14:00 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-12-09 14:00 - 2012-05-13 21:26 - 00956928 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-12-09 13:44 - 2014-08-22 18:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-12-09 13:44 - 2014-08-22 17:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-12-09 13:43 - 2014-07-13 18:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-12-09 13:43 - 2014-07-13 17:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-12-09 13:43 - 2011-10-14 22:31 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-12-09 13:43 - 2011-10-14 21:38 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-12-09 13:43 - 2011-02-22 20:56 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-12-09 13:43 - 2011-02-22 20:55 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2014-12-09 13:43 - 2011-02-22 20:55 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-12-09 13:43 - 2011-02-22 20:55 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2014-12-09 13:42 - 2014-10-17 18:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-12-09 13:42 - 2014-10-17 17:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-12-09 13:42 - 2011-08-26 21:37 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-12-09 13:42 - 2011-08-26 20:26 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-12-09 13:41 - 2013-10-11 18:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-12-09 13:41 - 2013-10-11 18:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-12-09 13:41 - 2013-10-11 18:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-12-09 13:41 - 2013-10-11 18:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-12-09 13:41 - 2013-10-11 18:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-12-09 03:41 - 2014-12-09 03:41 - 00007319 _____ () C:\Users\pc\Downloads\hijackthis.log
2014-12-09 03:41 - 2014-12-09 03:41 - 00007319 _____ () C:\Users\pc\Desktop\hijackthis.log
2014-12-09 03:40 - 2014-12-09 03:40 - 00388608 _____ (Trend Micro Inc.) C:\Users\pc\Downloads\HiJackThis.exe
2014-12-09 01:39 - 2014-12-09 01:49 - 346739003 _____ () C:\Users\pc\Downloads\MichalMenert-Even_If_It_Isnt_Right.zip
2014-12-09 01:39 - 2014-12-09 01:40 - 74699804 _____ () C:\Users\pc\Downloads\Gramatik-digitalfreedom.zip
2014-12-09 01:38 - 2014-12-09 01:39 - 115262304 _____ () C:\Users\pc\Downloads\MichalMenert-DreamingOfABiggerLife.zip
2014-12-09 01:32 - 2014-12-09 01:32 - 00000865 _____ () C:\Users\pc\Desktop\BitTorrent.lnk
2014-12-09 01:32 - 2014-12-09 01:32 - 00000845 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk
2014-12-09 01:30 - 2014-12-09 20:30 - 00000000 ____D () C:\Users\pc\AppData\Roaming\BitTorrent
2014-12-09 01:28 - 2014-12-09 01:28 - 01685080 _____ (BitTorrent Inc.) C:\Users\pc\Downloads\BitTorrent.exe
2014-12-09 00:52 - 2014-12-09 00:52 - 00000000 ____D () C:\Users\Public\CyberLink
2014-12-09 00:50 - 2014-12-09 00:50 - 00262144 _____ () C:\Windows\Minidump\120914-59124-01.dmp
2014-12-09 00:50 - 2014-12-09 00:50 - 00000000 ____D () C:\Users\Public\Documents\CyberLink
2014-12-09 00:48 - 2014-12-09 16:06 - 00000000 ____D () C:\Users\pc\Documents\YouCam
2014-12-09 00:48 - 2014-12-09 00:48 - 00000000 ____D () C:\Users\pc\AppData\Local\CyberLink
2014-12-09 00:47 - 2014-12-09 00:47 - 00002167 _____ () C:\Users\Public\Desktop\CyberLink YouCam 6.lnk
2014-12-09 00:47 - 2014-12-09 00:47 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam 6
2014-12-09 00:47 - 2013-10-28 23:26 - 00041704 _____ (CyberLink Corporation) C:\Windows\system32\Drivers\clwvd6.sys
2014-12-09 00:43 - 2014-12-09 00:47 - 00000000 ____D () C:\Program Files (x86)\CyberLink
2014-12-09 00:42 - 2014-12-09 00:43 - 00000000 ____D () C:\ProgramData\Temp
2014-12-09 00:42 - 2014-12-09 00:42 - 00000000 ____D () C:\ProgramData\SUPPORTDIR
2014-12-09 00:42 - 2014-12-09 00:42 - 00000000 ____D () C:\ProgramData\install_clap
2014-12-09 00:42 - 2014-12-09 00:42 - 00000000 ____D () C:\Program Files (x86)\Camera Vendor
2014-12-09 00:41 - 2014-12-09 00:41 - 05146216 _____ (Hewlett-Packard ) C:\Users\pc\Downloads\sp50506.exe
2014-12-09 00:36 - 2014-12-09 00:42 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-09 00:36 - 2014-12-09 00:38 - 341401520 _____ () C:\Users\pc\Documents\YouCam_6.0.2728.0_Trial_Trial_YUC140730-01.exe
2014-12-09 00:36 - 2014-12-09 00:36 - 01409896 _____ (CyberLink) C:\Users\pc\Downloads\CyberLink_YouCam_Downloader.exe
