Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Neighbor's laptop running very slow [Solved]

Started by Wolfie , Mar 02 2022 04:35 PM

  • This topic is locked This topic is locked

#16
DR M
Posted 09 April 2022 - 07:01 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Hi, Wolfie.
 
Let's take things one by one.

 
1. FRST link
 
I tested the FRST link here in the forum with no problem. After you download it, you must wait for the tool to get updated and then use it. That's why internet connection is important. Can you tell me which link do you use? 
 
 

2. AdwCleaner
 
In your previous post, the AdwCleaner's logs don't show any bad items detected. Then you said that you cleaned 2 items. Can you please find the last AdwCleaner's log and attach it for me to check? 

  • Click the Log Files tab.
  • Double click on the latest Clean log (Clean logs have a [C0*] suffix, where * is replaced by a number. The latest scan will have the largest number)
  • A Notepad file will open containing the results of the scan.
  • Please post the contents of the file in your next reply.

 
3. Upgrade Windows

 

You can't upgrade to Windows 10 from Windows 8 directly. Don't forget that Windows 8 stopped having support since January 2016. You must have the 8.1. upgrade and from there, you can go to 10.

 

 

4. RAM

 

Although the result shows that you can have up to 16GB RAM, I wouldn't go for it. 8GB RAM is more than enough for your neighbour's computer. And the price would be the half. You can also keep the 2GB stick and make the RAM 10GB. 

 

 

5. Windows Defender scan

 

Scans are automatically performed and if something is detected, Defender will alert you. There was nothing bad, that's why you see nothing in the History. If you want to perform a manual scan, see here how: How to Use Windows Defender in Windows 8 & Windows 8.1 | Digital Citizen

 

 

 

Is there any other issue/question/concern regarding this computer? 


  • 0

Advertisements

#17
Wolfie
Posted 09 April 2022 - 05:42 PM

Wolfie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

1. FRST - I was talking about the link you provided to bleeping computer. Also when I run it, it says that it failed to update for some reason.

 

2. It was the two Toshiba apps that you suggested get removed.

 

3. The laptop has been prompting me to upgrade to Windows 10, but since it's not my call I've been putting it off.

 

4. I've suggested memory to her, and if she decides to get some I've been thinking 4GB so she'd have 6GB total.

 

5. Ah.  Well, nothing showed up in the scans so I guess is all good.


  • 0

#18
DR M
Posted 10 April 2022 - 02:16 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

 

1. FRST - I was talking about the link you provided to bleeping computer. Also when I run it, it says that it failed to update for some reason.

 

It seems that a slash (/) was missing from the link I gave you, so the page couldn't open. I'm sorry about that. I corrected it. But it has to be updated. What you say is very strange. 

 

 

4. I've suggested memory to her, and if she decides to get some I've been thinking 4GB so she'd have 6GB total.

 

Sure. 6GB is much better than 2GB. However, if you do proceed to upgrade to Windows 10, with the 8GB the computer will be running much better. 

 

 

2. It was the two Toshiba apps that you suggested get removed.

 

Since you removed those programs, you may want to uninstall these from Programs and Features:

 

TOSHIBA eco Utility 
TOSHIBA System Driver 
 
==========================================
 
Let me know what are planning to do now. In case you will add the RAM and upgrade, I will leave the topic open and wait until I have news from you. In case you won't do anything else, I'll give you the final instructions, for the tools we used removal and the creation of a new restore point.

  • 0

#19
Wolfie
Posted 10 April 2022 - 03:36 PM

Wolfie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

1. FRST - I was talking about the link you provided to bleeping computer. Also when I run it, it says that it failed to update for some reason.

 
It seems that a slash (/) was missing from the link I gave you, so the page couldn't open. I'm sorry about that. I corrected it. But it has to be updated. What you say is very strange.

It had worked previously, so something change on the website and wasn't your fault by any means.

Here's something of concern and curiosity. I downloaded the "most recent" FRST64.exe file from here, which was showing today's date on it (April 10th, 2022), but when running it, I'm told it's almost a year old. The date on it (in the FRST window) is showing May of 2021. I downloaded it again and compared the newer download with the other one and both files are the same (ie, I didn't mistake one file for another). I downloaded it from bleeping and that one has today's date on it when running.


