I am going to try to locate the Farber. Recto go is on H drive and that is where Farber is. Use that?
Black screen with blinking cursor
Started by
Robertcharles123
, Feb 08 2014 09:22 PM
#61
Posted 10 February 2014 - 08:45 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
I am going to try to locate the Farber. Recto go is on H drive and that is where Farber is. Use that?
#62
Posted 10 February 2014 - 08:47 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
Does any of that help?
Thanks,
Robert
Thanks,
Robert
#63
Posted 10 February 2014 - 08:48 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
now I am at this point.
Attached Thumbnails
#64
Posted 10 February 2014 - 08:54 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
I am now here. The instructions say in the command window type........ I am trying that but it seems I need to change something else on the screenshot I sent you. This is what happens when I press the Farber icon image 2
Attached Thumbnails
#65
Posted 10 February 2014 - 09:00 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
When I choose the farber64, I get the screenshot with all the jumble of symbols. I just did it again and the same thing. Giving it the best shot at the moment and batting 0000. Hopefully, something good will transpire soon.
Thanks,
Robert
Thanks,
Robert
#66
Posted 10 February 2014 - 09:04 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
I finally got into the bios. Do not know how I got here, but I am afraid to touch it until someone tells me what to do. Hopefully this will help
Thanks,
Robert
Ok I touched the no and this is what I see. Does this help image 2
Thanks,
Robert
Thanks,
Robert
Ok I touched the no and this is what I see. Does this help image 2
Thanks,
Robert
Attached Thumbnails
Edited by Robertcharles123, 10 February 2014 - 09:32 PM.
#67
Posted 10 February 2014 - 09:34 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
This is the boot priority
Attached Thumbnails
Edited by Robertcharles123, 10 February 2014 - 09:42 PM.
#68
Posted 10 February 2014 - 10:00 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Hello Robert,
I have been away so have missed your recent posting.
Looking at your screen shots it seems to me that you are getting off track.
Yesterday I thought we had agreed that you got to the console shown below at one point.
If you did, then you should go to the Command Prompt. The last one on the list. When you click on it you should get a black screen with printing. That is where you type the things outlined in the instructions below. You don't click on FRST or any other icon. Just follow the instructions typing in the Flash drive letter, is it I the EOS Digital one? If it is, then you type in I:\frst64.exe and press Enter(I assume you have a 64-bit machine). Assuming FRST has been saved to the Flash drive it should run by itself.
Please download Farbar Recovery Scan Tool and save it to a flash drive.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Plug the flashdrive into the infected PC.
Use your disk to get to the System Recovery Options menu.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will create a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
[/list]
I have been away so have missed your recent posting.
Looking at your screen shots it seems to me that you are getting off track.
Yesterday I thought we had agreed that you got to the console shown below at one point.
If you did, then you should go to the Command Prompt. The last one on the list. When you click on it you should get a black screen with printing. That is where you type the things outlined in the instructions below. You don't click on FRST or any other icon. Just follow the instructions typing in the Flash drive letter, is it I the EOS Digital one? If it is, then you type in I:\frst64.exe and press Enter(I assume you have a 64-bit machine). Assuming FRST has been saved to the Flash drive it should run by itself.
Please download Farbar Recovery Scan Tool and save it to a flash drive.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Plug the flashdrive into the infected PC.
Use your disk to get to the System Recovery Options menu.
On the System Recovery Options menu you will get the following options:
Startup Repair
System Restore
Windows Complete PC Restore
Windows Memory Diagnostic Tool
Command Prompt
[*]Select Command Prompt
[*]In the command window type in notepad and press Enter.
[*]The notepad opens. Under File menu select Open.
[*]Select "Computer" and find your flash drive letter and close the notepad.
[*]In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
Note: Replace letter e with the drive letter of your flash drive.
[*]The tool will start to run.
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will create a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
[/list]
#69
Posted 10 February 2014 - 10:21 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
I think that might be a possible forward progress move. So, I need to get to the command prompt and do not type notepad or anything else. Just type In the H:\first and see what happens?
Well, I had to go to work, so I will do that tomorrow. Hopefully that works.
Thanks,
Robert
Well, I had to go to work, so I will do that tomorrow. Hopefully that works.
Thanks,
Robert
#70
Posted 10 February 2014 - 10:29 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
I am rereading your last post. I t seems that there are 2 sets of instructions. One says just type in the drive for farber and the next says type notepad - which I did and then the drive.
The more I read, the more I am confused.
I will try to open command prompt tomorrow and type h:\frst64 and see what Happens.
Thanks
Robert
The more I read, the more I am confused.
I will try to open command prompt tomorrow and type h:\frst64 and see what Happens.
Thanks
Robert
Edited by Robertcharles123, 11 February 2014 - 01:44 AM.
#71
Posted 10 February 2014 - 10:42 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
The Notepad was to find you flash drive letter. It can change each time you start up your computer or if you add or move a usb drive.
I take h is the flash drive? Also please make sure you follow the instructions exactly. Spelling and spaces are important. Don't put a space there if it isn't in the instructions. Equally, make sure you put one there if it is in the instruction.
h:\ first
I take h is the flash drive? Also please make sure you follow the instructions exactly. Spelling and spaces are important. Don't put a space there if it isn't in the instructions. Equally, make sure you put one there if it is in the instruction.
#72
Posted 11 February 2014 - 12:25 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
I got the Farber Tool to run and created a log. I have to go back to work now, but I will post it when I get home.
Thanks,
Robert
Thanks,
Robert
#73
Posted 11 February 2014 - 01:21 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
I got the Farber Tool to run and created a log.
Well done. Look forward to seeing it.
#74
Posted 11 February 2014 - 01:28 PM
Robertcharles123
- Topic Starter
-
- Member
-
- 101 posts
Member
Here it is.