2014-12-09 00:35 - 2014-12-09 00:35 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Macromedia
2014-12-09 00:35 - 2014-12-09 00:35 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Adobe
2014-12-09 00:35 - 2014-12-09 00:35 - 00000000 ____D () C:\Users\pc\AppData\Local\Macromedia
2014-12-09 00:28 - 2014-12-09 20:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-09 00:28 - 2014-12-09 00:28 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-09 00:28 - 2014-12-09 00:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-09 00:28 - 2014-12-09 00:28 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-09 00:28 - 2014-12-09 00:28 - 00000000 ____D () C:\Windows\SysWOW64\Macromed
2014-12-09 00:28 - 2014-12-09 00:28 - 00000000 ____D () C:\Windows\system32\Macromed
2014-12-09 00:27 - 2014-12-09 00:28 - 00000000 ____D () C:\Users\pc\AppData\Local\Adobe
2014-12-09 00:22 - 2007-02-14 09:56 - 00371200 _____ (NVIDIA Corporation) C:\Windows\system32\nvusmu.exe
2014-12-09 00:22 - 2006-12-15 08:48 - 00003903 _____ () C:\Windows\system32\nvnrm.nvu
2014-12-09 00:22 - 2006-12-15 08:48 - 00000528 _____ () C:\Windows\system32\nvsmu.nvu
2014-12-09 00:21 - 2007-05-02 09:28 - 00372736 _____ (NVIDIA Corporation) C:\Windows\system32\NVUNINST.EXE
2014-12-09 00:20 - 2014-12-09 00:21 - 22781080 _____ (Hewlett-Packard ) C:\Users\pc\Downloads\sp36077.exe
2014-12-09 00:17 - 2014-12-09 00:18 - 00325864 _____ (Hewlett-Packard Company ) C:\Users\pc\Downloads\sp35930(1).exe
2014-12-09 00:00 - 2014-12-09 00:01 - 00000000 ____D () C:\Users\pc\AppData\Roaming\Mozilla
2014-12-09 00:00 - 2014-12-09 00:01 - 00000000 ____D () C:\Users\pc\AppData\Local\Mozilla
2014-12-09 00:00 - 2014-12-09 00:00 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-09 00:00 - 2014-12-09 00:00 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-09 00:00 - 2014-12-09 00:00 - 00000000 ____D () C:\ProgramData\Mozilla
2014-12-09 00:00 - 2014-12-09 00:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 00:00 - 2014-12-09 00:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-08 23:57 - 2014-12-08 23:57 - 00244104 _____ () C:\Users\pc\Downloads\Firefox Setup Stub 34.0.5 (1).exe
2014-12-08 23:54 - 2014-12-08 23:54 - 00244104 _____ () C:\Users\pc\Downloads\Firefox Setup Stub 34.0.5.exe
2014-12-08 23:34 - 2014-12-08 23:34 - 00000000 ____D () C:\SWTOOLS
2014-12-08 23:34 - 2014-12-08 23:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Integrated Camera
2014-12-08 23:34 - 2014-12-08 23:34 - 00000000 ____D () C:\Program Files (x86)\Vimicro Corporation
2014-12-08 23:33 - 2014-12-08 23:33 - 03893528 _____ (Lenovo Group Limited ) C:\Users\pc\Downloads\c1web03us17.exe
2014-12-08 23:32 - 2014-12-08 23:32 - 00000000 ____D () C:\Users\pc\AppData\Local\Hewlett-Packard
2014-12-08 23:28 - 2014-12-08 23:38 - 00000000 ____D () C:\Users\pc\AppData\Roaming\HP Drivers Update Utility
2014-12-08 23:28 - 2014-12-08 23:29 - 00000000 ____D () C:\Users\pc\AppData\Roaming\GetRightToGo
2014-12-08 23:28 - 2014-12-08 23:28 - 00001181 _____ () C:\Users\Public\Desktop\HP Drivers Update Utility.lnk
2014-12-08 23:28 - 2014-12-08 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Drivers Update Utility
2014-12-08 23:28 - 2014-12-08 23:28 - 00000000 ____D () C:\Program Files (x86)\HP Drivers Update Utility
2014-12-08 23:27 - 2014-12-08 23:27 - 00348262 _____ () C:\Users\pc\Downloads\hp-drivers-update-utility.zip
2014-12-08 23:24 - 2014-12-08 23:24 - 00296760 _____ () C:\Users\pc\Downloads\HP_downloader-Q3dV5KD1C.exe
2014-12-08 22:58 - 2014-12-08 22:58 - 03441528 _____ (Solvusoft Corporation ) C:\Users\pc\Downloads\HP_(Hewlett_Packard)_Webcam_2-Megapixel_Autofocus_Webcam_Driver_Update_12-2014 (1).exe
2014-12-08 22:57 - 2014-12-08 22:57 - 03441528 _____ (Solvusoft Corporation ) C:\Users\pc\Downloads\HP_(Hewlett_Packard)_Webcam_2-Megapixel_Autofocus_Webcam_Driver_Update_12-2014.exe
2014-12-08 22:25 - 2014-12-08 22:25 - 00003098 _____ () C:\Windows\System32\Tasks\{5187D758-7ED6-4B98-B20E-25869E68848B}
2014-12-08 22:24 - 2014-12-08 22:24 - 00325864 _____ (Hewlett-Packard Company ) C:\Users\pc\Downloads\sp35930.exe
2014-12-08 18:32 - 2014-12-09 00:50 - 00000000 ____D () C:\Windows\Minidump
2014-12-08 18:32 - 2014-12-08 18:32 - 00455176 _____ () C:\Windows\Minidump\120814-45614-01.dmp
2014-12-08 18:31 - 2014-12-09 00:50 - 461745604 _____ () C:\Windows\MEMORY.DMP