4. I've suggested memory to her, and if she decides to get some I've been thinking 4GB so she'd have 6GB total.

 
Sure. 6GB is much better than 2GB. However, if you do proceed to upgrade to Windows 10, with the 8GB the computer will be running much better.

I'll be sure to let her know.


2. It was the two Toshiba apps that you suggested get removed.

 
Since you removed those programs, you may want to uninstall these from Programs and Features:
 
TOSHIBA eco Utility 
TOSHIBA System Driver

Okay, got them uninstalled.


Let me know what are planning to do now. In case you will add the RAM and upgrade, I will leave the topic open and wait until I have news from you. In case you won't do anything else, I'll give you the final instructions, for the tools we used removal and the creation of a new restore point.

Once we're done, I'm going to return the laptop to her and let her know about the RAM and upgrading to 10 options.


Here are latest logs if you want to analyze them. FRST, Addition, AdwCleaner, and MBAM.



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-04-2022 02
Ran by Michelle (administrator) on MINE (TOSHIBA Satellite C855D) (10-04-2022 16:55:30)
Running from C:\Users\Michelle\Documents
Loaded Profiles: Michelle
Platform: Microsoft Windows 8 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(atiesrxx.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(explorer.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msra.exe
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.122\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <5>
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(services.exe ->) (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe (No File)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.75\Installer\chrmstp.exe [2022-04-04] (Google LLC -> Google LLC)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {4116063D-89A2-4BC7-9E8A-518ED6379533} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-16] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage => {5F074BDF-4BA3-4E68-AE86-2A6B0B5963B0} C:\WINDOWS\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {692A017E-FFCB-4B50-8C35-612C0B3068F9} - System32\Tasks\GoogleUpdateTaskMachineUA{2110CD26-E00F-4E8A-B759-D7DAC3E8E389} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-18] (Google LLC -> Google LLC)
Task: {97013C2E-DD2C-4A33-BDD6-8394F3425D4C} - System32\Tasks\GoogleUpdateTaskMachineCore{AB007181-87B4-4265-A36C-C2F24D4432C1} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2022-02-18] (Google LLC -> Google LLC)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask => {0AC1DBCA-7F9F-47FC-A090-34E5FEB291E8} C:\WINDOWS\system32\wlroamextension.dll [543232 2013-02-02] (Microsoft Windows -> Microsoft Corporation)
Task: {AA9BC3E2-3924-4D30-A0D7-C4274AB654F4} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask => {59B9640B-3F70-4D1C-B159-F26EEB8A4C87} C:\WINDOWS\system32\SettingSyncInfo.dll [128512 2015-08-04] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{065C6981-2C5E-4AD4-AA72-907768FCFCF3}: [NameServer] 192.168.0.1

FireFox:
========
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR Profile: C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default [2022-04-10]
CHR Extension: (YouTube) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2022-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-08]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Michelle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2022-02-18]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [8348856 2022-04-02] (Malwarebytes Inc -> Malwarebytes)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [509904 2022-02-18] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 EraserUtilDrv11913; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11913.sys [145376 2022-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145376 2022-03-02] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom)
R3 FwLnk; C:\WINDOWS\System32\drivers\FwLnk.sys [9216 2012-07-10] (Microsoft Windows Hardware Compatibility Publisher -> TOSHIBA Corporation)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [223688 2022-04-02] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2022-04-02] (Malwarebytes Inc -> Malwarebytes)
R3 MpKsl0fd5f570; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4EA49072-E9BF-4F59-906E-3ABAA1E05052}\MpKslDrv.sys [50448 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (TOSHIBA CORPORATION -> Windows ® Win 7 DDK provider)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-10 16:53 - 2022-04-10 16:54 - 002365440 _____ (Farbar) C:\Users\Michelle\Documents\FRST64.exe
2022-04-08 18:36 - 2022-04-08 18:36 - 000279560 _____ C:\Users\Michelle\Downloads\CrucialScan (1).exe
2022-04-08 18:35 - 2022-04-08 18:35 - 000279560 _____ C:\Users\Michelle\Downloads\CrucialScan.exe
2022-04-08 18:26 - 2022-04-08 18:26 - 000001139 _____ C:\Users\Michelle\Documents\2SZZLNYGTBFV.msrcIncident
2022-04-08 18:22 - 2022-04-08 18:23 - 000279800 _____ C:\WINDOWS\Minidump\040822-33618-01.dmp
2022-04-02 01:31 - 2022-04-02 01:31 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2022-04-02 01:31 - 2022-04-02 01:31 - 000223688 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2022-03-23 16:40 - 2022-03-23 16:40 - 000001204 _____ C:\Users\Michelle\Documents\mbam-2022-03-23.txt
2022-03-23 16:19 - 2022-03-23 16:19 - 000005067 _____ C:\Users\Michelle\Documents\AdwCleaner[S01].txt
2022-03-23 16:19 - 2022-03-23 16:19 - 000002137 _____ C:\Users\Michelle\Documents\AdwCleaner[S02].txt
2022-03-19 19:21 - 2022-03-19 19:22 - 000281624 _____ C:\WINDOWS\system32\FNTCACHE.DAT