Thanks,
Robert
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-02-2014 03
Ran by SYSTEM on MININT-C0QA4JI on 11-02-2014 12:22:43
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Memeo Instant Backup] - C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-04-22] (Memeo Inc.)
HKLM-x32\...\Run: [Memeo AutoSync] - C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe [144608 2010-04-16] (Memeo Inc.)
HKLM-x32\...\Run: [Memeo Send] - C:\Program Files (x86)\Memeo\Memeo Send\MemeoLauncher.exe [236816 2010-07-20] ()
HKLM-x32\...\Run: [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-01] ()
HKLM-x32\...\Run: [MoneyStartUp10.0] - C:\Program Files (x86)\Microsoft Money\System\Activation.exe [241714 2001-07-25] (Microsoft Corporation)
HKLM-x32\...\Run: [Renovate] - C:\Windows\SysWOW64\Renovate.exe [165376 1999-07-29] (GST Technology Ltd.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-10-01] (BL)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [WMBoot] - C:\Program Files (x86)\Logitech\WingMan Profiler\ChekList.exe -L:F:\WS\ENU\Setup.exe -CD -CL4 -LP:" reboot"
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Boingo Wi-Finder] - C:\Program Files (x86)\Boingo\Boingo Wi-Finder\Boingo.lnk [2429 2014-01-06] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Diane\...\Run: [MoneyAgent] - C:\Program Files (x86)\Microsoft Money\System\Money Express.exe [184376 2001-07-25] (Microsoft Corporation)
HKU\Diane\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
HKU\Diane\...\Run: [Steam] - C:\steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\Diane\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\Diane\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKU\Diane\...\Run: [ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Diane\AppData\Roaming\ValueApps\CH\TBVerifier.dll",RunConduitFloatingPlugin lcnnhcneegeeojhgpfijnlnocjdmlaon
HKU\Diane\...\Policies\system: [LogonHoursAction] 2
HKU\Diane\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Guest\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
HKU\Guest\...\Run: [MoneyAgent] - C:\Program Files (x86)\Microsoft Money\System\Money Express.exe [184376 2001-07-25] (Microsoft Corporation)
HKU\Robbie\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Robbie\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
HKU\Robbie\...\Policies\system: [LogonHoursAction] 2
HKU\Robbie\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1350944 2014-02-03] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1046816 2014-02-03] (Conduit)
Startup: C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
==================== Services (Whitelisted) =================
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-23] (AVG Technologies CZ, s.r.o.)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-01-27] (Just Develop It)
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2317600 2014-02-03] (Conduit)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 IDVaultSvc; C:\Program Files (x86)\AOL OnePoint\IDVaultSvc.exe [39704 2013-09-16] (White Sky, Inc.)
S2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-14] (Parallel Lines Development, LLC)
S2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [491688 2013-12-30] (Elex do Brasil Participações Ltda)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1859584 2012-07-04] (Ralink)
S2 UpdateServiceTool; C:\Program Files (x86)\Bin\UpdateTool\UpdaterToolService.exe [6656 2013-12-02] (VIS without Co)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-09-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-09] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [219648 2013-12-30] (Elex do Brasil Participações Ltda)
S1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [44032 2013-12-30] (Elex do Brasil Participações Ltda)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
S2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
S2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
S2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-13] (Microsoft Corporation)
S3 lgwnusbbus; system32\DRIVERS\lgwnusb64bus.sys [X]
S3 lgwnusbmodem; system32\DRIVERS\lgwnusb64modem.sys [X]
S3 lgwnusbndis; system32\DRIVERS\lgwnusb64ndis62.sys [X]
S3 lgwnusbser01; system32\DRIVERS\lgwnusb64ser01.sys [X]
S3 lgwnusbser02; system32\DRIVERS\lgwnusb64ser02.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-11 12:22 - 2014-02-11 12:22 - 00000000 ____D () C:\FRST
2014-02-03 10:44 - 2014-02-03 10:44 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-02-02 19:17 - 2014-02-02 19:17 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\eCyber
2014-02-02 14:30 - 2014-02-02 14:30 - 00263480 _____ (setup process) C:\Users\Diane\Downloads\Setup.exe
2014-02-02 14:29 - 2014-02-02 14:29 - 00673304 _____ (Conduit) C:\Users\Diane\Downloads\InstallConverter_TSV12ZOYG.exe
2014-02-02 14:14 - 2014-02-02 14:14 - 00001746 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-02-02 14:14 - 2014-02-02 14:14 - 00000000 ____D () C:\Windows\System32\log
2014-02-02 14:13 - 2014-02-03 19:18 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\iSafe
2014-02-02 14:13 - 2014-02-03 18:31 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Users\Diane\AppData\Local\Conduit
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Program Files\Conduit
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Users\Diane\AppData\Local\TidyNetwork
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-02-02 14:10 - 2014-02-02 14:10 - 00001935 _____ () C:\Users\Diane\Desktop\Sync Folder.lnk
2014-02-02 14:09 - 2014-02-03 18:29 - 00000356 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-02 14:09 - 2014-02-02 14:10 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-02-02 14:09 - 2014-02-02 14:09 - 00003376 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-02-02 14:09 - 2014-02-02 14:09 - 00001053 _____ () C:\Users\Diane\Desktop\MyPC Backup.lnk
2014-02-02 14:09 - 2014-02-02 14:09 - 00000000 ____D () C:\ProgramData\InternetUpdater
2014-02-02 14:08 - 2014-02-03 18:29 - 00000384 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-02 14:08 - 2014-02-02 14:08 - 00003032 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-02-02 14:08 - 2014-02-02 14:08 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-02-02 14:03 - 2014-02-02 14:04 - 00000000 ____D () C:\Users\Diane\AppData\Local\SearchProtect
2014-02-02 14:03 - 2014-02-02 14:03 - 00002058 _____ () C:\Users\Public\Desktop\WiseConvert.lnk
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Mozilla
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Websteroids
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Updater
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\RHelpers
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\YTD Downloader
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\WiseConvert
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\Bin
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-01-31 13:13 - 2014-01-31 13:13 - 00000925 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\MotioninJoy
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-01-31 13:13 - 2012-05-12 10:31 - 00121416 _____ (MotioninJoy) C:\Windows\System32\Drivers\MijXfilt.sys
2014-01-31 13:13 - 2011-12-07 17:42 - 00328712 _____ (Logitech Inc.) C:\Windows\System32\MijFrc.dll
2014-01-31 13:13 - 2011-12-07 17:42 - 00074960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\xusb21.sys
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed.zip
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed (1).zip
2014-01-27 22:57 - 2014-02-01 18:16 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDiane.job
2014-01-27 22:57 - 2014-02-01 17:51 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDiane
2014-01-22 13:10 - 2013-09-23 11:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2014-01-21 12:14 - 2014-01-21 12:14 - 00002183 _____ () C:\Users\Diane\Desktop\HP Support Assistant.lnk
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-19 10:20 - 2013-08-24 04:18 - 2069770532 _____ () C:\Users\Diane\Desktop\MVI_8270.MOV
2014-01-16 19:39 - 2014-01-16 19:39 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-01-13 20:01 - 2014-01-13 20:01 - 00001935 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
==================== One Month Modified Files and Folders =======
2014-02-11 12:22 - 2014-02-11 12:22 - 00000000 ____D () C:\FRST
2014-02-03 19:43 - 2012-12-11 21:14 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-02-03 19:27 - 2013-07-31 17:29 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-03 19:20 - 2012-12-09 18:45 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-03 19:19 - 2013-04-05 19:49 - 00000000 _____ () C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-03 19:18 - 2014-02-02 14:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\iSafe
2014-02-03 18:53 - 2012-12-12 00:18 - 00000000 ____D () C:\Users\Diane\AppData\Local\Windows Live
2014-02-03 18:51 - 2012-07-28 20:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-03 18:43 - 2013-10-16 13:41 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cecab88449e7e4.job
2014-02-03 18:33 - 2014-01-07 19:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-03 18:31 - 2014-02-02 14:13 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-02-03 18:29 - 2014-02-02 14:09 - 00000356 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-03 18:29 - 2014-02-02 14:08 - 00000384 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-03 10:44 - 2014-02-03 10:44 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-02-03 10:44 - 2013-09-15 07:31 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-02-03 10:44 - 2011-04-12 00:21 - 01972807 _____ () C:\Windows\WindowsUpdate.log
2014-02-02 20:15 - 2012-07-25 21:22 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDF1A06D-7AC7-4C8F-9B97-E488A025B3D2}
2014-02-02 19:17 - 2014-02-02 19:17 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\eCyber
2014-02-02 19:17 - 2013-12-27 16:18 - 00000000 ____D () C:\steam
2014-02-02 19:16 - 2011-07-29 18:10 - 00000271 _____ () C:\Windows\lgfwup.ini
2014-02-02 19:16 - 2011-07-29 18:07 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-02-02 19:16 - 2011-05-16 01:14 - 00000000 ____D () C:\Users\Diane\AppData\Local\CrashDumps
2014-02-02 16:22 - 2009-07-13 20:45 - 00015568 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 16:22 - 2009-07-13 20:45 - 00015568 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 16:11 - 2009-07-13 20:45 - 00410352 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-02-02 16:10 - 2011-04-12 02:27 - 00278280 _____ () C:\Windows\PFRO.log
2014-02-02 16:10 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 16:10 - 2009-07-13 20:51 - 00074730 _____ () C:\Windows\setupact.log
2014-02-02 14:30 - 2014-02-02 14:30 - 00263480 _____ (setup process) C:\Users\Diane\Downloads\Setup.exe
2014-02-02 14:30 - 2013-12-26 10:31 - 00000382 _____ () C:\Windows\Tasks\REGSERVO.job
2014-02-02 14:29 - 2014-02-02 14:29 - 00673304 _____ (Conduit) C:\Users\Diane\Downloads\InstallConverter_TSV12ZOYG.exe
2014-02-02 14:19 - 2011-05-15 19:36 - 00114344 _____ () C:\Users\Diane\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-02 14:14 - 2014-02-02 14:14 - 00001746 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-02-02 14:14 - 2014-02-02 14:14 - 00000000 ____D () C:\Windows\System32\log
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Users\Diane\AppData\Local\Conduit
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Program Files\Conduit
2014-02-02 14:12 - 2013-09-15 07:31 - 00000000 _____ () C:\END
2014-02-02 14:12 - 2013-09-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Conduit
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Users\Diane\AppData\Local\TidyNetwork
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-02-02 14:10 - 2014-02-02 14:10 - 00001935 _____ () C:\Users\Diane\Desktop\Sync Folder.lnk
2014-02-02 14:10 - 2014-02-02 14:09 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-02-02 14:09 - 2014-02-02 14:09 - 00003376 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-02-02 14:09 - 2014-02-02 14:09 - 00001053 _____ () C:\Users\Diane\Desktop\MyPC Backup.lnk
2014-02-02 14:09 - 2014-02-02 14:09 - 00000000 ____D () C:\ProgramData\InternetUpdater
2014-02-02 14:09 - 2013-09-15 07:31 - 00000000 ____D () C:\Users\Diane\AppData\Local\SwvUpdater
2014-02-02 14:08 - 2014-02-02 14:08 - 00003032 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-02-02 14:08 - 2014-02-02 14:08 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-02-02 14:04 - 2014-02-02 14:03 - 00000000 ____D () C:\Users\Diane\AppData\Local\SearchProtect
2014-02-02 14:03 - 2014-02-02 14:03 - 00002058 _____ () C:\Users\Public\Desktop\WiseConvert.lnk
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Mozilla
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Websteroids
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Updater