2014-12-08 17:34 - 2014-12-08 17:34 - 00000000 ____D () C:\Program Files (x86)\Hp
2014-12-08 17:32 - 2014-12-08 17:32 - 05152768 _____ () C:\Users\pc\Downloads\HPSupportSolutionsFramework-11.51.0027.msi
2014-12-08 17:13 - 2014-12-08 17:13 - 00002255 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-08 17:13 - 2014-12-08 17:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-08 17:12 - 2014-12-09 20:18 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-08 17:12 - 2014-12-09 20:09 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-08 17:12 - 2014-12-08 17:13 - 00000000 ____D () C:\Users\pc\AppData\Local\Google
2014-12-08 17:12 - 2014-12-08 17:12 - 00003886 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-08 17:12 - 2014-12-08 17:12 - 00003634 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-08 17:12 - 2014-12-08 17:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-08 17:11 - 2014-12-08 23:32 - 00109968 _____ () C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-08 17:11 - 2014-12-08 17:12 - 00000000 ____D () C:\Users\pc\AppData\Local\Deployment
2014-12-08 17:11 - 2014-12-08 17:11 - 00000000 ____D () C:\Users\pc\AppData\Local\Apps\2.0
2014-12-08 17:09 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-12-08 17:09 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-12-08 17:09 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-12-08 17:09 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-12-08 17:09 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-12-08 17:09 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-12-08 17:09 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-12-08 17:09 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-12-08 15:27 - 2014-12-08 15:27 - 00000000 ____D () C:\Users\pc\Desktop\Made In England
2014-12-08 15:18 - 2014-12-08 15:18 - 00000000 _____ () C:\Users\pc\AppData\Local\QSwitch.txt
2014-12-08 15:18 - 2014-12-08 15:18 - 00000000 _____ () C:\Users\pc\AppData\Local\DSwitch.txt
2014-12-08 15:18 - 2014-12-08 15:18 - 00000000 _____ () C:\Users\pc\AppData\Local\AtStart.txt
2014-12-08 15:14 - 2014-12-08 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2014-12-08 15:14 - 2014-12-08 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-08 15:13 - 2014-12-08 17:34 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-12-08 15:13 - 2014-12-08 15:13 - 00000000 ____D () C:\Program Files (x86)\Microsoft Synchronization Services
2014-12-08 15:13 - 2007-06-08 13:46 - 01560576 _____ (Hewlett-Packard Company) C:\Windows\SysWOW64\BttnCmns_64.dll
2014-12-08 15:13 - 2006-06-30 05:46 - 01560576 _____ (Hewlett-Packard Company) C:\Windows\SysWOW64\BttnCmns.dll
2014-12-08 15:13 - 2006-06-28 11:40 - 00012672 _____ (Hewlett-Packard Development Company, L.P.) C:\Windows\system32\Drivers\CPQBttn64.sys
2014-12-08 15:13 - 2005-10-31 14:30 - 00987136 _____ (Hewlett-Packard Company) C:\Windows\SysWOW64\BttnCmn.dll
2014-12-08 15:12 - 2014-12-08 15:12 - 00003126 _____ () C:\Windows\System32\Tasks\{0A7A31E0-FADE-4ADD-918E-24639F323D49}
2014-12-08 15:12 - 2014-12-08 15:12 - 00000000 ____D () C:\Windows\PCHEALTH
2014-12-08 15:12 - 2014-12-08 15:12 - 00000000 ____D () C:\Users\pc\AppData\Roaming\InstallShield
2014-12-08 15:12 - 2014-12-08 15:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Sync Framework
2014-12-08 15:12 - 2014-12-08 15:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2014-12-08 15:11 - 2014-12-08 15:11 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-12-08 15:10 - 2014-12-08 15:10 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-12-08 15:10 - 2014-12-08 15:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-12-08 15:10 - 2014-12-08 15:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services
2014-12-08 15:09 - 2014-12-08 15:16 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-08 15:09 - 2014-12-08 15:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-12-08 15:09 - 2014-12-08 15:09 - 00000000 ____D () C:\Users\pc\AppData\Local\Microsoft Help
2014-12-08 15:08 - 2014-12-08 15:08 - 00000000 __RHD () C:\MSOCache
2014-12-08 15:06 - 2014-12-08 15:26 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Lite
2014-12-08 15:06 - 2014-12-08 15:08 - 00000000 ____D () C:\Users\pc\AppData\Roaming\DAEMON Tools Lite
2014-12-08 15:06 - 2014-12-08 15:08 - 00000000 ____D () C:\ProgramData\DAEMON Tools Lite
2014-12-08 15:03 - 2014-12-08 15:14 - 00006634 _____ () C:\Windows\HPQLB.LOG
2014-12-08 15:02 - 2014-12-09 00:41 - 00000000 ____D () C:\swsetup
2014-12-08 15:02 - 2014-12-08 15:02 - 00006612 _____ () C:\Windows\DPINST.LOG
2014-12-08 15:02 - 2014-12-08 15:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01000.Wdf
2014-12-08 15:02 - 2014-12-08 15:02 - 00000000 ____D () C:\Program Files\Synaptics
2014-12-08 15:00 - 2014-12-09 00:47 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-08 15:00 - 2014-12-08 15:05 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-08 15:00 - 2014-12-08 15:00 - 00000020 ___SH () C:\Users\UpdatusUser\ntuser.ini
2014-12-08 15:00 - 2014-12-08 15:00 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-08 15:00 - 2009-07-13 20:54 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-08 15:00 - 2009-07-13 20:49 - 00000000 ___RD () C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-08 14:58 - 2014-12-08 14:59 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-12-08 14:58 - 2014-12-08 14:58 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-12-08 14:56 - 2010-08-20 18:32 - 19116136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 14513768 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 14092904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 12497896 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-08 14:56 - 2010-08-20 18:32 - 12477032 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 10267240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 09828456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 07004264 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 06117992 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 05109352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 04554856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 03089512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 02893928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 02761832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 02506856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 02039912 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 01627240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 00930272 _____ (Microsoft Corporation) C:\Windows\system32\dpinst.exe
2014-12-08 14:56 - 2010-08-20 18:32 - 00382056 _____ (NVIDIA Corporation) C:\Windows\system32\nvdecodemft.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 00314984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvdecodemft.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 00263272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod1925.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 00263272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcod.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 00065128 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2014-12-08 14:56 - 2010-08-20 18:32 - 00056936 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2014-12-08 14:55 - 2010-08-20 18:32 - 00011240 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvBridge.kmd
2014-12-08 14:55 - 2010-08-20 18:32 - 00010932 _____ () C:\Windows\system32\nvinfo.pb
2014-12-08 14:48 - 2014-12-09 03:40 - 00000000 ____D () C:\Users\pc\AppData\Local\VirtualStore
2014-12-08 14:48 - 2014-12-08 14:48 - 00001443 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-12-08 14:48 - 2014-12-08 14:48 - 00001409 _____ () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-12-08 14:47 - 2014-12-08 14:48 - 00000000 ____D () C:\Users\pc
2014-12-08 14:47 - 2014-12-08 14:47 - 00000020 ___SH () C:\Users\pc\ntuser.ini
2014-12-08 14:47 - 2014-12-08 14:47 - 00000000 __SHD () C:\Recovery
2014-12-08 14:47 - 2009-07-13 20:54 - 00000000 ___RD () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-08 14:47 - 2009-07-13 20:49 - 00000000 ___RD () C:\Users\pc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-12-08 14:24 - 2014-12-08 14:24 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-12-08 14:24 - 2014-12-08 14:24 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-12-08 14:22 - 2014-12-09 20:31 - 01471636 _____ () C:\Windows\WindowsUpdate.log
2014-12-08 14:22 - 2014-12-08 14:22 - 00001355 _____ () C:\Windows\TSSysprep.log
2014-12-08 14:21 - 2014-12-08 14:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-12-08 14:18 - 2014-12-08 14:47 - 00000000 ____D () C:\Windows\Panther

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-09 20:11 - 2009-07-13 20:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-09 20:11 - 2009-07-13 20:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-09 20:08 - 2009-07-13 21:13 - 00713888 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-09 20:04 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-09 20:04 - 2009-07-13 20:51 - 00027386 _____ () C:\Windows\setupact.log
2014-12-09 14:53 - 2009-07-13 20:45 - 00411720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-09 14:27 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-09 01:43 - 2010-11-20 19:47 - 00012018 _____ () C:\Windows\PFRO.log
2014-12-08 18:58 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\rescache
2014-12-08 18:30 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-12-08 17:09 - 2009-07-13 19:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-12-08 16:16 - 2009-07-13 21:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-12-08 15:13 - 2011-04-12 00:28 - 00000000 ____D () C:\Windows\ShellNew
2014-12-08 15:13 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-12-08 15:11 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-08 15:10 - 2009-07-13 18:34 - 00000478 _____ () C:\Windows\win.ini
2014-12-08 14:59 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Help
2014-12-08 14:57 - 2009-07-13 21:32 - 00000000 ____D () C:\Windows\system32\restore
2014-12-08 14:24 - 2009-07-13 21:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-08 14:24 - 2009-07-13 19:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-12-08 14:23 - 2009-07-13 20:46 - 00002790 _____ () C:\Windows\DtcInstall.log
2014-12-08 14:23 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-12-08 14:20 - 2011-04-12 00:28 - 00000000 ____D () C:\Windows\CSC
2014-12-08 14:18 - 2009-07-13 21:38 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-12-08 14:18 - 2009-07-13 21:32 - 00028672 _____ () C:\Windows\system32\config\BCD-Template

Some content of TEMP:
====================
C:\Users\pc\AppData\Local\Temp\BI_RunOnce.exe
C:\Users\pc\AppData\Local\Temp\Drivers.exe
C:\Users\pc\AppData\Local\Temp\ose00000.exe
C:\Users\pc\AppData\Local\Temp\w7lxe.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-08 18:50

==================== End Of Log ============================

 

ADDITION :

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2014
Ran by pc at 2014-12-09 20:32:46
Running from C:\Users\pc\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
BitTorrent (HKU\S-1-5-21-2513945851-19090857-1081133418-1000\...\BitTorrent) (Version: 7.9.2.36804 - BitTorrent Inc.)
CyberLink YouCam 6 (HKLM-x32\...\{A9CEDD6E-4792-493e-BB35-D86D2E188A5A}) (Version: 6.0.2728.0 - CyberLink Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
HP Drivers Update Utility (HKLM-x32\...\HP Drivers Update Utility_is1) (Version:  - DGTSoft Inc.)
HP Quick Launch Buttons 6.40 B2 (HKLM-x32\...\{34D2AB40-150D-475D-AE32-BD23FB5EE355}) (Version: 6.40 B2 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{44157EB3-D8D0-4BB1-B0F5-AD2C38814ED1}) (Version: 11.51.0027 - Hewlett-Packard Company)
Integrated Camera (HKLM-x32\...\{71A51CC2-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 34.0.5 - Mozilla)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5947 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\NVIDIA nView Desktop Manager) (Version: 6.14.10.13535 - NVIDIA Corporation)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 10.0.13.2 - Synaptics)
Virtual WebCam (HKLM-x32\...\{FE7AD27A-62B1-44F6-B69C-25D1ECA94F5D}) (Version: 1.0.0.64 - Camera Vendor)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

08-12-2014 22:57:35 Device Driver Package Install: NVIDIA Display adapters
08-12-2014 23:00:25 Installed NVIDIA Updatus
08-12-2014 23:06:58 Device Driver Package Install: DT Soft Ltd System devices
08-12-2014 23:08:39 Installed Microsoft Office Professional Plus 2010
08-12-2014 23:13:02 Installed HP Quick Launch Buttons
09-12-2014 01:08:40 Windows Update
09-12-2014 01:33:26 Installed HP Support Solutions Framework
09-12-2014 07:34:27 Installed Integrated Camera
09-12-2014 08:41:59 Installed Virtual WebCam
09-12-2014 22:16:22 Windows Update
09-12-2014 22:42:47 Windows Update
09-12-2014 23:01:20 Windows Update
10-12-2014 00:25:07 Windows Update
10-12-2014 04:11:07 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 18:34 - 2014-12-08 15:20 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {24C35401-AA6E-4FE9-862C-810136094305} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7B217952-D454-432E-9313-BE1961CB2C89} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-08] (Google Inc.)
Task: {9C7E937E-3271-4C1A-A5FB-27C900F71C24} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-08] (Google Inc.)
Task: {FEB7CEE0-551E-4543-A241-467C9A4EB6A4} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-12-09 00:42 - 2009-07-23 11:37 - 00077824 _____ () C:\Program Files (x86)\Camera Vendor\Virtual WebCam\DriverPackage\XYNTService.exe
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-12-08 14:58 - 2010-08-19 00:09 - 00615016 _____ () C:\Program Files\NVIDIA Corporation\nView\nvshell.dll
2014-12-09 00:00 - 2014-11-26 08:40 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-12-09 00:28 - 2014-12-09 00:28 - 16841392 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-2513945851-19090857-1081133418-500 - Administrator - Disabled)
Guest (S-1-5-21-2513945851-19090857-1081133418-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2513945851-19090857-1081133418-1003 - Limited - Enabled)
pc (S-1-5-21-2513945851-19090857-1081133418-1000 - Administrator - Enabled) => C:\Users\pc
UpdatusUser (S-1-5-21-2513945851-19090857-1081133418-1001 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============

Name: Fingerprint Sensor
Description: Fingerprint Sensor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2014 08:05:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 05:22:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 04:17:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 04:15:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description: The Cryptographic Services service failed to initialize the VSS backup "System Writer" object.


Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.
.

Error: (12/09/2014 04:09:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 04:05:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 03:55:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 02:54:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 02:35:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 02:30:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (12/09/2014 08:04:05 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 5:35:53 PM on ‎12/‎9/‎2014 was unexpected.

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2653956).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2973112).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2532531).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2786081).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2839894).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2977292).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Windows 7 for x64-based Systems (KB2957503).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft .NET Framework 3.5.1 on Windows 7 and Windows Server 2008 R2 SP1 for x64-based Systems (KB2861698).

Error: (12/09/2014 05:25:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Windows 7 for x64-based Systems (KB2868116).


Microsoft Office Sessions:
=========================
Error: (12/09/2014 08:05:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 05:22:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 04:17:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 04:15:44 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 512) (User: )
Description:
Details:
Could not query the status of the EventSystem service.

System Error:
A system shutdown is in progress.

Error: (12/09/2014 04:09:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 04:05:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 03:55:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 02:54:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 02:35:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2014 02:30:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: AMD Turion™ 64 X2 Mobile Technology TL-58
Percentage of memory in use: 54%
Total physical RAM: 3966.61 MB
Available physical RAM: 1803.69 MB
Total Pagefile: 7931.42 MB
Available Pagefile: 5619.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:148.95 GB) (Free:118.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 0005D816)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 

 

 



#4 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 10 December 2014 - 12:42 AM

Hi montabellrose,
 

however it likes to randomly shut off after i've been using it for a bit...

  • Is the computer hot to the touch when it shuts down?
  • Is there enough space around the computer for adequet ventalation?
=========================

bullseye_zpse9eaf36e.gif No Anti-Virus

AntiVirus Program
I noticed that you don't have an Antivirus program installed on your system. As a rule of thumb one should run one firewall, one antivirus program in memory, and one antispyware utility in memory. It's fine to have other security tools available on an as-needed or on-demand basis, but when multiple tools simultaneously perform the same function, you're asking for trouble.

I would recommend that you install one of these free Antivirus programs immediately. Just choose one:
Microsoft Security Essentials
Avast

=========================

bullseye_zpse9eaf36e.gif P2P - (Peer to Peer)

I see you have/had P2P software uTorrent/BitTorrent installed on your machine. We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections and possibly Identity Theft. It likely contributed to your current situation. This page will give you further information.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall this now.

Click Start > Control Panel > Programs and Features. Locate and select the following that are present on the list and click the Remove button:
  • uTorrent/BitTorrent
If you choose to not remove this programs please refrain from using it until we have finished cleaning your computer.

=========================

bullseye_zpse9eaf36e.gif Disk Defragmenter in Windows 7

Click on the Start button, and type in "disk defragmenter" in the search window at the bottom.
"Disk Defragmenter" should appear at the top of the search results, click to open.

(a window similar to the one below will open)

DefragMainScrn.png

Locate your primary hard drive (usually C:), and select it.

HardDriveFragmentation.png

Next select the Defragment Disk button. Monitor the progress if you choose.

DefragStatus.png

Close when the defrag process has been completed.

= = = = = = = = = =

You can also Schedule the Disk Defragmenter to run on a predetermined schedule.

From the main Disk Defragmenter window

DefragMainScrn.png

Select the Configure / Schedule button

Schedule.png

Select a date and time that best suits your needs.
Close when finished.

=========================

bullseye_zpse9eaf36e.gif Reboot & Test

Report back with any change in performance. Also, what decision did you make about the P2P software?
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#5 montabellrose

montabellrose

    Authentic Member

  • Authentic Member
  • PipPip
  • 59 posts

Posted 10 December 2014 - 02:24 AM

no the computer isn't overly hot at all...

 

as for ventilation, it's just sitting on a wooden table so i believe the airflow is adequate. 

 

i had the problems with it shutting off before i downloaded the p2p, however i removed it for now.

 

While i was defragmenting it turned off twice, but i finally made it all the way through...

 

it hasn'tturned off yet, but i've only been rebooted now for aprox 2 mins, so i guess time will tell..

 

im gonna try running all the windows updates again and see if they finish this time



#6 montabellrose

montabellrose

    Authentic Member

  • Authentic Member
  • PipPip
  • 59 posts

Posted 10 December 2014 - 06:12 AM

alrighty, so i managed to get through installing all the windows updates, i started doing stuff on the web again and yes it still randomly turns off...

 

I think it may only do it while im surfing the net....   i'm not 100% sure yet though



#7 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 10 December 2014 - 09:22 AM

Hi montabellrose,

bullseye_zpse9eaf36e.gif Chkdsk in Vista/7

You must run the command prompt as an administrator or in an "elevated mode".
  • Start menu, in the search bar type "cmd"
  • Right-click the cmd icon, select "run as administrator"
    • If you have user account control (UAC) set up it may prompt you to accept that action.
  • Then type in "chkdsk /f" (make note of the space between chkdsk and /)
=========================

bullseye_zpse9eaf36e.gif To view results log:
  • Open the Start Menu, and type eventvwr.msc in the search box and press enter.
  • If prompted by UAC, then click on Yes (Windows 7) or Continue (Vista).
  • In the left pane of Event Viewer, double click on Windows Logs to expand it, then right click on Application and click on Find.
  • Copy and paste Chkdsk into the line, and click on Find Next.
  • You will now see the system log for the scan results of Check Disk (chkdsk).
  • In the right had menu select copy, open notepad and paste the chkdsk results into notepad
  • Post in your next reply.
=========================

In your next post please provide the following:
  • chkdsk log

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#8 montabellrose

montabellrose

    Authentic Member

  • Authentic Member
  • PipPip
  • 59 posts

Posted 11 December 2014 - 08:51 AM

it says  the type of file system is NTSF

cannot lock current drive

 

chkdsk canno run because the current disk is inuse by another process

would you like to schedule this check to be done ont he next restart Y/N?

 

i hit Y

i restarted it...

 

next i did the next step and when i get to application and hit find "chkdsk" it says

 

searching fromt the selected event to the end of the list there is no event that contains the specified string to search all the events select the first event in the list and run the search again....


Edited by montabellrose, 11 December 2014 - 08:51 AM.


#9 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 11 December 2014 - 10:31 AM

Hi montabellrose,

Did the chkdsk scan run successfully?

Can you give me a bit more detail about the origin of the computer.
Does it have a COA (Certificate of Authenticity) sticker attached to the machine?
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#10 montabellrose

montabellrose

    Authentic Member

  • Authentic Member
  • PipPip
  • 59 posts

Posted 11 December 2014 - 12:44 PM

yup it ran successfully and yes it does have that sticker on it.   When i was looking for webcam drivers before it said that hp only supplied the drivers for windows Vista, so im guessing that the person before must have installed windows 7 themselves and this computer originally had Vista....  


    Advertisements

Register to Remove


#11 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 11 December 2014 - 09:10 PM

Hi montabellrose,

The reason for these questions is I'm not convinced your problem is malware related. It might just be a coincindence that the shut downs happen while you are browsing the Internet.

Please try and see if the reboots happens more based on how long the computer has been booted up, rather than what task you are doing when it restarts.

=========================

bullseye_zpse9eaf36e.gif download DevDiag, and save it to your Desktop:

    • Windows XP : Double click on the icon to run it.
    • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  • At the options screen, please type 2 and hit Enter.
  • The tool will take a few moments to scan. When finished, a report should pop-up, also available on your Desktop (DevDiag.txt).

=========================

In your next post please provide the following:

  • DevDiag.txt

OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#12 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 14 December 2014 - 10:20 PM

Hi montabellrose,

Just checking in to see if you still need help?
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#13 montabellrose

montabellrose

    Authentic Member

  • Authentic Member
  • PipPip
  • 59 posts

Posted 16 December 2014 - 08:09 PM

i think we're SOL .... it won't even start up now most of the time.... the screen just goes black, but sometimes it starts....   I also discovered that it only randomly turns off when its plugged into the ac adapter  .. im starting to wonder if its maybe not the right adapter for the computer....



#14 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 17 December 2014 - 12:09 AM

Hi montabellrose,

  • To enter System Recovery Options from the Advanced Boot Options Menu
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
  • On the System Recovery Options menu you will get the following options:
  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Startup Repair
  • Follow the onscreen instructions
  • Reboot into Normal Mode when done.

Report back with the status of the computer.


OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.


#15 OCD

OCD

    SuperHelper

  • Malware Team
  • 5,574 posts

Posted 20 December 2014 - 09:47 PM

Hi montabellrose,

Just checking in to see if you still need help?
OCD

Proud Graduate of WTT Classroom
Member of UNITE

Threads will be closed if no response after 5 days








If you are satisfied with the help you have received, please consider making a donation.

Related Topics




Also tagged with one or more of these keywords: hp, windows 7, webcam, laptop, monta

1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users