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2022-04-10 16:56 - 2022-03-05 14:10 - 000008932 _____ C:\Users\Michelle\Documents\FRST.txt
2022-04-10 16:56 - 2022-03-02 16:41 - 000000000 ____D C:\FRST
2022-04-10 16:50 - 2022-02-18 09:44 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-10 16:47 - 2012-09-07 00:52 - 000000000 ____D C:\Program Files (x86)\Toshiba
2022-04-10 16:45 - 2012-09-07 00:49 - 000000000 ____D C:\Program Files\Toshiba
2022-04-10 16:37 - 2022-02-18 09:29 - 000003598 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1354572454-1105605337-2006680600-1001
2022-04-10 16:30 - 2022-02-18 09:18 - 000000000 ____D C:\Users\Michelle\AppData\Local\Packages
2022-04-10 16:30 - 2012-07-26 04:12 - 000000000 ____D C:\WINDOWS\AUInstallAgent
2022-04-09 00:22 - 2022-03-05 14:40 - 000033380 _____ C:\Users\Michelle\Documents\Addition.txt
2022-04-08 18:40 - 2022-02-18 09:46 - 000000000 ____D C:\Program Files\Google
2022-04-08 18:27 - 2012-07-26 03:28 - 000848230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-08 18:27 - 2012-07-26 01:37 - 000000000 ____D C:\WINDOWS\Inf
2022-04-08 18:26 - 2022-03-06 06:49 - 000000000 ____D C:\Users\Michelle\Documents\Remote Assistance Logs
2022-04-08 18:23 - 2012-07-26 03:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-08 18:22 - 2022-03-02 15:41 - 277107699 _____ C:\WINDOWS\MEMORY.DMP
2022-04-08 18:22 - 2022-03-02 15:41 - 000000000 ____D C:\WINDOWS\Minidump
2022-04-08 17:51 - 2012-09-07 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba
2022-04-04 17:52 - 2022-02-18 09:46 - 000002181 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-04 17:52 - 2022-02-18 09:46 - 000002140 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-03-21 00:32 - 2022-03-08 07:02 - 000000000 ____D C:\Users\Michelle\AppData\Local\CrashDumps
2022-03-19 19:21 - 2012-09-07 00:49 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2022-03-19 19:21 - 2012-07-26 01:26 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2022-03-19 19:00 - 2022-03-06 06:51 - 000000000 ____D C:\AdwCleaner
2022-03-19 17:17 - 2012-09-07 00:48 - 000000000 ____D C:\ProgramData\Adobe
2022-03-19 16:49 - 2012-10-27 09:20 - 000000000 ____D C:\WINDOWS\system32\Tasks\TOSHIBA
2022-03-19 16:22 - 2012-09-07 00:55 - 000000000 ____D C:\ProgramData\Toshiba
2022-03-19 16:20 - 2012-09-07 00:56 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2022-03-19 16:19 - 2012-09-07 00:56 - 000000000 ____D C:\ProgramData\WildTangent
2022-03-11 08:26 - 2012-07-26 04:12 - 000000000 ____D C:\WINDOWS\rescache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)



ATTENTION: ==> Could not access BCD. -> 0x0D0A57696E646F777320426F6F74204D616E616765720D0A2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D0D0A6964656E74696669657220202020202020202020202020207B626F6F746D67727D0D0A646576696365202020202020202020202020202020202020706172746974696F6E3D5C4465766963655C486172646469736B566F6C756D65320D0A7061746820202020202020202020202020202020202020205C4546495C4D6963726F736F66745C426F6F745C626F6F746D6766772E6566690D0A6465736372697074696F6E2020202020202020202020202057696E646F777320426F6F74204D616E616765720D0A6C6F63616C65202020202020202020202020202020202020656E2D55530D0A696E686572697420202020202020202020202020202020207B676C6F62616C73657474696E67737D0D0A696E74656772697479736572766963657320202020202020456E61626C650D0A64656661756C7420202020202020202020202020202020207B63757272656E747D0D0A726573756D656F626A6563742020202020202020202020207B38366161366465312D363934342D313165342D386162322D6536313730396133333236307D0D0A646973706C61796F726465722020202020202020202020207B63757272656E747D0D0A746F6F6C73646973706C61796F72646572202020202020207B6D656D646961677D0D0A74696D656F7574202020202020202020202020202020202033300D0A0D0A57696E646F777320426F6F74204C6F616465720D0A2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D2D0D0A6964656E74696669657220202020202020202020202020207B63757272656E747D0D0A646576696365202020202020202020202020202020202020706172746974696F6E3D433A0D0A7061746820202020202020202020202020202020202020205C57494E444F57535C73797374656D33325C77696E6C6F61642E6566690D0A6465736372697074696F6E2020202020202020202020202057696E646F777320380D0A6C6F63616C65202020202020202020202020202020202020656E2D55530D0A696E686572697420202020202020202020202020202020207B626F6F746C6F6164657273657474696E67737D0D0A7265636F7665727973657175656E636520202020202020207B33313832616663302D346564312D313165322D626536652D3030386366613234366638657D0D0A696E74656772697479736572766963657320202020202020456E61626C650D0A7265636F76657279656E61626C65642020202020202020205965730D0A69736F6C61746564636F6E746578742020202020202020205965730D0A616C6C6F776564696E6D656D6F727973657474696E677320307831353030303037350D0A6F7364657669636520202020202020202020202020202020706172746974696F6E3D433A0D0A73797374656D726F6F7420202020202020202020202020205C57494E444F57530D0A726573756D656F626A6563742020202020202020202020207B38366161366465312D363934342D313165342D386162322D6536313730396133333236307D0D0A6E78202020202020202020202020202020202020202020204F7074496E0D0A626F6F746D656E75706F6C696379202020202020202020205374616E646172640D0A64657465637468616C2020202020202020202020202020205965730D0A

LastRegBack: 2022-04-02 03:01
==================== End of FRST.txt ========================



Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-04-2022 02
Ran by Michelle (10-04-2022 16:58:32)
Running from C:\Users\Michelle\Documents
Microsoft Windows 8 (X64) (2022-02-18 13:17:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-1354572454-1105605337-2006680600-500 - Administrator - Disabled)
Guest (S-1-5-21-1354572454-1105605337-2006680600-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1354572454-1105605337-2006680600-1003 - Limited - Enabled)
Michelle (S-1-5-21-1354572454-1105605337-2006680600-1001 - Administrator - Enabled) => C:\Users\Michelle

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Catalyst Install Manager (HKLM\...\{14718008-7D73-53AA-D0FF-88E805958D42}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
CrystalDiskInfo 8.15.2 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.15.2 - Crystal Dew World)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 100.0.4896.75 - Google LLC)
Malwarebytes version 4.5.7.186 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.7.186 - Malwarebytes)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{40F55150-F43D-4C9F-9A00-1A0A6F1EB7F0}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{D71BC54E-A4E6-4E06-866C-FD6EE16EA187}) (Version: 16.4.3503.0728 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6690 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)
TOSHIBA Audio Enhancement (HKLM\...\{F2DE0088-CF05-4DAB-AC4D-9D2C4D657456}) (Version: 1.0.2.8 - TOSHIBA Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation)

Packages:
=========
Amazon for Windows -> C:\Program Files\WindowsApps\Amazon.com.Amazon_1.0.4.0_neutral__343d40qqvtj1t [2012-10-27] (Amazon.com)
Bing -> C:\Program Files\WindowsApps\Microsoft.Bing_1.2.0.137_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation)
Book Place -> C:\Program Files\WindowsApps\K-NFBReadingTechnologiesI.BookPlace_1.0.0.77_x86__vwcaa66y1ah8t [2022-02-18] (K-NFB Reading Technologies, Inc.)
Camera -> C:\Program Files\WindowsApps\Microsoft.Camera_6.2.8514.0_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation)
eBay -> C:\Program Files\WindowsApps\eBayInc.eBay_1.0.0.0_neutral__1618n3s9xq8tw [2012-10-27] (eBay, Inc)
Encyclopaedia Britannica -> C:\Program Files\WindowsApps\EncyclopaediaBritannica.EncyclopaediaBritannica_1.0.0.17_neutral__k5b3gy2wfywap [2012-10-27] (Encyclopaedia Britannica)
Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_1.2.0.135_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
Games -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_1.0.927.0_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
iCookbook SE -> C:\Program Files\WindowsApps\PublicationsInternational.iCookbookSE_0.9.2.5_neutral__d33n3f4t8bm20 [2012-10-27] (Publications International, Ltd)
iHeartRadio -> C:\Program Files\WindowsApps\ClearChannelRadioDigital.iHeartRadio_4.0.1.6_neutral__a76a11dkgb644 [2022-02-18] (Clear Channel Management Services, Inc.)
Merriam-Webster Dictionary -> C:\Program Files\WindowsApps\D22CCC44.Merriam-WebsterDictionary_1.0.0.16_neutral__mbv6ra3y34fnr [2012-10-27] (Merriam-Webster, Inc.)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.1.0.RC_1.0.8377.0_neutral__8wekyb3d8bbwe [2022-02-18] (Microsoft Platform Extensions)
Music -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_1.0.927.0_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_1.0.0.11_x64__mcm4njqhnhss8 [2012-10-27] (Netflix, Inc.)
News -> C:\Program Files\WindowsApps\Microsoft.BingNews_1.2.0.135_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
News Place -> C:\Program Files\WindowsApps\2B24874D.NewsPlace_1.0.0.2_neutral__v10edqkhnj0dg [2022-02-18] (Synacor, Inc.)
Photos -> C:\Program Files\WindowsApps\microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation)
Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_1.2.0.135_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
StumbleUpon -> C:\Program Files\WindowsApps\06DAC6F6.StumbleUpon_2.0.5.0_neutral__9pdyks8yk4v0j [2012-10-27] (StumbleUpon, Inc.)
TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_1.0.0.44_x64__679ekb9hp1h62 [2022-02-18] (sMedio)
Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_1.2.0.145_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_1.0.927.0_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]
Vimeo -> C:\Program Files\WindowsApps\Vimeo.Vimeo_1.1.0.0_neutral__cfs1vy0wkzthc [2022-02-18] (Vimeo)
Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_1.2.0.135_x64__8wekyb3d8bbwe [2022-02-18] (Microsoft Corporation) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-03-06] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-08-08] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2022-03-06] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2012-08-08 13:19 - 2012-08-08 13:19 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000035328 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2012-08-08 13:23 - 2012-08-08 13:23 - 000040448 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2012-08-08 13:23 - 2012-08-08 13:23 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2012-08-08 13:23 - 2012-08-08 13:23 - 000019456 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
2012-08-08 13:21 - 2012-08-08 13:21 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2012-08-08 13:21 - 2012-08-08 13:21 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2012-08-08 13:21 - 2012-08-08 13:21 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000176128 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 001007616 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2012-08-08 13:23 - 2012-08-08 13:23 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2012-08-08 13:23 - 2012-08-08 13:23 - 000009216 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2012-08-08 13:21 - 2012-08-08 13:21 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 001395712 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000038912 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000307200 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.CoreAudioAPI.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2012-08-08 13:21 - 2012-08-08 13:21 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000031744 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000097792 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2012-08-08 13:23 - 2012-08-08 13:23 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2012-07-12 09:56 - 2012-07-12 09:56 - 000175104 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000066560 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000036864 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2012-08-08 13:20 - 2012-08-08 13:20 - 000385024 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000061440 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2011-10-17 19:48 - 2011-10-17 19:48 - 000006656 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000303616 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000479744 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2012-08-08 13:21 - 2012-08-08 13:21 - 000175104 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2012-08-08 13:13 - 2012-08-08 13:13 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-08-08 13:13 - 2012-08-08 13:13 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000311296 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2012-08-08 13:19 - 2012-08-08 13:19 - 000196608 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2011-10-17 19:48 - 2011-10-17 19:48 - 000016384 _____ (ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2011-10-17 19:48 - 2011-10-17 19:48 - 000045056 _____ (ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2012-10-27 09:14 - 2012-02-14 22:37 - 000594432 _____ (Realtek Semiconductor Corp.) [File not signed] C:\WINDOWS\system32\Rtlihvs.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
HKU\S-1-5-21-1354572454-1105605337-2006680600-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
HKU\S-1-5-21-1354572454-1105605337-2006680600-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
HKU\S-1-5-21-1354572454-1105605337-2006680600-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.toshiba.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 01:26 - 2012-07-26 01:26 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static
HKU\S-1-5-21-1354572454-1105605337-2006680600-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1FE97EC-B03D-48FF-94D5-E5FC0E1F9A37}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6243A023-8B9C-4A2F-A4C1-53569B92F894}] => (Allow) LPort=2869
FirewallRules: [{0F7812EE-19D9-4517-ADAB-248F4E6E6FC5}] => (Allow) LPort=1900
FirewallRules: [{11084B46-9502-49E1-A0D3-4641771CA2FF}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

19-03-2022 18:57:52 AdwCleaner_BeforeCleaning_19/03/2022_18:57:51
27-03-2022 03:09:23 Scheduled Checkpoint
04-04-2022 03:01:49 Scheduled Checkpoint
08-04-2022 17:50:40 AdwCleaner_BeforeCleaning_08/04/2022_17:50:39
10-04-2022 16:32:14 Removed TOSHIBA eco Utility.
10-04-2022 16:46:32 Removed TOSHIBA System Driver.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/10/2022 04:46:00 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: MINE)
Description: Application or service 'TOSHIBA eco Utility Service' could not be restarted.

Error: (04/08/2022 07:26:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mpengine.exe, version: 1.1.19158.0, time stamp: 0x1b582626
Faulting module name: pi-ms-win-crt-locale-l1-1-0.dll, version: 6.2.9200.17581, time stamp: 0x5644f0f7
Exception code: 0xc0000135
Fault offset: 0x00000000000e1e80
Faulting process id: 0x1394
Faulting application start time: 0x01d84ba003a166d4
Faulting application path: C:\ProgramData\Microsoft\Windows Defender\Scans\MpPayloadData\mpengine.exe
Faulting module path: pi-ms-win-crt-locale-l1-1-0.dll
Report Id: 433aafd4-b793-11ec-be7f-008cfa246f8e
Faulting package full name:
Faulting package-relative application ID:

Error: (04/08/2022 06:39:06 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (03/21/2022 12:32:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ig.exe, version: 1.0.2.43, time stamp: 0x60f841fd
Faulting module name: KERNELBASE.dll, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0xc0000142
Fault offset: 0x00078dd2
Faulting process id: 0x810
Faulting application start time: 0x01d83cdc93ce9527
Faulting application path: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
Faulting module path: KERNELBASE.dll
Report Id: dc128655-a8cf-11ec-be7e-008cfa246f8e
Faulting package full name:
Faulting package-relative application ID:

Error: (03/19/2022 06:39:28 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: MINE)
Description: Application or service 'Toshiba App Place' could not be shut down.

Error: (03/19/2022 05:16:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ig.exe, version: 1.0.2.43, time stamp: 0x60f841fd
Faulting module name: KERNELBASE.dll, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0xc0000142
Fault offset: 0x00078dd2
Faulting process id: 0x3f8
Faulting application start time: 0x01d83bd687056a69
Faulting application path: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
Faulting module path: KERNELBASE.dll
Report Id: d4fefb4f-a7c9-11ec-be7d-008cfa246f8e
Faulting package full name:
Faulting package-relative application ID:

Error: (03/13/2022 04:54:13 PM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/10/2022 04:03:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ig.exe, version: 1.0.2.43, time stamp: 0x60f841fd
Faulting module name: KERNELBASE.dll, version: 6.2.9200.17581, time stamp: 0x5644f0df
Exception code: 0xc0000142
Fault offset: 0x00078dd2
Faulting process id: 0x69c
Faulting application start time: 0x01d834b9d2b0862c
Faulting application path: C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\ig.exe
Faulting module path: KERNELBASE.dll
Report Id: 22aecfa4-a0ad-11ec-be7c-008cfa246f8e
Faulting package full name:
Faulting package-relative application ID:


System errors:
=============
Error: (04/10/2022 05:04:35 PM) (Source: DCOM) (EventID: 10010) (User: MINE)
Description: The server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} did not register with DCOM within the required timeout.

Error: (04/10/2022 05:02:35 PM) (Source: DCOM) (EventID: 10010) (User: MINE)
Description: The server {1ECCA34C-E88A-44E3-8D6A-8921BDE9E452} did not register with DCOM within the required timeout.

Error: (04/10/2022 04:55:18 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.

Error: (04/10/2022 04:55:18 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.

Error: (04/10/2022 04:53:30 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.

Error: (04/10/2022 04:53:29 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.

Error: (04/10/2022 04:49:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.

Error: (04/10/2022 04:49:40 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 70.


==================== Memory info ===========================

BIOS: Insyde Corp. 6.20 01/09/2013
Motherboard: TOSHIBA Portable PC
Processor: AMD E-300 APU with Radeon™ HD Graphics
Percentage of memory in use: 72%
Total physical RAM: 1630.25 MB
Available physical RAM: 456.36 MB
Total Virtual: 9822.25 MB
Available Virtual: 7401.08 MB

==================== Drives ================================

Drive c: (TI10653500D) (Fixed) (Total:287.51 GB) (Free:248.5 GB) NTFS

\\?\Volume{19b1796e-fc7e-11e1-b415-c03b3d1fbb80}\ (System) (Fixed) (Total:0.44 GB) (Free:0.16 GB) NTFS
\\?\Volume{47d0c280-9aae-4391-834a-3561580c3cdb}\ () (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
\\?\Volume{092cbfbc-60b1-4534-ad27-85aa4fd28450}\ (Recovery) (Fixed) (Total:9.42 GB) (Free:0.64 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 298.1 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================


# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2022-03-15.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 04-10-2022
# Duration: 00:00:36
# OS: Windows 8
# Scanned: 32050
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [9116 octets] - [06/03/2022 05:53:16]
AdwCleaner[S01].txt - [5067 octets] - [19/03/2022 18:55:27]
AdwCleaner[C01].txt - [4947 octets] - [19/03/2022 19:01:43]
AdwCleaner[S02].txt - [2137 octets] - [23/03/2022 15:31:48]
AdwCleaner[S03].txt - [2198 octets] - [08/04/2022 17:50:16]
AdwCleaner[C03].txt - [2451 octets] - [08/04/2022 17:51:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########



Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 4/10/22
Scan Time: 5:18 PM
Log File: c5ddcf40-b913-11ec-8853-008cfa246f8e.json

-Software Information-
Version: 4.5.7.186
Components Version: 1.0.1645
Update Package Version: 1.0.53463
License: Free

-System Information-
OS: Windows 8
CPU: x64
File System: NTFS
User: mine\Michelle

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 217843
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 13 min, 52 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)
  • 0

#20
DR M
Posted 11 April 2022 - 09:59 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Hi, Wolfie.
 

Here's something of concern and curiosity. I downloaded the "most recent" FRST64.exe file from here, which was showing today's date on it (April 10th, 2022), but when running it, I'm told it's almost a year old. The date on it (in the FRST window) is showing May of 2021. I downloaded it again and compared the newer download with the other one and both files are the same (ie, I didn't mistake one file for another). I downloaded it from bleeping and that one has today's date on it when running.

 
It seems that it is a tool's bug, as well as another issue regarding the BCD (see the end of the log). The FRST developers are aware of the issues, and I'm sure they will fix everything as soon as possible. Thanks for reporting that. :)

 

Since the previous logs were fine, I don't need fresh logs from you now.
 

==========================================

 

So, the computer returns to his owner for the moment. 
 
Let's finish it, and if your neighbour decides about the RAM and the upgrade, let me know.
 
For now...

The following tool will remove the tools we used as well as reset system restore points:

Download KpRm by kernel-panik and save it to your desktop.

  • Right-click kprm_(version).exe and select Run as Administrator.
  • Read and accept the disclaimer.
  • When the tool opens, ensure all boxes under Actions are checked.
  • Under Delete Quarantines select Delete Now, then click Run.
  • Once complete, click OK.
  • A log will open in Notepad titled kprm-(date).txt.
  • Please copy and paste its contents in your next reply.

  • 0

#21
Wolfie
Posted 11 April 2022 - 01:37 PM

Wolfie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts



  • Please copy and paste its contents in your next reply.


 

 

# Run at 4/11/2022 2:05:37 PM
# KpRm (Kernel-panik) version 2.9.3
# Run by Michelle from C:\Users\Michelle\Documents
# Computer Name: MINE
# OS: Windows 8 X64 (9200) 
# Number of passes: 1
 
- Checked options -
 
    ~ Registry Backup
    ~ Delete Tools
    ~ Restore System Settings
    ~ UAC Restore
    ~ Delete Restore Points
    ~ Create Restore Point
    ~ Delete Quarantines
 
- Create Registry Backup -
 
   ~ [OK] Hive C:\WINDOWS\System32\config\SOFTWARE backed up
   ~ [OK] Hive C:\Users\Michelle\NTUSER.dat backed up
 
     [OK] Registry Backup: C:\KPRM\backup\2022-04-11-14-05-37
 
- Delete Tools -
 
 
  ## AdwCleaner
     [OK] C:\AdwCleaner deleted
 
  ## FRST
     [OK] C:\FRST deleted
 
- Restore System Settings -
 
     [OK] Reset WinSock
     [OK] FLUSHDNS
     [OK] Hide Hidden file.
     [OK] Show Extensions for known file types
     [OK] Hide protected operating system files
 
- Restore UAC -
 
     [OK] Set EnableLUA with default (1) value
     [OK] Set ConsentPromptBehaviorAdmin with default (5) value
     [OK] Set ConsentPromptBehaviorUser with default (3) value
     [OK] Set EnableInstallerDetection with default (0) value
     [OK] Set EnableSecureUIAPaths with default (1) value
     [OK] Set EnableUIADesktopToggle with default (0) value
     [OK] Set EnableVirtualization with default (1) value
     [OK] Set FilterAdministratorToken with default (0) value
     [OK] Set PromptOnSecureDesktop with default (1) value
     [OK] Set ValidateAdminCodeSignatures with default (0) value
 
- Clear Restore Points -
 
   ~ [OK] RP named AdwCleaner_BeforeCleaning_19/03/2022_18:57:51 created at 03/19/2022 22:57:52 deleted
   ~ [OK] RP named Scheduled Checkpoint created at 03/27/2022 07:09:23 deleted
   ~ [OK] RP named Scheduled Checkpoint created at 04/04/2022 07:01:49 deleted
   ~ [OK] RP named AdwCleaner_BeforeCleaning_08/04/2022_17:50:39 created at 04/08/2022 21:50:40 deleted
   ~ [OK] RP named Removed TOSHIBA eco Utility. created at 04/10/2022 20:32:14 deleted
   ~ [OK] RP named Removed TOSHIBA System Driver. created at 04/10/2022 20:46:32 deleted
     [OK] All system restore points have been successfully deleted
 
- Create Restore Point -
 
     [OK] System Restore Point created
 
- Display System Restore Point -
 
   ~ [I] RP named KpRm created at 04/11/2022 18:06:56
 
-- KPRM finished in 127.93s --

  • 0

#22
DR M
Posted 12 April 2022 - 12:02 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

Good.

 

I will mark the topic as Solved, but leave it open for a while, until you tell me what your neighbour decided. 

 

Take care, Wolfie. :)


  • 0

#23
Wolfie
Posted 12 April 2022 - 02:33 AM

Wolfie

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

You can go ahead and close it.  If I need it re-opened, I'll PM you.  As far as memory is concerned, I can help her install it if she decides to get it.

 

Again, my apologies for being neglectful in responding to you as I should have.  You may not consider it to be a big deal, but from my perspective, it's a behavior where I know better and so there was no excuse for it.  Even if it was to delay providing requested information, a simply response would have been more respectful.  That, and my thanks for your assistance.


  • 1

#24
DR M
Posted 12 April 2022 - 02:55 AM

DR M

    The Grecian Geek

  • Malware Removal
  • 4,109 posts

 

Again, my apologies for being neglectful in responding to you as I should have.  You may not consider it to be a big deal, but from my perspective, it's a behavior where I know better and so there was no excuse for it.  Even if it was to delay providing requested information, a simply response would have been more respectful.  That, and my thanks for your assistance.

 

Wolfie, it happens to all of us. Sometimes, you can't control real life's issues. You have been a great partner every time you asked for help here, and I really appreciate the fact that you are helping another person. 

 

You are very welcome. 

 

Take care!


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP