PDA

View Full Version : Need Help to clear junk from pc ,please check following to what i should take out ???



AppleFan
09-11-2013, 12:27 PM
ComboFix 13-11-07.01 - user 09/11/2013 11:53:59.1.8 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.64.1033.18.4044.2253 [GMT 13:00]
Running from: c:\users\user\AppData\Local\Microsoft\Windows\Temp orary Internet Files\Content.IE5\8NFZK283\ComboFix.exe
AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
FW: Norton 360 Premier Edition *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1354688621.bdinstall.bin
c:\programdata\Roaming
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\wpcap.dll
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
((((((((((((((((((((((((( Files Created from 2013-10-08 to 2013-11-08 )))))))))))))))))))))))))))))))
.
.
2013-11-08 22:16 . 2013-10-14 07:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3182F257-BF39-485A-BEA7-4FDE212D5F68}\mpengine.dll
2013-10-28 05:02 . 2013-10-28 05:02 2255064 ----a-w- c:\windows\system32\BtwRSupportService.exe
2013-10-28 05:02 . 2013-10-28 05:02 170712 ----a-w- c:\windows\system32\drivers\bcbtums.sys
2013-10-24 23:38 . 2013-10-24 23:38 -------- d-----w- c:\program files\iPod
2013-10-24 23:38 . 2013-10-24 23:39 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-24 23:38 . 2013-10-24 23:39 -------- d-----w- c:\program files\iTunes
2013-10-24 23:38 . 2013-10-24 23:39 -------- d-----w- c:\program files (x86)\iTunes
2013-10-14 07:23 . 2013-10-14 07:23 -------- d-----w- c:\users\user\AppData\Local\PunkBuster
2013-10-14 07:16 . 2013-10-14 07:16 -------- d-----w- c:\programdata\Package Cache
2013-10-14 07:14 . 2009-09-04 04:44 73544 ----a-w- c:\windows\system32\XAPOFX1_3.dll
2013-10-14 07:14 . 2009-03-16 01:18 521560 ----a-w- c:\windows\system32\XAudio2_4.dll
2013-10-14 07:14 . 2009-03-16 01:18 517448 ----a-w- c:\windows\SysWow64\XAudio2_4.dll
2013-10-14 07:14 . 2009-03-16 01:18 235352 ----a-w- c:\windows\SysWow64\xactengine3_4.dll
2013-10-14 07:14 . 2009-03-16 01:18 174936 ----a-w- c:\windows\system32\xactengine3_4.dll
2013-10-14 07:14 . 2009-03-16 01:18 24920 ----a-w- c:\windows\system32\X3DAudio1_6.dll
2013-10-14 07:14 . 2009-03-16 01:18 22360 ----a-w- c:\windows\SysWow64\X3DAudio1_6.dll
2013-10-14 07:14 . 2008-10-14 17:22 519000 ----a-w- c:\windows\system32\d3dx10_40.dll
2013-10-14 07:14 . 2008-10-14 17:22 452440 ----a-w- c:\windows\SysWow64\d3dx10_40.dll
2013-10-14 07:14 . 2008-10-14 17:22 2605920 ----a-w- c:\windows\system32\D3DCompiler_40.dll
2013-10-14 07:14 . 2008-10-14 17:22 2036576 ----a-w- c:\windows\SysWow64\D3DCompiler_40.dll
2013-10-14 07:14 . 2008-10-14 17:22 5631312 ----a-w- c:\windows\system32\D3DX9_40.dll
2013-10-14 07:14 . 2008-10-14 17:22 4379984 ----a-w- c:\windows\SysWow64\D3DX9_40.dll
2013-10-14 07:00 . 2008-10-26 21:04 518480 ----a-w- c:\windows\system32\XAudio2_3.dll
2013-10-14 07:00 . 2008-10-26 21:04 514384 ----a-w- c:\windows\SysWow64\XAudio2_3.dll
2013-10-14 07:00 . 2008-10-26 21:04 74576 ----a-w- c:\windows\system32\XAPOFX1_2.dll
2013-10-14 07:00 . 2008-10-26 21:04 70992 ----a-w- c:\windows\SysWow64\XAPOFX1_2.dll
2013-10-14 07:00 . 2008-10-26 21:04 235856 ----a-w- c:\windows\SysWow64\xactengine3_3.dll
2013-10-14 07:00 . 2008-10-26 21:04 175440 ----a-w- c:\windows\system32\xactengine3_3.dll
2013-10-14 07:00 . 2008-10-26 21:04 25936 ----a-w- c:\windows\system32\X3DAudio1_5.dll
2013-10-14 07:00 . 2008-10-26 21:04 23376 ----a-w- c:\windows\SysWow64\X3DAudio1_5.dll
2013-10-14 06:58 . 2006-02-02 19:42 355536 ----a-w- c:\windows\system32\xactengine2_0.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2013-10-14 05:00 . 2013-03-20 04:08 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE
2013-10-09 23:28 . 2012-04-21 02:29 80541720 ----a-w- c:\windows\system32\MRT.exe
2013-10-08 22:27 . 2013-03-14 04:27 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-10-08 22:27 . 2013-03-14 04:27 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-02 21:58 . 2013-10-02 21:58 32512 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2013-09-14 01:10 . 2013-10-09 21:32 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-09-08 02:30 . 2013-10-09 21:32 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 21:32 327168 ----a-w- c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 21:32 231424 ----a-w- c:\windows\SysWow64\mswsock.dll
2013-09-04 12:12 . 2013-10-09 21:32 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 21:32 325120 ----a-w- c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 21:32 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 21:32 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 21:32 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 21:32 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 21:32 7808 ----a-w- c:\windows\system32\drivers\usbd.sys
2013-09-03 01:35 . 2012-04-24 09:26 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-29 02:17 . 2013-10-09 21:32 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-08-29 02:16 . 2013-10-09 21:32 1732032 ----a-w- c:\windows\system32\ntdll.dll
2013-08-29 02:16 . 2013-10-09 21:32 243712 ----a-w- c:\windows\system32\wow64.dll
2013-08-29 02:16 . 2013-10-09 21:32 859648 ----a-w- c:\windows\system32\tdh.dll
2013-08-29 02:13 . 2013-10-09 21:32 878080 ----a-w- c:\windows\system32\advapi32.dll
2013-08-29 01:51 . 2013-10-09 21:32 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-08-29 01:51 . 2013-10-09 21:32 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-08-29 01:50 . 2013-10-09 21:32 5120 ----a-w- c:\windows\SysWow64\wow32.dll
2013-08-29 01:50 . 2013-10-09 21:32 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll
2013-08-29 01:50 . 2013-10-09 21:32 619520 ----a-w- c:\windows\SysWow64\tdh.dll
2013-08-29 01:48 . 2013-10-09 21:32 640512 ----a-w- c:\windows\SysWow64\advapi32.dll
2013-08-29 01:48 . 2013-10-09 21:32 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-08-29 00:49 . 2013-10-09 21:32 25600 ----a-w- c:\windows\SysWow64\setup16.exe
2013-08-29 00:49 . 2013-10-09 21:32 7680 ----a-w- c:\windows\SysWow64\instnm.exe
2013-08-29 00:49 . 2013-10-09 21:32 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll
2013-08-29 00:49 . 2013-10-09 21:32 2048 ----a-w- c:\windows\SysWow64\user.exe
2013-08-28 01:21 . 2013-10-09 21:32 3155968 ----a-w- c:\windows\system32\win32k.sys
2013-08-28 01:12 . 2013-10-09 21:32 461312 ----a-w- c:\windows\system32\scavengeui.dll
2013-08-23 07:09 . 2013-08-23 07:09 177312 ----a-w- c:\windows\system32\drivers\SYMEVENT64x86.SYS
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2010-11-22 2736128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\ Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-19 284440]
"NUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2012-04-27 113288]
"HPOSD"="c:\program files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe" [2011-08-19 379960]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2011-07-11 574008]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-09-30 343168]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-23 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework6 4\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET \Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys;c:\ windows\SYSNATIVE\DRIVERS\AMPPAL.sys [x]
R3 bcbtums;Bluetooth USB LD Filter;c:\windows\system32\drivers\bcbtums.sys;c:\ windows\SYSNATIVE\drivers\bcbtums.sys [x]
R3 btwampfl;btwampfl;c:\windows\system32\drivers\btwa mpfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c :\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys ;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\ windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\wi ndows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominipor t.sys;c:\windows\SYSNATIVE\drivers\rdpvideominipor t.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VS TAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VS TDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVER S\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNX T6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsus bflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c :\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c: \windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys ;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1404000. 028\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x 64\1404000.028\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\140 4000.028\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers \N360x64\1404000.028\SYMEFA64.SYS [x]
S1 aswKbd;aswKbd; [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\ 20131101.003_f0c\BHDrvx64.sys;c:\programdata\Norto n\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\BASHDefs\ 20131101.003_f0c\BHDrvx64.sys [x]
S1 ccSet_N360;Norton 360 Settings Manager;c:\windows\system32\drivers\N360x64\140400 0.028\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N3 60x64\1404000.028\ccSetx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\2 0131107.001\IDSvia64.sys;c:\programdata\Norton\{0C 55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.1.0.24\Definitions\IPSDefs\2 0131107.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1404000 .028\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360 x64\1404000.028\Ironx64.SYS [x]
S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\N360x64\1404000 .028\SYMNETS.SYS;c:\windows\SYSNATIVE\drivers\N360 x64\1404000.028\SYMNETS.SYS [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\window s\SYSNATIVE\atiesrxx.exe [x]
S2 BcmBtRSupport;Bluetooth Driver Management Service;c:\windows\system32\BtwRSupportService.exe ;c:\windows\SYSNATIVE\BtwRSupportService.exe [x]
S2 FPLService;TrueSuiteService;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe;c:\program files (x86)\HP SimplePass 2011\TrueSuiteService.exe [x]
S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windo ws\SYSNATIVE\Hpservice.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 N360;Norton 360;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe;c:\program files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 clwvd;CyberLink WebCam Virtual Driver;c:\windows\system32\DRIVERS\clwvd.sys;c:\wi ndows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\ windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdp md64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c: \windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c: \windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c: \windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c: \windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 wdkmd;Intel WiDi KMD;c:\windows\system32\DRIVERS\WDKMD.sys;c:\windo ws\SYSNATIVE\DRIVERS\WDKMD.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\ active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-11-22 21:18 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-11-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2013-03-14 22:27]
.
2013-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27 04:01]
.
2013-11-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-08-27 04:01]
.
2013-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932801922-4055107209-388028677-1000Core.job
- c:\users\user\AppData\Local\Google\Update\GoogleUp date.exe [2012-04-22 07:34]
.
2013-11-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3932801922-4055107209-388028677-1000UA.job
- c:\users\user\AppData\Local\Google\Update\GoogleUp date.exe [2012-04-22 07:34]
.
2013-11-03 c:\windows\Tasks\HPCeeScheduleForuser.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\00 Zecter]
@="{D25B32FE-CB96-491A-98FF-AD59DA382D69}"
[HKEY_CLASSES_ROOT\CLSID\{D25B32FE-CB96-491A-98FF-AD59DA382D69}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\01 Zecter]
@="{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}"
[HKEY_CLASSES_ROOT\CLSID\{EB24CA6D-F315-4A81-AC1A-C79CFD77F3F5}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\02 Zecter]
@="{B3C78E40-6B64-47C3-AE34-60B770881EB8}"
[HKEY_CLASSES_ROOT\CLSID\{B3C78E40-6B64-47C3-AE34-60B770881EB8}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\03 Zecter]
@="{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}"
[HKEY_CLASSES_ROOT\CLSID\{622AFE52-33F6-4D9F-9966-E0BC52D7D69D}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\shelliconoverlayidentifiers\04 Zecter]
@="{855156F0-2A0F-11DE-8C30-0800200C9A66}"
[HKEY_CLASSES_ROOT\CLSID\{855156F0-2A0F-11DE-8C30-0800200C9A66}]
2010-12-11 02:32 2240000 ----a-w- c:\program files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-07-21 8192]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-07-27 1935120]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2012-04-28 1128448]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-31 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-31 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-31 416024]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.co.nz/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.1.254
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N 360]
"ImagePath"="\"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\diMaster.dll\" /prefetch:1"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil 64_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil6 4_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA 0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE 38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil 32_11_9_900_117_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil3 2_11_9_900_117_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11 _9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11 _9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11 _9_900_117.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11 _9_900_117.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CL SID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\In terface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\program files (x86)\CyberLink\YouCam\YCMMirage.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
************************************************** ************************
.
Completion time: 2013-11-09 12:14:59 - machine was rebooted
ComboFix-quarantined-files.txt 2013-11-08 23:14
.
Pre-Run: 672,959,250,432 bytes free
Post-Run: 672,981,659,648 bytes free
.
- - End Of File - - D944992C4D365421C23D3BD0FC43F272

AppleFan
09-11-2013, 12:30 PM
i think this may not help , so can u recommend me a program where to clear out junk programs , processess and etc . Thansk

feersumendjinn
09-11-2013, 12:48 PM
http://pcdecrapifier.com/
http://www.piriform.com/ccleaner
http://technet.microsoft.com/en-us/sysinternals/bb795533.aspx

pcuser42
09-11-2013, 01:19 PM
Post a HijackThis log as well and someone will take a look at it. :)

Speedy Gonzales
09-11-2013, 01:21 PM
Would be easier if you install ccleaner / click on advanced so you can untick chrome so it wont install. Then go to tools / uninstall. Then click on save to txt file. Then copy and paste what comes up in here. It'll tell us whats installed. Do the same under tools / startup. So we can see whats in startup

AppleFan
09-11-2013, 01:54 PM
hey speed could not find chrome in advanced .And so here what comes up -
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 9/10/2013 6.00 MB 11.9.900.117
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 9/10/2013 6.00 MB 11.9.900.117
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 31/05/2012 22.6 MB 3.0.838.0
Apple Application Support Apple Inc. 4/10/2013 64.0 MB 2.3.6
Apple Mobile Device Support Apple Inc. 4/10/2013 25.0 MB 7.0.0.117
Apple Software Update Apple Inc. 8/01/2013 2.38 MB 2.1.3.127
Bonjour Apple Inc. 8/01/2013 2.00 MB 3.0.0.10
Broadcom 2070 Bluetooth 3.0 Broadcom Corporation 19/04/2012 183 MB 6.3.0.6300
CCleaner Piriform 19/09/2013 4.06
CyberLink DVD Suite CyberLink Corp. 14/01/2011 37.6 MB 7.0.3525
CyberLink YouCam CyberLink Corp. 19/04/2012 102 MB 3.2.1.3609
Energy Star Digital Logo Hewlett-Packard 19/04/2012 300 KB 1.0.1
Google Chrome Google Inc. 22/04/2012 30.0.1599.101
HP 3D DriveGuard Hewlett-Packard Company 28/04/2012 6.99 MB 4.1.9.1
HP CloudDrive Zecter Inc. 20/04/2012
HP Documentation Hewlett-Packard 19/04/2012 339 MB 1.1.0.0
HP Games WildTangent 20/04/2012 1.0.1.5
HP On Screen Display Hewlett-Packard Company 28/04/2012 1.48 MB 1.3.5
HP Power Manager Hewlett-Packard Company 28/04/2012 3.65 MB 1.4.4
HP Product Detection HP 5/10/2013 4.50 MB 11.15.0009
HP Quick Launch Hewlett-Packard Company 28/04/2012 7.11 MB 2.5.2
HP Setup Hewlett-Packard Company 14/01/2011 8.4.4487.3576
HP Setup Manager Hewlett-Packard Company 19/04/2012 6.03 MB 1.0.12845.3522
HP SimplePass 2011 Hewlett-Packard 19/04/2012 32.4 MB 5.0.1.448
HP Software Framework Hewlett-Packard Company 28/04/2012 4.74 MB 4.1.13.1
HP Support Assistant Hewlett-Packard Company 28/12/2012 91.5 MB 7.0.39.15
HP Wireless Assistant Hewlett-Packard Company 14/01/2011 5.60 MB 4.0.10.0
iCloud Apple Inc. 13/10/2013 156 MB 3.0.2.163
IDT Audio IDT 28/04/2012 1.0.6345.0
Intel(R) Control Center Intel Corporation 28/04/2012 1.2.1.1007
Intel(R) Display Audio Driver Intel Corporation 31/05/2012 6.14.00.3074
Intel(R) Management Engine Components Intel Corporation 20/04/2012 7.0.0.1144
Intel(R) PROSet/Wireless WiFi Software Intel Corporation 28/04/2012 112 MB 14.2.0000
Intel(R) Rapid Storage Technology Intel Corporation 28/04/2012 10.6.0.1002
Intel(R) Wireless Display Intel Corporation 19/04/2012 119 MB 2.0.27.0
iTunes Apple Inc. 9/11/2013 215 MB 11.1.3.8
LabelPrint CyberLink Corp. 14/01/2011 281 MB 2.5.3429
LightScribe System Software LightScribe 19/04/2012 25.0 MB 1.18.20.1
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 9/10/2012 38.8 MB 4.0.30320
Microsoft Office File Validation Add-In Microsoft Corporation 24/04/2012 7.95 MB 14.0.5130.5003
Microsoft Office Home and Student 2007 Microsoft Corporation 21/04/2012 12.0.6612.1000
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 14/01/2011 1.69 MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 21/04/2012 300 KB 8.0.61001
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 14/01/2011 788 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 19/04/2012 784 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 21/04/2012 788 KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 19/04/2012 596 KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 19/04/2012 592 KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 21/04/2012 600 KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 15/10/2013 5.84 MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 8/09/2012 16.5 MB 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 Microsoft Corporation 14/10/2013 20.5 MB 11.0.60610.1
Norton 360 Premier Edition Symantec Corporation 23/08/2013 20.4.0.40
PictureMover Hewlett-Packard Company 19/04/2012 61.5 MB 3.5.0.35
Power2Go CyberLink Corp. 14/01/2011 198 MB 6.1.4725
Realtek Ethernet Controller Driver Realtek 28/04/2012 7.41.216.2011
Realtek PCIE Card Reader Realtek Semiconductor Corp. 28/04/2012 6.1.7601.83
Renesas Electronics USB 3.0 Host Controller Driver Renesas Electronics Corporation 28/04/2012 685 KB 2.1.19.0
Synaptics TouchPad Driver Synaptics Incorporated 23/04/2012 46.4 MB 15.3.29.0
Validity WBF DDK Validity Sensors, Inc. 3/05/2012 23.5 MB 4.3.205.0
Visual Studio 2010 x64 Redistributables AVG Technologies 8/09/2012 12.4 MB 13.0.0.1
Windows Live Essentials Microsoft Corporation 14/01/2011 15.4.3508.1109
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 14/01/2011 5.57 MB 15.4.5722.2


And for start up -
Yes HKCU:Run LightScribe Control Panel Hewlett-Packard Company C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
Yes HKLM:Run APSDaemon Apple Inc. "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
Yes HKLM:Run HotKeysCmds Intel Corporation C:\Windows\system32\hkcmd.exe
Yes HKLM:Run HP Quick Launch Hewlett-Packard Development Company, L.P. C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
Yes HKLM:Run HPOSD Hewlett-Packard Development Company, L.P. C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
Yes HKLM:Run HPWirelessAssistant C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
Yes HKLM:Run IAStorIcon Intel Corporation C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe
Yes HKLM:Run IntelPAN Intel(R) Corporation "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel PAN Tray
Yes HKLM:Run iTunesHelper Apple Inc. "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
Yes HKLM:Run NUSB3MON Renesas Electronics Corporation "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
Yes HKLM:Run Persistence Intel Corporation C:\Windows\system32\igfxpers.exe
Yes HKLM:Run StartCCC Advanced Micro Devices, Inc. "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
Yes HKLM:Run SynTPEnh Synaptics Incorporated %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
Yes HKLM:Run SysTrayApp IDT, Inc. C:\Program Files\IDT\WDM\sttray64.exe
No Startup Common Bluetooth.lnk Broadcom Corporation. C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe
No Startup Common Snapfish PictureMover.lnk Hewlett-Packard Company C:\PROGRA~2\PICTUR~1\Bin\PICTUR~1.EXE -det
Yes Extension Blog This Microsoft Corporation C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
Yes Extension Launches HP Network Check that helps you solve connection issues Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromI E.exe
Yes Extension Research Microsoft Corporation C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
No Extension Send To Bluetooth C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
Yes Extension Send to OneNote Microsoft Corporation C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
Yes Helper HP Network Check Helper Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP lugin.dll
Yes Helper HP Network Check Helper Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckP luginx64.dll
No Helper Norton Identity Protection Symantec Corporation C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll
Yes Helper Norton Vulnerability Protection Symantec Corporation C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL
No Helper TrueSuite Website Log On HP C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll
No Helper TrueSuite Website Log On HP C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corp. C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Helper Windows Live ID Sign-in Helper Microsoft Corp. C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
No Toolbar Norton Toolbar Symantec Corporation C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll
Yes App Gmail 7 First user C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia\7_1
Yes App Google Search 0.0.0.20 First user C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf\0.0.0.20_0
Yes App YouTube 4.2.6 First user C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo\4.2.6_0
Yes Extension Google Wallet 0.0.5.0 First user C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda\0.0.5.0_0
Yes Task Adobe Flash Player Updater Adobe Systems Incorporated C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
Yes Task Apple Diagnostics Apple Inc. C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskUserS-1-5-21-3932801922-4055107209-388028677-1000Core Google Inc. C:\Users\user\AppData\Local\Google\Update\GoogleUp date.exe /c
Yes Task GoogleUpdateTaskUserS-1-5-21-3932801922-4055107209-388028677-1000UA Google Inc. C:\Users\user\AppData\Local\Google\Update\GoogleUp date.exe /ua /installsource scheduler
Yes Task HPCeeScheduleForuser Hewlett-Packard C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForuser (null)
Yes Task ServicePlan Hewlett-Packard Company "C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe" ServicePlan ShowMessageTask15D
Yes Task SidebarExecute Microsoft Corporation C:\Program Files\Windows Sidebar\sidebar.exe /addGadget
Yes Task {1AC2E074-384B-436E-9946-802ED9ACD753} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\user\AppData\Local\Temp\Temp1_pbsetup.zip \pbsetup.exe
Yes Task {CA02CEBB-3733-4683-B58C-93077461078B} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Yes Directory BUContextMenu Symantec Corporation C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\buShell.dll
Yes Directory Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\NavShExt.dll"
Yes Directory Zecter Versionate Inc. C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll
Yes Drive Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\NavShExt.dll"
Yes File BUContextMenu Symantec Corporation C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\buShell.dll
Yes File PhotoStreamsExt Apple Inc. C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
Yes File Symantec.Norton.Antivirus.IEContextMenu Symantec Corporation "C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\NavShExt.dll"
Yes File Zecter Versionate Inc. C:\Program Files (x86)\Hewlett-Packard\HP CloudDrive\ShellExt64.dll

AppleFan
09-11-2013, 01:56 PM
basically I my goal is to clear this off because I want to try and improve battery life . Which I have researched that most programs and processes are main cause for this , so if you could let me know which ones , thanks .

Speedy Gonzales
09-11-2013, 03:14 PM
Go to tools /; startup in ccleaner. Delete these entries they dont have to run on startup

Yes HKCU:Run LightScribe Control Panel Hewlett-Packard Company C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

Yes HKLM:Run SysTrayApp IDT, Inc. C:\Program Files\IDT\WDM\sttray64.exe

Yes HKLM:Run IgfxTray Intel Corporation C:\Windows\system32\igfxtray.exe

If Avast has been uninstalled go to tools startup / scheduled tasks in ccleaner delete this Yes Task {CA02CEBB-3733-4683-B58C-93077461078B} Microsoft Corporation C:\Windows\system32\pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup. Then use its removal tool (http://www.avast.com/en-nz/uninstall-utility)

I dont know what this task belongs to but it maybe nasty if its running from this folder Yes Task {1AC2E074-384B-436E-9946-802ED9ACD753} Microsoft Corporation C:\Windows\system32\pcalua.exe -a C:\Users\user\AppData\Local\Temp\Temp1_pbsetup.zip \pbsetup.exe. It may belong to punkbuster?

Although I dont think fixing the above will improve the battery

AppleFan
10-11-2013, 02:53 PM
hey speed done the things u told me to do , removed the entries on start up , the three of them and avast has been removed .
Yes punk buster is a program I download recently but deleted it , it is came from a site called orgins to play battlefield 4 . But now it is deleted . I have run malware checks and none detected til now , so is there any program apart from malware bytes ,and combofix which is pretty good for spotting malware . If u can find , let me know . thanks for help .

Speedy Gonzales
10-11-2013, 03:17 PM
tdsskiller to scan for rootkits

AppleFan
10-11-2013, 03:32 PM
thanks will run that later and see if any nasty is seen . Thanks once again speedy .