Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

need help with hijacker, popups and stuck in safe mode [Solved]


  • This topic is locked This topic is locked

#31
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by LEAH at 2014-08-19 12:41:18
Running from C:\Users\LEAH\Downloads
Boot Mode: Safe Mode (with Networking)
 
================== Search Files: "atapi.sys" =============
 
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.22414_none_3be7afc0514717fa\atapi.sys
[2009-07-13 18:19][2009-07-13 20:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]
 
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.18231_none_3b457059383c66e6\atapi.sys
[2009-07-13 18:19][2009-07-13 20:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]
 
C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys
[2009-07-13 18:19][2009-07-13 20:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]
 
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys
[2009-07-13 18:19][2009-07-13 20:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]
 
C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_amd64_neutral_552ea5111ec825a6\atapi.sys
[2009-07-13 18:19][2009-07-13 20:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]
 
C:\Windows\System32\drivers\atapi.sys
[2009-07-13 18:19][2009-07-13 20:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]
 
C:\Windows\erdnt\cache64\atapi.sys
[2014-08-18 18:01][2009-07-13 20:52] 0024128 ____A (Microsoft Corporation) 02062C0B390B7729EDC9E69C680A6F3C [File is signed]
 
====== End Of Search ======

  • 0

Advertisements


#32
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

Now I don't seem to be having issues with copy and past.... for right now..


  • 0

#33
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
MD5's are ok, what happens when you try to boot to normal mode ?

Download aswMBR.exe ( 4.5mb ) to your desktop.
Double click the aswMBR.exe to run it.
You may be offered the option of using virtualisation, accept that
When it offers to download the virus database allow that as well
Click the "Scan" button to start scan

AswMBR%20scan.JPG


On completion of the scan click save log, save it to your desktop and post in your next reply
  • 0

#34
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

haven't tryed today.. normally goes back to safe mode....


  • 0

#35
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-19 13:11:45
-----------------------------
13:11:45.329    OS Version: Windows x64 6.1.7601 Service Pack 1
13:11:45.329    Number of processors: 2 586 0x100
13:11:45.329    ComputerName: LEAH-HP  UserName: LEAH
13:11:46.503    Initialize success
13:11:46.601    VM: driver load error: 2
13:14:43.705    AVAST engine defs: 14081800
13:17:35.849    The log file has been saved successfully to "C:\Users\LEAH\Desktop\aswMBRLOG.txt"

  • 0

#36
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hmm AswMBR did not run, when the system starts could you press and hold F8, on the menu that appears select boot normally
  • 0

#37
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

do you want me to rerun it again and resend you the results and then reboot..


  • 0

#38
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
No go straight for a reboot first please
  • 0

#39
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

ok doing it now..


  • 0

#40
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

did that and press F8 went to normal mode and still went into safe mode..


  • 0

Advertisements


#41
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

OK could you run a fresh FRST scan as before please and attach both logs


  • 0

#42
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

when you say frst scan do you mean fabar recovery scan tool.... since i have ran so many i do get confused at times... the very first scan i ran....


  • 0

#43
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts
dditional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by LEAH at 2014-08-19 15:22:38
Running from C:\Users\LEAH\Downloads
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4500_G510gm_Help (x32 Version: 000.0.439.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
7-zip v9.20 (HKLM-x32\...\7-zip) (Version: v9.20 - TUGUU SL) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.60629.2348 - ATI Technologies Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{BCC01139-903A-6FC7-3358-85B0AE332601}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blio (HKLM-x32\...\{9368DDD5-CE7F-4BD7-A83A-F00FABE338EC}) (Version: 2.2.6699 - K-NFB Reading Technology, Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0630.16.41755 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0630.16.41755 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0630.16.41755 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help English (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help French (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help German (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0630.0015.41755 - ATI) Hidden
ccc-utility64 (Version: 2011.0630.16.41755 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Consumer Input Update Helper (x32 Version: 1.3.25.149 - Compete Inc.) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CrossReader (HKLM-x32\...\CrossReader) (Version: 1.29.153.0 - CrossReader)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
FamilySearch Indexing 3.17.7 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.7 - FamilySearch)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiDef Media Player 1.1.12 (HKLM-x32\...\HiDef Media Player) (Version: 1.1.12 - HiDefMedia)
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard Company)
HP MovieStore (x32 Version: 1.0.057 - Hewlett-Packard) Hidden
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden
Java 7 Update 10 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417010F0}) (Version: 7.0.100 - Oracle)
Java 7 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417011FF}) (Version: 7.0.110 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045F0}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.8.00.132 - Oracle, Inc.) Hidden
Java™ 6 Update 26 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216026FF}) (Version: 6.0.260 - Oracle)
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3925 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.3925 - CyberLink Corp.) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Downloader version 1.5 (HKLM-x32\...\Media Downloader_is1) (Version: 1.5 - Media Downloader)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Download Manager (HKLM-x32\...\{654977DB-0001-0002-0001-EABD228DDE8B}) (Version: 1.2.1 - Microsoft Corporation)
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office Live Meeting 2007 (HKLM-x32\...\{389F8A7A-8611-42E8-8169-20D2BAF0C595}) (Version: 8.0.6362.215 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Movie Mode (HKLM-x32\...\MovieMode) (Version: 2.7.22 - GenTechnologies Apps, LLC)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OpenOffice.org 3.4 (HKLM-x32\...\{51071D66-D034-4239-94E0-723FCA10B6FE}) (Version: 3.4.9590 - OpenOffice.org)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.103 - Panda Security)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 -  NewspaperDirect Inc.)
QuickShare (HKLM-x32\...\{063C68D3-B0B7-4FBC-AE78-A81906C11888}) (Version: 10.165.60.13189 - Linkury Inc.) <==== ATTENTION
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6378 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
RoxioNow Player (HKLM-x32\...\{0EDEB615-1A60-425E-8306-0E10519C7B55}) (Version: 1.9.5.103 - RoxioNow)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
videos MediaPlay-Air (HKLM-x32\...\videos MediaPlay-Air) (Version: 1.34.7.29 - enter) <==== ATTENTION
Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
weDownload Manager (HKLM-x32\...\weDownload Manager) (Version: 1.29.153.0 - weDownload) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Yahoo Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo Inc.)
Zinio Reader 4 (HKLM-x32\...\ZinioReader4) (Version: 4.2.4164 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.2.4164 - Zinio LLC) Hidden
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2014-08-18 17:58 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {6090FC54-A322-44F7-941A-D934DE287DD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {8CAB1C1C-7377-4E58-94B2-46D25950788F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {937738D7-E59D-483E-B103-FF1846150A31} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F888ADB-89C9-404A-950A-CF8DB5604191} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B0AAD1D6-306A-4F18-ACA5-9F6B2A498B52} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {CB93E69C-981F-43DD-AA8C-F051DE3D39C9} - System32\Tasks\{E49E27E2-E1B2-4853-AFB2-0DAE1C0E4197} => C:\Program Files\Microsoft Security Client\msseces.exe [2014-03-11] (Microsoft Corporation)
Task: {DDA0C6E3-72B8-4547-BE34-ECFD14BFEC51} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {E0D6E5FA-C24E-45E2-9B76-C07690C15221} - \Search Armor No Task File <==== ATTENTION
Task: {E7DD0770-5F91-4A90-981C-521697E713C6} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForLEAH.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-06-12 15:06 - 2014-06-05 08:58 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-12 15:11 - 2014-06-05 08:58 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-12 15:03 - 2014-06-05 08:58 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-08-15 13:21 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-08-15 13:21 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-07-11 23:15 - 2014-07-08 08:18 - 14663856 _____ () C:\Users\LEAH\AppData\Local\Google\Chrome\User Data\PepperFlash\14.0.0.145\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: DW7 => "C:\Program Files (x86)\The Weather Channel\The Weather Channel App\TWCApp.exe"
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
MSCONFIG\startupreg: iYogi Support Dock => "C:\Program Files (x86)\iYogi Support Dock\iYogiSupportDock.exe"
MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
 
==================== Faulty Device Manager Devices =============
 
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/18/2014 05:51:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance.  hr = 0x8007043c, This service cannot be started in Safe Mode
.
 
 
Operation:
   Instantiating VSS server
 
Error: (08/18/2014 05:51:02 PM) (Source: VSS) (EventID: 18) (User: )
Description: Volume Shadow Copy Service error: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name IVssCoordinatorEx2 cannot be started during Safe Mode.
The Volume Shadow Copy service cannot start while in safe mode. [0x8007043c, This service cannot be started in Safe Mode
]
 
 
Operation:
   Instantiating VSS server
 
Error: (08/16/2014 06:32:50 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/16/2014 06:32:50 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/16/2014 01:57:49 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/16/2014 01:53:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/16/2014 01:53:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/16/2014 01:53:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/16/2014 01:13:32 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (08/16/2014 01:13:17 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
 
System errors:
=============
Error: (08/19/2014 02:57:20 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.
 
New Signature Version: 
 
Previous Signature Version: 1.179.2990.0
 
Update Source: %NT AUTHORITY59
 
Update Stage: 4.5.0216.00
 
Source Path: 4.5.0216.01
 
Signature Type: %NT AUTHORITY602
 
Update Type: %NT AUTHORITY604
 
User: NT AUTHORITY\SYSTEM
 
Current Engine Version: %NT AUTHORITY605
 
Previous Engine Version: %NT AUTHORITY606
 
Error code: %NT AUTHORITY607
 
Error description: %NT AUTHORITY608
 
Error: (08/19/2014 02:57:20 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
Error: (08/19/2014 02:46:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (08/19/2014 02:46:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (08/19/2014 02:46:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (08/19/2014 02:46:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (08/19/2014 02:46:40 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
 
Error: (08/19/2014 02:46:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (08/19/2014 02:46:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (08/19/2014 02:46:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (08/18/2014 05:51:02 PM) (Source: VSS) (EventID: 8193) (User: )
Description: CoCreateInstance0x8007043c, This service cannot be started in Safe Mode
 
 
Operation:
   Instantiating VSS server
 
Error: (08/18/2014 05:51:02 PM) (Source: VSS) (EventID: 18) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}IVssCoordinatorEx20x8007043c, This service cannot be started in Safe Mode
 
 
Operation:
   Instantiating VSS server
 
Error: (08/16/2014 06:32:50 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (25).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (25).exe0
 
Error: (08/16/2014 06:32:50 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (26).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (26).exe0
 
Error: (08/16/2014 01:57:49 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (39).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (39).exe0
 
Error: (08/16/2014 01:53:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (46).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (46).exe0
 
Error: (08/16/2014 01:53:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (26).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (26).exe0
 
Error: (08/16/2014 01:53:19 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (25).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (25).exe0
 
Error: (08/16/2014 01:13:32 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (39).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (39).exe0
 
Error: (08/16/2014 01:13:17 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: C:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (25).exeC:\Users\LEAH\Downloads\iLividSetup-r1352-n-bc (25).exe0
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-18 17:56:28.663
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-08-18 17:56:28.594
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: AMD E2-3200 APU with Radeon™ HD Graphics
Percentage of memory in use: 29%
Total physical RAM: 3570.82 MB
Available physical RAM: 2532.66 MB
Total Pagefile: 7139.83 MB
Available Pagefile: 6127.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:919.68 GB) (Free:865.78 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:11.74 GB) (Free:1.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (My Book) (Fixed) (Total:232.83 GB) (Free:211.11 GB) FAT32
Drive h: () (Removable) (Total:6.94 GB) (Free:6.94 GB) FAT32
Drive i: (MISC) (Removable) (Total:1.87 GB) (Free:1.46 GB) FAT
Drive j: (RECOVER MEDIA ONLY ONCE) (Removable) (Total:29.82 GB) (Free:19.51 GB) NTFS
Drive k: (LEAH GENOLO) (Removable) (Total:3.72 GB) (Free:2.1 GB) FAT32
Drive l: (JIMS) (Removable) (Total:7.45 GB) (Free:7.38 GB) FAT32
Drive m: (BACKUP) (Removable) (Total:29.8 GB) (Free:11.47 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7482C7C6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 29.8 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 3 (Size: 29.8 GB) (Disk ID: 0806D320)
Partition 1: (Active) - (Size=29.8 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (Size: 3.7 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 5 (Size: 1.9 GB) (Disk ID: 0C6B0413)
Partition 1: (Not Active) - (Size=1.9 GB) - (Type=06)
 
========================================================
Disk: 6 (Size: 7.5 GB) (Disk ID: 00000000)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 7 (Size: 7.5 GB) (Disk ID: 7933CD6C)
Partition 1: (Active) - (Size=7 GB) - (Type=0B)
Partition 2: (Not Active) - (Size=510 MB) - (Type=82)
 
========================================================
Disk: 8 (Size: 232.9 GB) (Disk ID: 8F9C798A)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=0C)
 
==================== End Of Log ============================

  • 0

#44
leahcase

leahcase

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 229 posts

Did I sent the right scan.. As I was cking some of the results of the scans I saw the game that I was charge for... so my email and cking account was hack...


  • 0

#45
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

That is the additional, could you post the main one as well


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP