Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help!!! I have been trying to fix for over 2 months. Have lost everything


  • This topic is locked This topic is locked
4 replies to this topic

#1 casey757

casey757

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 29 March 2015 - 02:42 AM

I had to shut down my ISP, laptops cannot use and even Iphone was told by apple to turn off and contact authorities.  Nobody seems to want to help.  I have been cut off.  I have a new cell phone but it is already giving me problems and am using my hot spot right now.  Please please tell me what is going on.

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by CASEY J at 2:35:50 on 2015-03-29
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3986.2291 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\$SysReset\Framework\Stack\SystemResetOSUpdates.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe
C:\Windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\defrag.exe
C:\Windows\system32\dism.exe
C:\Windows\system32\aitagent.EXE
C:\Windows\Microsoft.NET\Framework\v4.0.30319\NGenTask.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\NGenTask.exe
C:\Windows\system32\svchost.exe -k defragsvc
C:\Windows\Microsoft.NET\Framework\v4.0.30319\ngen.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ngen.exe
C:\Program Files (x86)\Hewlett-Packard\HP Registration Service\HP GenOOBE\HPGenOOBE.exe
C:\Windows\explorer.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\system32\msdt.exe
C:\Windows\System32\sdiagnhost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.43.1
TCP: Interfaces\{10B66B75-0C3B-480A-B6E1-DAFA2F9CE6AF} : DHCPNameServer = 20.20.1.1 20.20.1.2
TCP: Interfaces\{7C77261A-B209-448F-84D0-BE95872F97CF} : DHCPNameServer = 192.168.43.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-28 650808]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-8-23 29600]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-6-7 14904]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-6-7 2451456]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-6-7 128896]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-6-7 165760]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-6-7 364416]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-6-7 690832]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-24 43832]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
S2 HPConnectedRemote;HP Connected Remote Service;"C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe" --> C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [?]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2013-6-7 269968]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-8-24 41272]
.
=============== Created Last 30 ================
.
2015-03-29 06:31:27 -------- d-----w- C:\Users\CASEY J\AppData\Local\Diagnostics
2015-03-29 06:18:01 11910896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A023DB82-2513-4CE1-9214-9AA49581FE47}\mpengine.dll
2015-03-29 06:16:43 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-03-29 06:16:32 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-03-21 17:22:50 -------- d-----w- C:\Users\CASEY J\AppData\Roaming\hpqlog
2015-03-21 16:52:47 -------- d-----w- C:\Users\CASEY J\AppData\Local\Hewlett-Packard
2015-03-21 16:52:05 -------- d-----w- C:\Users\CASEY J\AppData\Local\assembly
2015-03-21 16:51:50 -------- d-----r- C:\Users\CASEY J\Searches
2015-03-21 16:46:09 -------- d-----w- C:\Users\CASEY J\AppData\Roaming\Synaptics
2015-03-21 16:45:05 -------- d-----w- C:\Users\CASEY J\AppData\Local\VirtualStore
2015-03-21 12:35:52 -------- d-----w- C:\Windows.old
2015-03-21 12:10:29 -------- d--h--w- C:\$SysReset
2015-03-20 06:42:08 -------- d-----r- C:\Users\CASEY J\Pictures
2015-03-20 06:42:08 -------- d-----r- C:\Users\CASEY J\Documents
2015-03-17 23:08:40 269992 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-03-17 01:52:51 -------- d-----r- C:\Users\CASEY J\Saved Games
2015-03-16 05:12:41 -------- d-----w- C:\SUPERDelete
2015-03-15 08:02:42 -------- d-----r- C:\Users\CASEY J\Contacts
2015-03-15 08:00:45 -------- d-----w- C:\Users\CASEY J\AppData\Local\Packages
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Videos
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Music
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Links
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Downloads
.
==================== Find3M  ====================
.
.
============= FINISH:  2:37:14.62 ===============
 

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by CASEY J (administrator) on KCHP on 29-03-2015 03:18:35
Running from C:\Users\CASEY J\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\O36S27WW
Loaded Profiles: CASEY J (Available profiles: CASEY J & Administrator)
Platform: Windows 8 (X64) OS Language: English (United States)
Internet Explorer Version 10 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Microsoft Corporation) C:\$SysReset\Framework\Stack\SystemResetOSUpdates.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16384_none_622908ad510eb05b\TiWorker.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheck.exe
() C:\Users\CASEY J\AppData\Local\Temp\Temp2_gmer.zip\gmer.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-08-20] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-24] (Synaptics Incorporated)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [93296 2012-07-13] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [581024 2012-09-07] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HP CoolSense] => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1342008 2012-09-14] (Hewlett-Packard Development Company, L.P.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKU\S-1-5-21-333516934-2175752476-557753935-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/
HKU\S-1-5-21-333516934-2175752476-557753935-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-154371-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-333516934-2175752476-557753935-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL =
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2012-07-09] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1

FireFox:
========
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation)

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-06-07] (Microsoft Corporation)
S2 HPConnectedRemote; "C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [269968 2012-07-03] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.)
U3 pxloqpoc; \??\C:\Users\CASEYJ~1\AppData\Local\Temp\pxloqpoc.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 03:18 - 2015-03-29 03:18 - 00000000 ____D () C:\FRST
2015-03-29 03:15 - 2015-03-29 03:15 - 00003451 _____ () C:\Users\CASEY J\Desktop\ark.txt
2015-03-29 02:38 - 2015-03-29 02:39 - 00370943 _____ () C:\Users\CASEY J\Desktop\gmer.zip
2015-03-29 02:37 - 2015-03-29 02:37 - 00010299 _____ () C:\Users\CASEY J\Desktop\dds.txt
2015-03-29 02:37 - 2015-03-29 02:37 - 00002697 _____ () C:\Users\CASEY J\Desktop\attach.txt
2015-03-29 02:15 - 2015-03-29 02:15 - 00000000 ____D () C:\Users\CASEY J\AppData\Roaming\Macromedia
2015-03-29 02:14 - 2015-03-29 03:12 - 00418402 _____ () C:\Windows\WindowsUpdate.log
2015-03-21 13:22 - 2015-03-21 13:22 - 00000000 ____D () C:\Users\CASEY J\AppData\Roaming\hpqlog
2015-03-21 13:05 - 2015-03-21 13:05 - 00004020 _____ () C:\Windows\System32\Tasks\HPGenoobeReminder
2015-03-21 12:53 - 2015-03-21 12:53 - 00000000 ____D () C:\Users\CASEY J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 12:52 - 2015-03-29 02:57 - 00000000 ____D () C:\Users\CASEY J\AppData\Roaming\Hewlett-Packard
2015-03-21 12:52 - 2015-03-21 13:22 - 00000000 ____D () C:\Users\CASEY J\AppData\Local\Hewlett-Packard
2015-03-21 12:52 - 2015-03-21 12:52 - 00000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2015-03-21 12:52 - 2015-03-21 12:52 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-21 12:51 - 2015-03-29 03:12 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{6D58A408-A0E0-4B9F-BCDC-FAAF4993E134}
2015-03-21 12:49 - 2015-03-21 12:49 - 00001430 _____ () C:\Users\CASEY J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-21 12:49 - 2015-03-21 12:49 - 00000000 ____D () C:\Users\CASEY J\AppData\Roaming\Adobe
2015-03-21 12:48 - 2015-03-21 12:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2015-03-21 12:46 - 2015-03-21 12:46 - 00000000 ____D () C:\Users\CASEY J\AppData\Roaming\Synaptics
2015-03-21 12:45 - 2015-03-21 12:45 - 00000000 ____D () C:\Users\CASEY J\AppData\Local\VirtualStore
2015-03-21 12:44 - 2015-03-21 12:44 - 00000020 ___SH () C:\Users\CASEY J\ntuser.ini
2015-03-21 12:37 - 2015-03-21 12:37 - 00000895 _____ () C:\Users\Administrator\AppData\Local\Application.xml
2015-03-21 12:36 - 2015-03-21 12:51 - 00000000 ____D () C:\Users\CASEY J
2015-03-21 12:36 - 2015-03-21 12:37 - 00017148 _____ () C:\Windows\diagwrn.xml
2015-03-21 12:36 - 2015-03-21 12:37 - 00017148 _____ () C:\Windows\diagerr.xml
2015-03-21 12:36 - 2013-06-07 01:25 - 00002092 _____ () C:\Users\CASEY J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SkyDrive.lnk
2015-03-21 12:36 - 2013-06-07 01:24 - 00000000 ___RD () C:\Users\CASEY J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-03-21 12:36 - 2013-06-07 01:13 - 00000000 ___HD () C:\Users\CASEY J\Documents\hp.system.package.metadata
2015-03-21 12:36 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\CASEY J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-03-21 12:36 - 2012-07-26 04:13 - 00000000 ___RD () C:\Users\CASEY J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-03-21 12:36 - 2012-07-26 04:13 - 00000000 ____D () C:\Users\CASEY J\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-03-21 08:35 - 2015-03-21 08:35 - 00262144 _____ () C:\Windows\system32\config\userdiff
2015-03-21 08:35 - 2015-03-21 08:35 - 00000000 ____D () C:\Windows.old
2015-03-21 08:10 - 2015-03-21 08:11 - 00000000 ___HD () C:\$SysReset
2015-03-21 04:39 - 2015-03-21 04:39 - 00002302 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-333516934-2175752476-557753935-500
2015-03-21 03:45 - 2015-03-21 03:45 - 00000874 _____ () C:\Users\CASEY J\Desktop\shell32.dll - Shortcut.lnk
2015-03-19 01:52 - 2015-03-19 01:52 - 03688000 _____ (Zemana Ltd. ) C:\Users\CASEY J\Downloads\AntiLoggerFree_Setup.exe
2015-03-18 00:28 - 2015-03-29 02:17 - 00000389 _____ () C:\DelFix.txt
2015-03-16 22:18 - 2015-03-16 22:18 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\CASEY J\Desktop\mbam-setup-2.0.4.1028.exe
2015-03-16 01:12 - 2015-03-21 03:51 - 00000000 ____D () C:\SUPERDelete
2015-03-15 04:37 - 2015-03-15 04:37 - 00000000 _____ () C:\Recovery.txt
2015-03-15 04:00 - 2015-03-21 12:56 - 00000000 ____D () C:\Users\CASEY J\AppData\Local\Packages
2015-03-15 03:55 - 2015-03-15 03:55 - 00000535 _____ () C:\CTOERROR.flg

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-29 03:19 - 2012-07-26 03:59 - 00000000 ____D () C:\Windows\CbsTemp
2015-03-29 03:09 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\NDF
2015-03-29 03:00 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\sru
2015-03-29 02:55 - 2012-07-26 03:28 - 00942930 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-03-29 02:49 - 2012-07-26 03:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-03-29 02:12 - 2012-08-03 18:23 - 00506480 _____ () C:\Windows\PFRO.log
2015-03-21 13:27 - 2013-06-07 01:13 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2015-03-21 13:16 - 2013-06-07 02:41 - 00000000 ____D () C:\ProgramData\Norton
2015-03-21 13:16 - 2013-06-07 01:04 - 00291288 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-21 13:15 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-03-21 13:14 - 2012-07-26 04:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2015-03-21 13:14 - 2012-07-26 01:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-03-21 13:06 - 2013-06-07 02:03 - 00000000 ____D () C:\Program Files (x86)\HP Games
2015-03-21 13:05 - 2013-06-07 02:03 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-03-21 13:05 - 2013-06-07 02:03 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-03-21 13:04 - 2013-06-07 02:03 - 00000000 ____D () C:\ProgramData\WildTangent
2015-03-21 12:58 - 2013-06-07 01:25 - 00000000 ____D () C:\Program Files (x86)\Microsoft SkyDrive
2015-03-21 12:56 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\restore
2015-03-21 12:56 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2015-03-21 12:48 - 2013-06-07 02:23 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2015-03-21 12:48 - 2013-06-07 02:18 - 00000000 ___RD () C:\Program Files\Online Services
2015-03-21 12:48 - 2013-06-07 02:16 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2015-03-21 12:48 - 2013-06-07 01:31 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2015-03-21 12:48 - 2013-06-07 01:28 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2015-03-21 12:48 - 2013-06-07 01:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2015-03-21 12:47 - 2012-08-03 20:02 - 00000000 ___HD () C:\SYSTEM.SAV
2015-03-21 12:38 - 2013-06-07 01:29 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-03-21 12:38 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\rescache
2015-03-21 12:37 - 2012-08-03 19:21 - 00000000 ____D () C:\Windows\Panther
2015-03-21 12:37 - 2012-07-26 04:12 - 00000000 __RHD () C:\Users\Public\Libraries
2015-03-21 12:37 - 2012-07-26 04:12 - 00000000 ____D () C:\Windows\system32\Recovery
2015-03-21 12:37 - 2012-07-26 03:21 - 00030309 _____ () C:\Windows\setupact.log
2015-03-21 08:35 - 2012-07-26 04:13 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2015-03-21 04:39 - 2012-08-03 18:40 - 00010171 _____ () C:\Windows\iis.log
2015-03-21 04:39 - 2012-07-26 04:13 - 00004552 _____ () C:\Windows\DtcInstall.log

==================== Files in the root of some directories =======

2015-03-21 12:52 - 2015-03-21 12:52 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-29 02:23

==================== End Of Log ============================

Attached Files



BC AdBot (Login to Remove)

 


#2 casey757

casey757
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 29 March 2015 - 02:52 AM

# AdwCleaner v4.113 - Logfile created 29/03/2015 at 03:43:36
# Updated 22/03/2015 by Xplode
# Database : 2015-03-28.1 [Server]
# Operating system : Windows 8  (x64)
# Username : CASEY J - KCHP
# Running from : C:\Users\CASEY J\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Web browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

*************************

AdwCleaner[R0].txt - [679 bytes] - [29/03/2015 03:28:15]
AdwCleaner[S0].txt - [607 bytes] - [29/03/2015 03:43:36]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [665  bytes] ##########



#3 casey757

casey757
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:53 AM

Posted 29 March 2015 - 03:03 AM

Sorry I didn't have windows defender disabled the first time

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by CASEY J at 3:56:57 on 2015-03-29
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.3986.2431 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\Hpservice.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhostex.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Windows\system32\SearchIndexer.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\dashost.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
TCP: NameServer = 192.168.43.1
TCP: Interfaces\{10B66B75-0C3B-480A-B6E1-DAFA2F9CE6AF} : DHCPNameServer = 20.20.1.1 20.20.1.2
TCP: Interfaces\{7C77261A-B209-448F-84D0-BE95872F97CF} : DHCPNameServer = 192.168.43.1
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-9-28 650808]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2012-9-27 86528]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2012-8-23 29600]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-6-7 14904]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-6-7 2451456]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2013-6-7 128896]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2013-6-7 165760]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2013-6-7 364416]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-6-19 342528]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2013-6-7 690832]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-24 43832]
R3 WirelessButtonDriver;HP Wireless Button Driver Service;C:\Windows\System32\Drivers\WirelessButtonDriver64.sys [2012-8-31 20800]
S2 HPConnectedRemote;HP Connected Remote Service;"C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe" --> C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [?]
S3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\Windows\System32\Drivers\RtsP2Stor.sys [2013-6-7 269968]
S3 SmbDrv;SmbDrv;C:\Windows\System32\Drivers\Smb_driver_AMDASF.sys [2012-8-24 41272]
.
=============== Created Last 30 ================
.
2015-03-29 07:28:07 -------- d-----w- C:\AdwCleaner
2015-03-29 07:18:19 -------- d-----w- C:\FRST
2015-03-29 07:09:49 -------- d-----w- C:\Users\CASEY J\AppData\Local\ElevatedDiagnostics
2015-03-29 06:31:27 -------- d-----w- C:\Users\CASEY J\AppData\Local\Diagnostics
2015-03-29 06:18:01 11910896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A023DB82-2513-4CE1-9214-9AA49581FE47}\mpengine.dll
2015-03-29 06:16:43 50784 ----a-w- C:\ProgramData\Microsoft\windowsfiltering\Sqm\Manifest\Sqm3.bin
2015-03-29 06:16:32 17536 ----a-w- C:\ProgramData\Microsoft\windowssampling\Sqm\Manifest\Sqm3.bin
2015-03-21 17:22:50 -------- d-----w- C:\Users\CASEY J\AppData\Roaming\hpqlog
2015-03-21 16:52:47 -------- d-----w- C:\Users\CASEY J\AppData\Local\Hewlett-Packard
2015-03-21 16:52:05 -------- d-----w- C:\Users\CASEY J\AppData\Local\assembly
2015-03-21 16:51:50 -------- d-----r- C:\Users\CASEY J\Searches
2015-03-21 16:46:09 -------- d-----w- C:\Users\CASEY J\AppData\Roaming\Synaptics
2015-03-21 16:45:05 -------- d-----w- C:\Users\CASEY J\AppData\Local\VirtualStore
2015-03-21 12:35:52 -------- d-----w- C:\Windows.old
2015-03-21 12:10:29 -------- d--h--w- C:\$SysReset
2015-03-20 06:42:08 -------- d-----r- C:\Users\CASEY J\Pictures
2015-03-20 06:42:08 -------- d-----r- C:\Users\CASEY J\Documents
2015-03-17 23:08:40 269992 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10248.bin
2015-03-17 01:52:51 -------- d-----r- C:\Users\CASEY J\Saved Games
2015-03-16 05:12:41 -------- d-----w- C:\SUPERDelete
2015-03-15 08:02:42 -------- d-----r- C:\Users\CASEY J\Contacts
2015-03-15 08:00:45 -------- d-----w- C:\Users\CASEY J\AppData\Local\Packages
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Videos
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Music
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Links
2015-03-15 07:59:58 -------- d-----r- C:\Users\CASEY J\Downloads
.
==================== Find3M  ====================
.
.
============= FINISH:  3:57:52.99 ===============
 



#4 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,414 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:53 AM

Posted 29 March 2015 - 03:35 PM

Since you are currently being helped at http://www.techsupportforum.com/forums/f50/reposting-logs-st-logs-i-dont-think-i-ran-scan-properly-968961.html I am going to close this Topic. It is inefficient and counterproductive to be helped by more that one malware helper.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 36,414 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:01:53 AM

Posted 29 March 2015 - 03:35 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users