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\RHelpers
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\YTD Downloader
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\WiseConvert
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\Bin
2014-02-02 13:57 - 2009-07-13 21:13 - 00779016 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-01 18:16 - 2014-01-27 22:57 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDiane.job
2014-02-01 17:51 - 2014-01-27 22:57 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDiane
2014-02-01 17:15 - 2013-02-09 01:01 - 00000000 ____D () C:\Windows\Minidump
2014-02-01 17:14 - 2011-04-12 02:27 - 00287201 ____N () C:\Windows\Minidump\020114-75270-01.dmp
2014-01-31 15:09 - 2011-04-12 00:42 - 00000000 ____D () C:\ProgramData\PDFC
2014-01-31 13:53 - 2014-01-03 22:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Awesomium
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-01-31 13:13 - 2014-01-31 13:13 - 00000925 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\MotioninJoy
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed.zip
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed (1).zip
2014-01-30 17:09 - 2012-12-09 19:22 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-01-30 16:03 - 2011-05-20 16:15 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\SoftGrid Client
2014-01-29 10:48 - 2013-07-31 17:31 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-23 18:52 - 2012-12-29 21:07 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\MediaMonkey
2014-01-22 13:05 - 2012-12-09 19:23 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-01-21 12:14 - 2014-01-21 12:14 - 00002183 _____ () C:\Users\Diane\Desktop\HP Support Assistant.lnk
2014-01-21 12:14 - 2011-04-12 00:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-21 12:14 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Help
2014-01-21 12:08 - 2011-04-12 00:20 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-21 12:01 - 2011-04-12 00:21 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-01-21 12:00 - 2011-04-12 00:30 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-01-21 12:00 - 2010-06-14 18:07 - 00000000 ____D () C:\swsetup
2014-01-20 19:58 - 2012-07-28 20:34 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\HP Support Assistant
2014-01-20 19:58 - 2011-05-17 16:34 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\HpUpdate
2014-01-19 10:21 - 2013-12-23 20:27 - 00031744 ___SH () C:\Users\Diane\Desktop\Thumbs.db
2014-01-16 19:39 - 2014-01-16 19:39 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-01-16 10:14 - 2013-12-07 17:19 - 00000000 ____D () C:\Program Files (x86)\AOL OnePoint
2014-01-15 19:39 - 2013-12-07 17:19 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\ID Vault
2014-01-13 20:02 - 2014-01-11 18:16 - 00000000 ____D () C:\Users\Diane\Documents\SelfMV
2014-01-13 20:01 - 2014-01-13 20:01 - 00001935 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-01-13 20:01 - 2014-01-06 19:10 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Samsung
2014-01-13 20:01 - 2014-01-06 18:57 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-01-13 20:00 - 2013-04-03 17:53 - 00000000 ____D () C:\Users\Diane\AppData\Local\Downloaded Installations
Some content of TEMP:
====================
C:\Users\Diane\AppData\Local\Temp\44niaixd.dll
C:\Users\Diane\AppData\Local\Temp\BackupSetup.exe
C:\Users\Diane\AppData\Local\Temp\COMAP.EXE
C:\Users\Diane\AppData\Local\Temp\dlLogic.exe
C:\Users\Diane\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Diane\AppData\Local\Temp\Extract.exe
C:\Users\Diane\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Diane\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Diane\AppData\Local\Temp\nse6B0.exe
C:\Users\Diane\AppData\Local\Temp\nsjBA54.exe
C:\Users\Diane\AppData\Local\Temp\nsuC8B.exe
C:\Users\Diane\AppData\Local\Temp\nszB66D.exe
C:\Users\Diane\AppData\Local\Temp\Resource.exe
C:\Users\Diane\AppData\Local\Temp\setup__4615.exe
C:\Users\Diane\AppData\Local\Temp\setup__4793.exe
C:\Users\Diane\AppData\Local\Temp\setup__5004.exe
C:\Users\Diane\AppData\Local\Temp\setup__5708.exe
C:\Users\Diane\AppData\Local\Temp\setup__5709.exe
C:\Users\Diane\AppData\Local\Temp\SP58252.exe
C:\Users\Diane\AppData\Local\Temp\sp58915.exe
C:\Users\Diane\AppData\Local\Temp\sp64126.exe
C:\Users\Diane\AppData\Local\Temp\SPSetup.exe
C:\Users\Diane\AppData\Local\Temp\SPStub.exe
C:\Users\Diane\AppData\Local\Temp\TidyNetwork.exe
C:\Users\Diane\AppData\Local\Temp\tmpE18E.exe
C:\Users\Diane\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Diane\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Diane\AppData\Local\Temp\_is6AC3.exe
C:\Users\Diane\AppData\Local\Temp\_isCD0E.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2014-01-26 22:32:07
Restore point made on: 2014-01-31 13:43:20
==================== Memory info ===========================
Percentage of memory in use: 8%
Total physical RAM: 12031.29 MB
Available physical RAM: 11041.65 MB
Total Pagefile: 12029.48 MB
Available Pagefile: 11028.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.51 GB) (Free:537.3 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:12.9 GB) (Free:1.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive g: (ReatogoPE) (Removable) (Total:1.87 GB) (Free:1.55 GB) NTFS
Drive h: (EOS_DIGITAL) (Removable) (Total:7.39 GB) (Free:6.62 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3B9CA57A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 187A95F8)
No partition Table on disk 1.
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 32223221)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
LastRegBack: 2014-01-28 22:47
==================== End Of Log ============================
Thanks,
Robert
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-02-2014 03
Ran by SYSTEM on MININT-C0QA4JI on 11-02-2014 12:22:43
Running from G:\
Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [hpsysdrv] - c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-09-15] ()
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-28] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] - c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-05-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [PDF Complete] - C:\Program Files (x86)\PDF Complete\pdfsty.exe [664600 2010-09-28] (PDF Complete Inc)
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Memeo Instant Backup] - C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2010-04-22] (Memeo Inc.)
HKLM-x32\...\Run: [Memeo AutoSync] - C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe [144608 2010-04-16] (Memeo Inc.)
HKLM-x32\...\Run: [Memeo Send] - C:\Program Files (x86)\Memeo\Memeo Send\MemeoLauncher.exe [236816 2010-07-20] ()
HKLM-x32\...\Run: [Seagate Dashboard] - C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-01] ()
HKLM-x32\...\Run: [MoneyStartUp10.0] - C:\Program Files (x86)\Microsoft Money\System\Activation.exe [241714 2001-07-25] (Microsoft Corporation)
HKLM-x32\...\Run: [Renovate] - C:\Windows\SysWOW64\Renovate.exe [165376 1999-07-29] (GST Technology Ltd.)
HKLM-x32\...\Run: [UCam_Menu] - C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-17] (CyberLink Corp.)
HKLM-x32\...\Run: [LGODDFU] - C:\Program Files (x86)\lg_fwupdate\fwupdate.exe [548864 2008-10-01] (BL)
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [WMBoot] - C:\Program Files (x86)\Logitech\WingMan Profiler\ChekList.exe -L:F:\WS\ENU\Setup.exe -CD -CL4 -LP:" reboot"
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [Boingo Wi-Finder] - C:\Program Files (x86)\Boingo\Boingo Wi-Finder\Boingo.lnk [2429 2014-01-06] ()
HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-12-11] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5537136 2013-08-14] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [mcpltui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [537512 2013-09-24] (McAfee, Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Updater] - C:\ProgramData\Updater\Updater.exe [486264 2013-12-18] (Updater)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-01-28] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\Diane\...\Run: [MoneyAgent] - C:\Program Files (x86)\Microsoft Money\System\Money Express.exe [184376 2001-07-25] (Microsoft Corporation)
HKU\Diane\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
HKU\Diane\...\Run: [Steam] - C:\steam\Steam.exe [1815976 2014-01-27] (Valve Corporation)
HKU\Diane\...\Run: [KiesAirMessage] - C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\Diane\...\Run: [Updater] - C:\ProgramData\Updater\updater.exe [486264 2013-12-18] (Updater)
HKU\Diane\...\Run: [ConduitFloatingPlugin_lcnnhcneegeeojhgpfijnlnocjdmlaon] - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Diane\AppData\Roaming\ValueApps\CH\TBVerifier.dll",RunConduitFloatingPlugin lcnnhcneegeeojhgpfijnlnocjdmlaon
HKU\Diane\...\Policies\system: [LogonHoursAction] 2
HKU\Diane\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Guest\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
HKU\Guest\...\Run: [MoneyAgent] - C:\Program Files (x86)\Microsoft Money\System\Money Express.exe [184376 2001-07-25] (Microsoft Corporation)
HKU\Robbie\...\Run: [RESTART_STICKY_NOTES] - C:\Windows\System32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)
HKU\Robbie\...\Run: [attcm.exe] - C:\Program Files (x86)\AT&T\AT&T Communication Manager\attcm.exe
HKU\Robbie\...\Policies\system: [LogonHoursAction] 2
HKU\Robbie\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1350944 2014-02-03] (Conduit)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1046816 2014-02-03] (Conduit)
Startup: C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
Startup: C:\Users\Diane\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PdaNet Desktop.lnk
ShortcutTarget: PdaNet Desktop.lnk -> C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe ()
==================== Services (Whitelisted) =================
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-23] (AVG Technologies CZ, s.r.o.)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36392 2014-01-27] (Just Develop It)
S2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2317600 2014-02-03] (Conduit)
S2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 IDVaultSvc; C:\Program Files (x86)\AOL OnePoint\IDVaultSvc.exe [39704 2013-09-16] (White Sky, Inc.)
S2 InternetUpdater; C:\ProgramData\InternetUpdater\InternetUpdaterService.exe [45568 2014-01-14] (Parallel Lines Development, LLC)
S2 iSafeService; C:\Program Files (x86)\iSafe\iSafeSvc.exe [491688 2013-12-30] (Elex do Brasil Participações Ltda)
S2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [178048 2013-11-28] (McAfee, Inc.)
S2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McNaiAnn; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [602944 2013-08-02] (McAfee, Inc.)
S2 mcpltsvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 McProxy; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
S2 mfecore; C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe [1025232 2013-12-11] (McAfee, Inc.)
S2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-12-05] (McAfee, Inc.)
S2 mfevtp; C:\Windows\system32\mfevtps.exe [184800 2013-12-05] (McAfee, Inc.)
S2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1119768 2010-09-28] (PDF Complete Inc)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [1859584 2012-07-04] (Ralink)
S2 UpdateServiceTool; C:\Program Files (x86)\Bin\UpdateTool\UpdaterToolService.exe [6656 2013-12-02] (VIS without Co)
S2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [270704 2013-08-14] (Western Digital Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
S0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
S0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-09-30] (AVG Technologies CZ, s.r.o.)
S0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-09] (AVG Technologies CZ, s.r.o.)
S1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-12-05] (McAfee, Inc.)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.)
S3 iSafeKrnl; C:\Program Files (x86)\iSafe\iSafeKrnl.sys [219648 2013-12-30] (Elex do Brasil Participações Ltda)
S1 iSafeNetFilter; C:\Program Files (x86)\iSafe\iSafeNetFilter.sys [44032 2013-12-30] (Elex do Brasil Participações Ltda)
S2 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-12-05] (McAfee, Inc.)
S2 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-12-05] (McAfee, Inc.)
S3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-12-05] (McAfee, Inc.)
S2 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782616 2013-12-05] (McAfee, Inc.)
S3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [411944 2013-11-26] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [96112 2013-11-26] (McAfee, Inc.)
S2 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-12-05] (McAfee, Inc.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-13] (Microsoft Corporation)
S3 lgwnusbbus; system32\DRIVERS\lgwnusb64bus.sys [X]
S3 lgwnusbmodem; system32\DRIVERS\lgwnusb64modem.sys [X]
S3 lgwnusbndis; system32\DRIVERS\lgwnusb64ndis62.sys [X]
S3 lgwnusbser01; system32\DRIVERS\lgwnusb64ser01.sys [X]
S3 lgwnusbser02; system32\DRIVERS\lgwnusb64ser02.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-11 12:22 - 2014-02-11 12:22 - 00000000 ____D () C:\FRST
2014-02-03 10:44 - 2014-02-03 10:44 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-02-02 19:17 - 2014-02-02 19:17 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\eCyber
2014-02-02 14:30 - 2014-02-02 14:30 - 00263480 _____ (setup process) C:\Users\Diane\Downloads\Setup.exe
2014-02-02 14:29 - 2014-02-02 14:29 - 00673304 _____ (Conduit) C:\Users\Diane\Downloads\InstallConverter_TSV12ZOYG.exe
2014-02-02 14:14 - 2014-02-02 14:14 - 00001746 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-02-02 14:14 - 2014-02-02 14:14 - 00000000 ____D () C:\Windows\System32\log
2014-02-02 14:13 - 2014-02-03 19:18 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\iSafe
2014-02-02 14:13 - 2014-02-03 18:31 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Users\Diane\AppData\Local\Conduit
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Program Files\Conduit
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Users\Diane\AppData\Local\TidyNetwork
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-02-02 14:10 - 2014-02-02 14:10 - 00001935 _____ () C:\Users\Diane\Desktop\Sync Folder.lnk
2014-02-02 14:09 - 2014-02-03 18:29 - 00000356 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-02 14:09 - 2014-02-02 14:10 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-02-02 14:09 - 2014-02-02 14:09 - 00003376 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-02-02 14:09 - 2014-02-02 14:09 - 00001053 _____ () C:\Users\Diane\Desktop\MyPC Backup.lnk
2014-02-02 14:09 - 2014-02-02 14:09 - 00000000 ____D () C:\ProgramData\InternetUpdater
2014-02-02 14:08 - 2014-02-03 18:29 - 00000384 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-02 14:08 - 2014-02-02 14:08 - 00003032 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-02-02 14:08 - 2014-02-02 14:08 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-02-02 14:03 - 2014-02-02 14:04 - 00000000 ____D () C:\Users\Diane\AppData\Local\SearchProtect
2014-02-02 14:03 - 2014-02-02 14:03 - 00002058 _____ () C:\Users\Public\Desktop\WiseConvert.lnk
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Mozilla
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Websteroids
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Updater
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\RHelpers
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\YTD Downloader
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\WiseConvert
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\Bin
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-01-31 13:13 - 2014-01-31 13:13 - 00000925 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\MotioninJoy
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-01-31 13:13 - 2012-05-12 10:31 - 00121416 _____ (MotioninJoy) C:\Windows\System32\Drivers\MijXfilt.sys
2014-01-31 13:13 - 2011-12-07 17:42 - 00328712 _____ (Logitech Inc.) C:\Windows\System32\MijFrc.dll
2014-01-31 13:13 - 2011-12-07 17:42 - 00074960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\xusb21.sys
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed.zip
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed (1).zip
2014-01-27 22:57 - 2014-02-01 18:16 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDiane.job
2014-01-27 22:57 - 2014-02-01 17:51 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDiane
2014-01-22 13:10 - 2013-09-23 11:49 - 00197704 _____ (McAfee, Inc.) C:\Windows\System32\Drivers\HipShieldK.sys
2014-01-21 12:14 - 2014-01-21 12:14 - 00002183 _____ () C:\Users\Diane\Desktop\HP Support Assistant.lnk
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-19 10:20 - 2013-08-24 04:18 - 2069770532 _____ () C:\Users\Diane\Desktop\MVI_8270.MOV
2014-01-16 19:39 - 2014-01-16 19:39 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-01-13 20:01 - 2014-01-13 20:01 - 00001935 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
==================== One Month Modified Files and Folders =======
2014-02-11 12:22 - 2014-02-11 12:22 - 00000000 ____D () C:\FRST
2014-02-03 19:43 - 2012-12-11 21:14 - 00000338 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-02-03 19:27 - 2013-07-31 17:29 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-03 19:20 - 2012-12-09 18:45 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-03 19:19 - 2013-04-05 19:49 - 00000000 _____ () C:\Windows\System32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-02-03 19:18 - 2014-02-02 14:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\iSafe
2014-02-03 18:53 - 2012-12-12 00:18 - 00000000 ____D () C:\Users\Diane\AppData\Local\Windows Live
2014-02-03 18:51 - 2012-07-28 20:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-03 18:43 - 2013-10-16 13:41 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cecab88449e7e4.job
2014-02-03 18:33 - 2014-01-07 19:44 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-03 18:31 - 2014-02-02 14:13 - 00000000 ____D () C:\Program Files (x86)\iSafe
2014-02-03 18:29 - 2014-02-02 14:09 - 00000356 _____ () C:\Windows\Tasks\AmiUpdXp.job
2014-02-03 18:29 - 2014-02-02 14:08 - 00000384 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-02-03 10:44 - 2014-02-03 10:44 - 00000000 ____D () C:\Windows\SysWOW64\SearchProtect
2014-02-03 10:44 - 2013-09-15 07:31 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-02-03 10:44 - 2011-04-12 00:21 - 01972807 _____ () C:\Windows\WindowsUpdate.log
2014-02-02 20:15 - 2012-07-25 21:22 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{EDF1A06D-7AC7-4C8F-9B97-E488A025B3D2}
2014-02-02 19:17 - 2014-02-02 19:17 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\eCyber
2014-02-02 19:17 - 2013-12-27 16:18 - 00000000 ____D () C:\steam
2014-02-02 19:16 - 2011-07-29 18:10 - 00000271 _____ () C:\Windows\lgfwup.ini
2014-02-02 19:16 - 2011-07-29 18:07 - 00000000 ____D () C:\Program Files (x86)\lg_fwupdate
2014-02-02 19:16 - 2011-05-16 01:14 - 00000000 ____D () C:\Users\Diane\AppData\Local\CrashDumps
2014-02-02 16:22 - 2009-07-13 20:45 - 00015568 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-02 16:22 - 2009-07-13 20:45 - 00015568 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-02 16:11 - 2009-07-13 20:45 - 00410352 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-02-02 16:10 - 2011-04-12 02:27 - 00278280 _____ () C:\Windows\PFRO.log
2014-02-02 16:10 - 2009-07-13 21:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-02 16:10 - 2009-07-13 20:51 - 00074730 _____ () C:\Windows\setupact.log
2014-02-02 14:30 - 2014-02-02 14:30 - 00263480 _____ (setup process) C:\Users\Diane\Downloads\Setup.exe
2014-02-02 14:30 - 2013-12-26 10:31 - 00000382 _____ () C:\Windows\Tasks\REGSERVO.job
2014-02-02 14:29 - 2014-02-02 14:29 - 00673304 _____ (Conduit) C:\Users\Diane\Downloads\InstallConverter_TSV12ZOYG.exe
2014-02-02 14:19 - 2011-05-15 19:36 - 00114344 _____ () C:\Users\Diane\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-02 14:14 - 2014-02-02 14:14 - 00001746 _____ () C:\Users\Public\Desktop\YAC.lnk
2014-02-02 14:14 - 2014-02-02 14:14 - 00000000 ____D () C:\Windows\System32\log
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Users\Diane\AppData\Local\Conduit
2014-02-02 14:12 - 2014-02-02 14:12 - 00000000 ____D () C:\Program Files\Conduit
2014-02-02 14:12 - 2013-09-15 07:31 - 00000000 _____ () C:\END
2014-02-02 14:12 - 2013-09-15 07:30 - 00000000 ____D () C:\Program Files (x86)\Conduit
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Users\Diane\AppData\Local\TidyNetwork
2014-02-02 14:11 - 2014-02-02 14:11 - 00000000 ____D () C:\Program Files (x86)\TidyNetwork
2014-02-02 14:10 - 2014-02-02 14:10 - 00001935 _____ () C:\Users\Diane\Desktop\Sync Folder.lnk
2014-02-02 14:10 - 2014-02-02 14:09 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-02-02 14:09 - 2014-02-02 14:09 - 00003376 _____ () C:\Windows\System32\Tasks\AmiUpdXp
2014-02-02 14:09 - 2014-02-02 14:09 - 00001053 _____ () C:\Users\Diane\Desktop\MyPC Backup.lnk
2014-02-02 14:09 - 2014-02-02 14:09 - 00000000 ____D () C:\ProgramData\InternetUpdater
2014-02-02 14:09 - 2013-09-15 07:31 - 00000000 ____D () C:\Users\Diane\AppData\Local\SwvUpdater
2014-02-02 14:08 - 2014-02-02 14:08 - 00003032 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-02-02 14:08 - 2014-02-02 14:08 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-02-02 14:04 - 2014-02-02 14:03 - 00000000 ____D () C:\Users\Diane\AppData\Local\SearchProtect
2014-02-02 14:03 - 2014-02-02 14:03 - 00002058 _____ () C:\Users\Public\Desktop\WiseConvert.lnk
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Mozilla
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Websteroids
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\Updater
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\ProgramData\RHelpers
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\YTD Downloader
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\WiseConvert
2014-02-02 14:03 - 2014-02-02 14:03 - 00000000 ____D () C:\Program Files (x86)\Bin
2014-02-02 13:57 - 2009-07-13 21:13 - 00779016 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-02-01 18:16 - 2014-01-27 22:57 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDiane.job
2014-02-01 17:51 - 2014-01-27 22:57 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDiane
2014-02-01 17:15 - 2013-02-09 01:01 - 00000000 ____D () C:\Windows\Minidump
2014-02-01 17:14 - 2011-04-12 02:27 - 00287201 ____N () C:\Windows\Minidump\020114-75270-01.dmp
2014-01-31 15:09 - 2011-04-12 00:42 - 00000000 ____D () C:\ProgramData\PDFC
2014-01-31 13:53 - 2014-01-03 22:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Awesomium
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_xusb21_01009.Wdf
2014-01-31 13:44 - 2014-01-31 13:44 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_MijXfilt_01009.Wdf
2014-01-31 13:13 - 2014-01-31 13:13 - 00000925 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\MotioninJoy
2014-01-31 13:13 - 2014-01-31 13:13 - 00000000 ____D () C:\Program Files\MotioninJoy
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed.zip
2014-01-31 13:11 - 2014-01-31 13:11 - 04117346 _____ () C:\Users\Diane\Downloads\MotioninJoy_071001_signed (1).zip
2014-01-30 17:09 - 2012-12-09 19:22 - 00000000 ____D () C:\Program Files (x86)\McAfee
2014-01-30 16:03 - 2011-05-20 16:15 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\SoftGrid Client
2014-01-29 10:48 - 2013-07-31 17:31 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-23 18:52 - 2012-12-29 21:07 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\MediaMonkey
2014-01-22 13:05 - 2012-12-09 19:23 - 00000000 ____D () C:\Program Files\Common Files\McAfee
2014-01-21 12:14 - 2014-01-21 12:14 - 00002183 _____ () C:\Users\Diane\Desktop\HP Support Assistant.lnk
2014-01-21 12:14 - 2011-04-12 00:21 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-21 12:14 - 2009-07-13 19:20 - 00000000 ____D () C:\Windows\Help
2014-01-21 12:08 - 2011-04-12 00:20 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-01-21 12:05 - 2014-01-21 12:05 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-21 12:01 - 2011-04-12 00:21 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-01-21 12:00 - 2011-04-12 00:30 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-01-21 12:00 - 2010-06-14 18:07 - 00000000 ____D () C:\swsetup
2014-01-20 19:58 - 2012-07-28 20:34 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\HP Support Assistant
2014-01-20 19:58 - 2011-05-17 16:34 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\HpUpdate
2014-01-19 10:21 - 2013-12-23 20:27 - 00031744 ___SH () C:\Users\Diane\Desktop\Thumbs.db
2014-01-16 19:39 - 2014-01-16 19:39 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_Kernel_netaapl64_01009.Wdf
2014-01-16 10:14 - 2013-12-07 17:19 - 00000000 ____D () C:\Program Files (x86)\AOL OnePoint
2014-01-15 19:39 - 2013-12-07 17:19 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\ID Vault
2014-01-13 20:02 - 2014-01-11 18:16 - 00000000 ____D () C:\Users\Diane\Documents\SelfMV
2014-01-13 20:01 - 2014-01-13 20:01 - 00001935 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-01-13 20:01 - 2014-01-06 19:10 - 00000000 ____D () C:\Users\Diane\AppData\Roaming\Samsung
2014-01-13 20:01 - 2014-01-06 18:57 - 00000000 ____D () C:\Program Files (x86)\Samsung
2014-01-13 20:00 - 2013-04-03 17:53 - 00000000 ____D () C:\Users\Diane\AppData\Local\Downloaded Installations
Some content of TEMP:
====================
C:\Users\Diane\AppData\Local\Temp\44niaixd.dll
C:\Users\Diane\AppData\Local\Temp\BackupSetup.exe
C:\Users\Diane\AppData\Local\Temp\COMAP.EXE
C:\Users\Diane\AppData\Local\Temp\dlLogic.exe
C:\Users\Diane\AppData\Local\Temp\EnableExtDll.dll
C:\Users\Diane\AppData\Local\Temp\Extract.exe
C:\Users\Diane\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Diane\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Diane\AppData\Local\Temp\nse6B0.exe
C:\Users\Diane\AppData\Local\Temp\nsjBA54.exe
C:\Users\Diane\AppData\Local\Temp\nsuC8B.exe
C:\Users\Diane\AppData\Local\Temp\nszB66D.exe
C:\Users\Diane\AppData\Local\Temp\Resource.exe
C:\Users\Diane\AppData\Local\Temp\setup__4615.exe
C:\Users\Diane\AppData\Local\Temp\setup__4793.exe
C:\Users\Diane\AppData\Local\Temp\setup__5004.exe
C:\Users\Diane\AppData\Local\Temp\setup__5708.exe
C:\Users\Diane\AppData\Local\Temp\setup__5709.exe
C:\Users\Diane\AppData\Local\Temp\SP58252.exe
C:\Users\Diane\AppData\Local\Temp\sp58915.exe
C:\Users\Diane\AppData\Local\Temp\sp64126.exe
C:\Users\Diane\AppData\Local\Temp\SPSetup.exe
C:\Users\Diane\AppData\Local\Temp\SPStub.exe
C:\Users\Diane\AppData\Local\Temp\TidyNetwork.exe
C:\Users\Diane\AppData\Local\Temp\tmpE18E.exe
C:\Users\Diane\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Diane\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Diane\AppData\Local\Temp\_is6AC3.exe
C:\Users\Diane\AppData\Local\Temp\_isCD0E.exe
==================== Known DLLs (Whitelisted) ================
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== EXE ASSOCIATION =====================
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
==================== Restore Points =========================
Restore point made on: 2014-01-26 22:32:07
Restore point made on: 2014-01-31 13:43:20
==================== Memory info ===========================
Percentage of memory in use: 8%
Total physical RAM: 12031.29 MB
Available physical RAM: 11041.65 MB
Total Pagefile: 12029.48 MB
Available Pagefile: 11028.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.51 GB) (Free:537.3 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:12.9 GB) (Free:1.55 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive g: (ReatogoPE) (Removable) (Total:1.87 GB) (Free:1.55 GB) NTFS
Drive h: (EOS_DIGITAL) (Removable) (Total:7.39 GB) (Free:6.62 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 3B9CA57A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 187A95F8)
No partition Table on disk 1.
========================================================
Disk: 2 (Size: 7 GB) (Disk ID: 32223221)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)
LastRegBack: 2014-01-28 22:47
==================== End Of Log ============================
Attached Files
-
FRST.txt 29.47KB
374 downloads
#75
Posted 11 February 2014 - 02:59 PM
emeraldnzl
-
- GeekU Moderator
-
- 20,051 posts
GeekU Instructor
Hello Robertcharles123,
Please download the attached fixlist.txt file to your flashdrive .
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
After that see if you can start up your machine normally. If you can't come back and paste the log in the forum.
If you can then do the following:
You appear to be running multiple anti-virus programs
Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.
Please uninstall two of AVG, isafe(YAC Security Protection) or McAfee
After that
Please download a new copy of Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Please download the attached fixlist.txt file to your flashdrive .
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Now please enter System Recovery Options.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.
After that see if you can start up your machine normally. If you can't come back and paste the log in the forum.
If you can then do the following:
You appear to be running multiple anti-virus programs
Running two or more real-time anti-virus, anti-spyware and firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, crashes of the programs or other types of failure. You will very likely end up with little or no protection.
Please uninstall two of AVG, isafe(YAC Security Protection) or McAfee
After that
Please download a new copy of Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Right click to run as administrator. When the tool opens click Yes to disclaimer.
- Press Scan button.
- It will produce a log called (FRST.txt) in the same directory the tool is run from.
- Please copy and paste log back here.
- The first time the tool is run, it makes also another log (Addition.txt). Please also paste that into your reply.
Similar Topics
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users
As Featured On:
Sign In
Create Account
