Over 1 million tech questions and answers.

Ads playing in background and "Missing Plug In" pop out windows

Q: Ads playing in background and "Missing Plug In" pop out windows

Hello, a couple of weeks ago, some random ads started playing in the background of my computer, mostly when I started Chrome. I couldn't tell the source of these ads since I didn't have any other programs running, but Chrome. This has happened to me almost every day along with these annoying pop out windows with a message: "Missing Plugin! Click here to download". Somebody recommended to run TDSSKiller, which I did, but it didn't find any threats.

I really hope you can help me out with this one. Thanks in advance!
OS: Windows 8

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:05:14 PM, on 2/19/2013
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v10.0 (10.00.9200.16482)
Boot mode: Normal

Running processes:
C:\windows\syswow64\wwahost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ana\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ana\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://samsung13.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank" class="wLink">http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://samsung13.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.27010003&st=12&barid={565DC01D-7340-4F35-BBD8-7366CE8DBE0F}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coIEPlg.dll
O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\IPS\IPSBHO.DLL
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [HP Officejet 6700 (NET)] "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN26J3H1DV05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_DB17FE78C49A2158FE9B733AF3BC8697] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - Startup: Monitor Ink Alerts - HP Officejet 6700 (Network).lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O9 - Extra 'Tools' menuitem: Send to Bluetooth - {2F56DCAA-153B-4479-B4E2-547405B34FB9} - C:\Program Files (x86)\Intel\Bluetooth\btSendToPage.htm (HKCU)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: Intel® Centrino® Wireless Bluetooth® + High Speed Service (AMPPALR3) - Intel Corporation - C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bluetooth Device Monitor - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
O23 - Service: Bluetooth OBEX Service - Motorola Solutions, Inc. - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service (BTHSSecurityMgr) - Intel(R) Corporation - C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Easy Launcher - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Wireless PAN DHCP Server (MyWiFiDHCPDNS) - Unknown owner - C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Zero Configuration Service (ZeroConfigService) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe

--
End of file - 13215 bytes

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16482
Run by Ana at 14:14:21 on 2013-02-19
Microsoft Windows 8 6.2.9200.0.1252.1.1033.18.7894.5235 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\system32\dashost.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe
C:\windows\System32\dwm.exe
C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccSvcHst.exe
C:\windows\system32\taskhostex.exe
C:\windows\Explorer.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4396.1016_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\System32\RuntimeBroker.exe
C:\windows\system32\igfxext.exe
C:\windows\syswow64\wwahost.exe
C:\Program Files (x86)\Samsung\Settings\sSettings.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\RunDll32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\Samsung\S Agent\CommonAgent.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ana\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
C:\windows\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\windows\system32\SearchFilterHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\SearchProtocolHost.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uDefault_Page_URL = hxxp://samsung13.msn.com
mStart Page = hxxp://home.sweetim.com/?crg=3.27010003&st=12&barid={565DC01D-7340-4F35-BBD8-7366CE8DBE0F}
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ips\ipsbho.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: SweetPacks Browser Helper: {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
TB: SweetPacks Toolbar for Internet Explorer: {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
uRun: [Google Update] "C:\Users\Ana\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [HP Officejet 6700 (NET)] "C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe" -deviceID "CN26J3H1DV05RQ:NW" -scfn "HP Officejet 6700 (NET)" -AutoStart 1
uRun: [GoogleChromeAutoLaunch_DB17FE78C49A2158FE9B733AF3BC8697] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
mRun: [Intel AppUp(SM) center] "C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe" --domain-id F0399437-FD0C-4A48-B101-F0314A6172E4
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
StartupFolder: C:\Users\Ana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Officejet 6700 (Network).lnk - C:\windows\System32\RunDll32.exe
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{00336A93-E638-4C79-A6A0-E96677BA580F} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7965A9C8-548F-4FBF-8111-A98256365314} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{7965A9C8-548F-4FBF-8111-A98256365314}\A45514E45435 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{7965A9C8-548F-4FBF-8111-A98256365314}\E4544574541425 : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\windows\System32\Drivers\iaStorA.sys [2012-8-30 645952]
R1 ccSet_NARA;NARA Settings Manager;C:\windows\System32\Drivers\NARAx64\0401000.00B\ccSetx64.sys [2012-8-30 168608]
R1 CLVirtualDrive;CLVirtualDrive;C:\windows\System32\Drivers\CLVirtualDrive.sys [2012-8-30 92536]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2012-7-16 731688]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2012-8-30 1091520]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2012-8-30 1112000]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-5-1 135952]
R2 Easy Launcher;Easy Launcher;C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [2012-9-5 1593976]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-8-30 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-8-30 165760]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.2.1.22\ccsvchst.exe [2013-1-18 143928]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2012-7-10 3939008]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service;C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-12-6 794272]
R2 SWUpdateService;SW Update Service;C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-12-27 2879176]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-8-30 364416]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\windows\System32\Drivers\AmpPal.sys [2012-7-16 162344]
R3 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130208.001\BHDrvx64.sys [2013-2-12 1388120]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\windows\System32\Drivers\btmaux.sys [2012-8-30 110592]
R3 btmhsf;btmhsf;C:\windows\System32\Drivers\btmhsf.sys [2012-8-30 825344]
R3 ccSet_NIS;Norton Internet Security Settings Manager;C:\windows\System32\Drivers\NISx64\1402010.016\ccsetx64.sys [2013-1-18 168096]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-11-16 138912]
R3 ETD;Samsung PS/2 Port Input Device;C:\windows\System32\Drivers\ETD.sys [2012-8-14 313712]
R3 iBtFltCoex;iBtFltCoex;C:\windows\System32\Drivers\iBtFltCoex.sys [2012-8-30 55848]
R3 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130216.001\IDSviA64.sys [2013-2-18 513184]
R3 IntcDAud;Intel(R) Display Audio;C:\windows\System32\Drivers\IntcDAud.sys [2012-6-18 342528]
R3 NETwNe64;@oem2.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\windows\System32\Drivers\NETwew00.sys [2012-8-7 4273192]
R3 RadioHIDMini;Radio HID Mini-driver;C:\windows\System32\Drivers\RadioHIDMini.sys [2012-8-4 23408]
R3 RTL8168;Realtek 8168 NT Driver;C:\windows\System32\Drivers\Rt630x64.sys [2012-8-29 683664]
R3 SymDS;Symantec Data Store;C:\windows\System32\Drivers\NISx64\1402010.016\symds64.sys [2013-1-18 493216]
R3 SymEFA;Symantec Extended File Attributes;C:\windows\System32\Drivers\NISx64\1402010.016\symefa64.sys [2013-1-18 1133216]
R3 SymIRON;Symantec Iron Driver;C:\windows\System32\Drivers\NISx64\1402010.016\ironx64.sys [2013-1-18 224416]
R3 SymNetS;Symantec Network Security WFP Driver;C:\windows\System32\Drivers\NISx64\1402010.016\symnets.sys [2013-1-18 432800]
S0 SymELAM;Symantec ELAM Driver;C:\windows\System32\Drivers\NISx64\1402010.016\symelam.sys [2013-1-18 23448]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2012-7-17 2699568]
S3 AMPPALP;Intel® Centrino® Wireless Bluetooth® + High Speed Protocol;C:\windows\System32\Drivers\AmpPal.sys [2012-7-16 162344]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2012-7-17 272176]
S3 RTL8192cu;Realtek RTL8192CU Wireless LAN 802.11n USB 2.0 Network Adapter;C:\windows\System32\Drivers\rtwlanu.sys [2012-6-2 1051752]
S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\Drivers\usbaapl64.sys [2012-7-9 52736]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== Created Last 30 ================
.
2013-02-16 16:51:32 1690624 ----a-w- C:\windows\System32\GdiPlus.dll
2013-02-16 16:51:32 1437696 ----a-w- C:\windows\SysWow64\GdiPlus.dll
2013-02-14 21:06:08 4055552 ----a-w- C:\windows\System32\win32k.sys
2013-02-14 19:19:59 78176 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-14 19:19:58 692576 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2013-02-14 17:56:30 206016 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10193.bin
2013-02-14 17:33:42 6967016 ----a-w- C:\windows\System32\ntoskrnl.exe
2013-02-14 06:32:07 2226408 ----a-w- C:\windows\System32\drivers\tcpip.sys
2013-02-13 20:20:18 817664 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-13 20:20:18 1084416 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-09 02:14:00 -------- d-----w- C:\Program Files\iPod
2013-02-09 02:13:59 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-09 02:13:59 -------- d-----w- C:\Program Files\iTunes
2013-02-09 02:13:59 -------- d-----w- C:\Program Files (x86)\iTunes
.
==================== Find3M ====================
.
2013-01-16 00:35:49 44032 ----a-w- C:\windows\SysWow64\UXInit.dll
2013-01-16 00:31:26 53760 ----a-w- C:\windows\System32\UXInit.dll
2013-01-10 01:53:32 28904 ----a-w- C:\windows\System32\drivers\msgpiowin32.sys
2013-01-10 01:40:39 1448168 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys
2013-01-10 01:40:38 303848 ----a-w- C:\windows\System32\drivers\dxgmms1.sys
2013-01-10 01:39:29 194280 ----a-w- C:\windows\System32\drivers\sdbus.sys
2013-01-10 01:39:22 124648 ----a-w- C:\windows\System32\drivers\dumpsd.sys
2013-01-10 01:29:56 91880 ----a-w- C:\windows\System32\drivers\partmgr.sys
2013-01-10 01:29:54 1934056 ----a-w- C:\windows\System32\drivers\ntfs.sys
2013-01-10 01:29:21 785504 ----a-w- C:\windows\System32\drivers\Wdf01000.sys
2013-01-09 23:26:53 83968 ----a-w- C:\windows\SysWow64\wiaacmgr.exe
2013-01-09 23:26:46 1611776 ----a-w- C:\windows\SysWow64\mmc.exe
2013-01-09 23:26:35 410624 ----a-w- C:\windows\SysWow64\Windows.Networking.dll
2013-01-09 23:26:35 261120 ----a-w- C:\windows\SysWow64\Windows.Media.dll
2013-01-09 23:26:23 1752064 ----a-w- C:\windows\SysWow64\setupapi.dll
2013-01-09 23:26:20 67584 ----a-w- C:\windows\SysWow64\samlib.dll
2013-01-09 23:26:08 115712 ----a-w- C:\windows\SysWow64\netprofm.dll
2013-01-09 23:26:04 890880 ----a-w- C:\windows\SysWow64\msctf.dll
2013-01-09 23:26:03 436736 ----a-w- C:\windows\SysWow64\MP4SDECD.DLL
2013-01-09 23:23:32 95232 ----a-w- C:\windows\System32\wiaacmgr.exe
2013-01-09 23:23:25 2094592 ----a-w- C:\windows\System32\mmc.exe
2013-01-09 23:23:23 240640 ----a-w- C:\windows\System32\fsquirt.exe
2013-01-09 23:23:18 256000 ----a-w- C:\windows\System32\WSDMon.dll
2013-01-09 23:23:16 1964544 ----a-w- C:\windows\System32\wlidsvc.dll
2013-01-09 23:23:14 594944 ----a-w- C:\windows\System32\Windows.Networking.dll
2013-01-09 23:23:14 406016 ----a-w- C:\windows\System32\Windows.Media.dll
2013-01-09 23:23:07 1886208 ----a-w- C:\windows\System32\setupapi.dll
2013-01-09 23:23:05 728064 ----a-w- C:\windows\System32\samsrv.dll
2013-01-09 23:22:53 464384 ----a-w- C:\windows\System32\netprofmsvc.dll
2013-01-09 23:22:53 151040 ----a-w- C:\windows\System32\netprofm.dll
2013-01-09 23:22:43 1120768 ----a-w- C:\windows\System32\msctf.dll
2013-01-09 23:22:41 666112 ----a-w- C:\windows\System32\MP4SDECD.DLL
2013-01-09 23:22:35 438272 ----a-w- C:\windows\System32\lsm.dll
2013-01-09 23:22:29 894464 ----a-w- C:\windows\System32\iphlpsvc.dll
2013-01-09 23:22:29 159232 ----a-w- C:\windows\System32\inetpp.dll
2013-01-09 23:22:26 49152 ----a-w- C:\windows\System32\drivers\UMDF\HidBthLE.dll
2013-01-09 23:22:05 1918464 ----a-w- C:\windows\System32\wbem\cimwin32.dll
2013-01-09 03:59:47 341504 ----a-w- C:\windows\System32\drivers\HdAudio.sys
2013-01-09 03:59:16 74752 ----a-w- C:\windows\System32\drivers\BTHUSB.SYS
2013-01-09 03:58:34 51712 ----a-w- C:\windows\System32\drivers\bthenum.sys
2013-01-09 03:57:50 1175040 ----a-w- C:\windows\System32\drivers\bthport.sys
2013-01-04 05:32:36 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb
2013-01-04 04:19:53 2706432 ----a-w- C:\windows\System32\mshtml.tlb
2012-12-20 00:37:37 1775616 ----a-w- C:\windows\SysWow64\wininet.dll
2012-12-20 00:37:04 2881536 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-12-20 00:37:02 61440 ----a-w- C:\windows\SysWow64\iesetup.dll
2012-12-20 00:37:02 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll
2012-12-20 00:36:50 431616 ----a-w- C:\windows\apppatch\AcSpecfc.dll
2012-12-20 00:29:16 2246656 ----a-w- C:\windows\System32\wininet.dll
2012-12-20 00:29:11 907776 ----a-w- C:\windows\System32\uxtheme.dll
2012-12-20 00:28:29 3966464 ----a-w- C:\windows\System32\jscript9.dll
2012-12-20 00:28:26 136704 ----a-w- C:\windows\System32\iesysprep.dll
2012-12-20 00:28:04 39936 ----a-w- C:\windows\apppatch\apppatch64\acspecfc.dll
2012-12-18 01:56:27 534528 ----a-w- C:\windows\SysWow64\uxtheme.dll
2012-12-16 08:28:20 46080 ----a-w- C:\windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w- C:\windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w- C:\windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w- C:\windows\SysWow64\atmfd.dll
2012-12-06 04:23:00 170496 ----a-w- C:\windows\System32\TimeBrokerServer.dll
2012-12-06 04:22:59 178176 ----a-w- C:\windows\System32\SystemEventsBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w- C:\windows\System32\sppwinob.dll
2012-11-29 05:05:57 707584 ----a-w- C:\windows\System32\AppXDeploymentExtensions.dll
2012-11-29 05:05:57 1131520 ----a-w- C:\windows\System32\AppXDeploymentServer.dll
2012-11-27 06:59:13 329960 ----a-w- C:\windows\System32\drivers\storport.sys
2012-11-27 06:39:46 1122768 ----a-w- C:\windows\System32\Taskmgr.exe
2012-11-27 04:49:20 1027152 ----a-w- C:\windows\SysWow64\Taskmgr.exe
2012-11-27 04:20:50 1048064 ----a-w- C:\windows\SysWow64\mstsc.exe
2012-11-27 04:20:42 179200 ----a-w- C:\windows\SysWow64\wpnapps.dll
2012-11-27 04:20:35 891904 ----a-w- C:\windows\SysWow64\winmde.dll
2012-11-27 04:20:31 798208 ----a-w- C:\windows\SysWow64\WebcamUi.dll
2012-11-27 04:20:29 46592 ----a-w- C:\windows\SysWow64\vds_ps.dll
2012-11-27 04:20:28 560128 ----a-w- C:\windows\SysWow64\UserLanguagesCpl.dll
2012-11-27 04:20:23 1217536 ----a-w- C:\windows\SysWow64\storagewmi.dll
2012-11-27 04:20:15 680960 ----a-w- C:\windows\System32\vds.exe
2012-11-27 04:20:07 702464 ----a-w- C:\windows\SysWow64\nshwfp.dll
2012-11-27 04:20:07 1123840 ----a-w- C:\windows\System32\mstsc.exe
2012-11-27 04:19:52 5088256 ----a-w- C:\windows\SysWow64\mstscax.dll
2012-11-27 04:19:50 244736 ----a-w- C:\windows\System32\wpnapps.dll
2012-11-27 04:19:48 1096704 ----a-w- C:\windows\System32\wmpmde.dll
2012-11-27 04:19:42 1145856 ----a-w- C:\windows\System32\winmde.dll
2012-11-27 04:19:37 955904 ----a-w- C:\windows\System32\WebcamUi.dll
2012-11-27 04:19:33 631808 ----a-w- C:\windows\System32\UserLanguagesCpl.dll
2012-11-27 04:19:32 245248 ----a-w- C:\windows\System32\usbmon.dll
2012-11-27 04:19:25 173568 ----a-w- C:\windows\System32\storewuauth.dll
2012-11-27 04:19:25 1536512 ----a-w- C:\windows\System32\storagewmi.dll
2012-11-27 04:19:22 245248 ----a-w- C:\windows\SysWow64\FWPUCLNT.DLL
2012-11-27 04:19:09 3245568 ----a-w- C:\windows\System32\rdpcorets.dll
2012-11-27 04:19:02 2033664 ----a-w- C:\windows\SysWow64\authui.dll
2012-11-27 04:18:59 888832 ----a-w- C:\windows\System32\nshwfp.dll
2012-11-27 04:18:39 5974528 ----a-w- C:\windows\System32\mstscax.dll
2012-11-27 04:18:13 1071104 ----a-w- C:\windows\System32\IKEEXT.DLL
2012-11-27 04:18:06 378880 ----a-w- C:\windows\System32\FWPUCLNT.DLL
2012-11-27 04:17:32 718848 ----a-w- C:\windows\System32\BFE.DLL
2012-11-27 04:17:31 2302464 ----a-w- C:\windows\System32\authui.dll
2012-11-27 03:57:32 18432 ----a-w- C:\windows\System32\drivers\BtaMPM.sys
2012-11-27 03:56:29 31104 ----a-w- C:\windows\System32\drivers\BthAvrcpTg.sys
2012-11-27 03:55:44 29952 ----a-w- C:\windows\System32\drivers\BthhfHid.sys
2012-11-26 04:21:18 71168 ----a-w- C:\windows\SysWow64\ncryptsslp.dll
2012-11-26 04:20:09 86016 ----a-w- C:\windows\System32\ncryptsslp.dll
.
============= FINISH: 14:15:08.73 ===============

DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume2
Install Date: 11/9/2012 12:21:46 AM
System Uptime: 2/18/2013 12:37:18 PM (26 hours ago)
.
Motherboard: SAMSUNG ELECTRONICS CO., LTD. | | NP520U4C-A01UB
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz | CPU Socket - U3E1 | 1200/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 675 GiB total, 614.96 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP15: 1/26/2013 1:28:24 PM - Installed SW Update
RP16: 2/3/2013 2:27:38 PM - Scheduled Checkpoint
RP17: 2/8/2013 10:07:31 PM - Windows Update
RP18: 2/13/2013 2:12:59 PM - Windows Update
RP19: 2/16/2013 9:03:03 PM - Windows Update
.
==== Installed Programs ======================
.
Adobe Reader X (10.1.5) MUI
Adobe Shockwave Player 11.6
Allshare Play Link
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Bonjour
CyberLink Power2Go 8
CyberLink PowerDVD 10
D3DX10
E-POP
Easy File Share
ETDWare PS/2-X64 11.7.2.1_WHQL
Facebook Video Calling 1.2.0.287
Galerie de photos
Galería de fotos
Google Chrome
Google Talk Plugin
Google Update Helper
Help Desk
HP Officejet 6700 Basic Device Software
Intel AppUp(SM) center
Intel PROSet Wireless
Intel(R) Manageability Engine Firmware Recovery Agent
Intel(R) Management Engine Components
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
Intel(R) Rapid Storage Technology
Intel(R) SDK for OpenCL - CPU Only Runtime Package
Intel® PROSet/Wireless WiFi Software
Intel® Trusted Connect Service Client
Internet Explorer Toolbar 4.6 by SweetPacks
iTunes
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Ultimate 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
MSVCRT
MSVCRT110
MSVCRT110_amd64
Norton Internet Security
Norton Online Backup
Norton Online Backup ARA
PC Tools Registry Mechanic 11.1
Photo Common
Photo Gallery
Plants vs. Zombies
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Recovery
S Agent
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Settings
Support Center
Support Center FAQ
SW Update
SweetIM for Messenger 3.7
SweetPacks bundle uninstaller
swMSM
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2767848) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
Update Manager for SweetPacks 1.1
User Guide
Windows Driver Package - Samsung Electronics Co. Ltd. (RadioHIDMini) HIDClass (07/27/2012 20.57.1.735)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
WinRAR 4.20 (32-bit)
Xerox PhotoCafe
.
==== Event Viewer Messages From Past Week ========
.
2/18/2013 8:32:35 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 43. The Windows SChannel error state is 552.
2/18/2013 8:32:35 PM, Error: Schannel [36884] - The certificate received from the remote server does not contain the expected name. It is therefore not possible to determine whether we are connecting to the correct server. The server name we were expecting is relay.l.google.com. The SSL connection request has failed. The attached data contains the server certificate.
2/18/2013 12:38:34 PM, Error: Service Control Manager [7023] -
2/14/2013 10:49:05 PM, Error: Schannel [36888] - A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
.
==== End Of File ===========================

GMER 2.1.18952 - http://www.gmer.net
Rootkit scan 2013-02-19 14:30:01
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000040 Hitachi_HTS547575A9E384 rev.JE4OA50A 698.64GB
Running: 0i635xok.exe; Driver: C:\Users\Ana\AppData\Local\Temp\uxloqpob.sys
---- User code sections - GMER 2.1 ----

.text C:\windows\system32\WLANExt.exe[1260] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\windows\system32\WLANExt.exe[1260] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\windows\system32\WLANExt.exe[1260] C:\windows\system32\MSIMG32.dll!GradientFill + 690 000007fd08cd1532 4 bytes [CD, 08, FD, 07]
.text C:\windows\system32\WLANExt.exe[1260] C:\windows\system32\MSIMG32.dll!GradientFill + 698 000007fd08cd153a 4 bytes [CD, 08, FD, 07]
.text C:\windows\system32\WLANExt.exe[1260] C:\windows\system32\MSIMG32.dll!TransparentBlt + 246 000007fd08cd165a 4 bytes [CD, 08, FD, 07]
.text C:\windows\System32\spoolsv.exe[1412] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\windows\System32\spoolsv.exe[1412] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1884] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd08cd1532 4 bytes [CD, 08, FD, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1884] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd08cd153a 4 bytes [CD, 08, FD, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1884] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd08cd165a 4 bytes [CD, 08, FD, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1884] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1884] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1884] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007fd07411b32 4 bytes [41, 07, FD, 07]
.text C:\Program Files\Intel\WiFi\bin\EvtEng.exe[1884] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007fd07411b3a 4 bytes [41, 07, FD, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1088] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1088] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1088] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd08cd1532 4 bytes [CD, 08, FD, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1088] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd08cd153a 4 bytes [CD, 08, FD, 07]
.text C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe[1088] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd08cd165a 4 bytes [CD, 08, FD, 07]
.text C:\windows\system32\svchost.exe[1764] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\windows\system32\svchost.exe[1764] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe[6204] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 742 000007fd07411b32 4 bytes [41, 07, FD, 07]
.text C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe[6204] C:\windows\SYSTEM32\WSOCK32.dll!recvfrom + 750 000007fd07411b3a 4 bytes [41, 07, FD, 07]
.text C:\windows\Explorer.EXE[3924] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\windows\Explorer.EXE[3924] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Windows\System32\igfxpers.exe[5920] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\Windows\System32\igfxpers.exe[5920] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe[5140] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe[5140] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe[5140] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd08cd1532 4 bytes [CD, 08, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe[5140] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd08cd153a 4 bytes [CD, 08, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\ScanToPCActivationApp.exe[5140] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd08cd165a 4 bytes [CD, 08, FD, 07]
.text C:\windows\system32\RunDll32.exe[6212] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 690 000007fd08cd1532 4 bytes [CD, 08, FD, 07]
.text C:\windows\system32\RunDll32.exe[6212] C:\windows\SYSTEM32\MSIMG32.dll!GradientFill + 698 000007fd08cd153a 4 bytes [CD, 08, FD, 07]
.text C:\windows\system32\RunDll32.exe[6212] C:\windows\SYSTEM32\MSIMG32.dll!TransparentBlt + 246 000007fd08cd165a 4 bytes [CD, 08, FD, 07]
.text C:\windows\system32\RunDll32.exe[6212] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\windows\system32\RunDll32.exe[6212] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe[2484] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicator.exe[2484] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe[6668] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 306 000007fd0ec6177a 4 bytes [C6, 0E, FD, 07]
.text C:\Program Files\HP\HP Officejet 6700\Bin\HPNetworkCommunicatorCom.exe[6668] C:\windows\system32\PSAPI.DLL!GetProcessImageFileNameA + 314 000007fd0ec61782 4 bytes [C6, 0E, FD, 07]

---- Threads - GMER 2.1 ----

Thread C:\Program Files\Windows Media Player\wmpnetwk.exe [6916:1480] 000007fd003d19f8
Thread C:\windows\system32\csrss.exe [1156:2404] fffff960008395e8
Thread C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe [5572:7412] 0000000001240060

---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

RELEVANCY SCORE 200
Preferred Solution: Ads playing in background and "Missing Plug In" pop out windows

I recommend downloading and running DAP. It can help sort out any driver and firmware related issues on your system

It's worked out well for many of us in the past.

You can download it direct from this link http://downloaddap.org. (This link will open the download page of DAP so you can save a copy to your computer.)

A: Ads playing in background and "Missing Plug In" pop out windows

Hello Galadriel87, and welcome to the forum.

My name is nunped and I'll be helping you with any malware problems. I'm an Undergraduate trainee here, and as such my posts to you have to first be checked by a Teacher, because of this my replies to your posts may be slightly delayed. Please be patient and I'm sure we'll be able to resolve your problems.

Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Here are some guidelines for the cleaning process to run as easy as possible.

Please read this topic: Everyone MUST read this BEFORE posting for help in this forum where the conditions for receiving help here are explained.
The instructions being given are for YOUR computer and system only! Using these instructions on a different computer can cause damage to that computer and possibly render it inoperable!
You must have Administrator rights permissions for this computer.
DO NOT run any other fix or removal tools unless instructed to do so!
DO NOT install any other software (or hardware) during the cleaning process. This adds more items to be researched.
Only post your problem at one help site. Applying fixes from multiple help sites can cause problems.
Only reply to this thread. Do not start another thread.
The absence of symptoms does not imply the absence of malware. Please continue responding until I give you the "All Clean".

Read through these instructions with your full attention.
Please ask first if you have any doubts.

I am currently reviewing your logs and will return, as soon as possible, with additional instructions.

Read other 2 answers
RELEVANCY SCORE 89.2

Help! I keep having problems with a little error at the bottom of the Windows Explorer Page that says "Loading Java Applet Failed". I found out how to change the settings which is listed below, problem is: There is no Java Plug In Folder in the Control Panel. Is this normal?
Click the Start menu
Select Settings
Select Control Panel
Double click the "Java Plug-in" icon
Click the "Proxies" Tab
 

A:"Java Plug In Folder" missing from Control Panel

Read other 8 answers
RELEVANCY SCORE 88

Show lock screen background picture on sign-in screen option is missing from Windows 10 1903 Version.
I am unable to set sign-in screen same as lock screen

Vishal

Read other answers
RELEVANCY SCORE 87.2

Hi,

sometimes small things can be a big challenge.
I'm looking to change the background of Windows Media Player 12 in NOW PLAYING mode into pitch black.
Have searched high and low, but meh ...

any ideas please?

A:Change background in WMP 12 in "Playing Now" mode

  
Quote: Originally Posted by Cov


Hi,

sometimes small things can be a big challenge.
I'm looking to change the background of Windows Media Player 12 in NOW PLAYING mode into pitch black.
Have searched high and low, but meh ...

any ideas please?


What are you using to edit WMP? In the past, I have changed a lot of elements in WMP but have reverted back to the original with just some minor changes. I did leave the change I made for the Taskbar toolbar. After registering the dll for that, the Taskbar toolbar was a black image and clashed with my taskbar. Personally, I like the WMP 11 look better but after getting it to work, CPU tended to run a little higher.



I have tossed all my notes I had at one time on what each element that I changed was. Looking at wmploc.dll with Resoruce Hacker, 257 > 5321 looks similar.

Read other 5 answers
RELEVANCY SCORE 86

When I try to set a picture that is in my picture file as desktop background I right click and highlight and click Set As Desktop Background. This used to work but now the ?Set As Desktop Background? is missing from context menu. I have Windows 7 Home Premium. Can you help?

A:Missing "set as desktop background" from picture context menu

Hi and welcome to SevenForums,
Please add which Antivirus and any other third party utility you use for security/ reg cleaners.... to your next post,
Use Clean boot,
http://www.sevenforums.com/tutorials/179159-troubleshoot-application-conflicts-performing-clean-startup.html
Click Start and type in the search box,
msconfig
Click on the suggestion on top or hit the Enter key,
Go to the Startup section and take some screen shots for a complete list,
Go to the Services section and on the bottom left Check the box to Hide All Microsoft services,
Repeat the screen shots,
See the links above my signature on how to take and upload screen shots here,
Cheers.

Read other 5 answers
RELEVANCY SCORE 85.6

I have no idea when this occurred. I lost the onboard video a few weeks ago and installed an nVidea card. But that's about it. If I right click any image type in Windows, the above message does not appear in the context menu. If I right click an image within any browser, I get the option in the context menu.

I've searched and read most threads pertaining to this issue here, but none have helped. I'd wouldn't mind a SysRestore, but I don't know a date when this began don't want to go back so far that a number of installs/uninstalls would be affected.

Any help is appreciated.

A:"Set as Desktop Background" missing from context menu

In the RUN Box type in "regsvr32 shimgvw.dll" (Without the quotes).

Read other 16 answers
RELEVANCY SCORE 85.6

I'm running Windows XP Home Edition.

Recently, my computer displayed "VIRUS ALERT" in the bottom-right corner, next to the time. The time was displayed as 19:38 rather than 7:38, I kept receiving pop-ups prompting me to scan my computer for viruses, and the C: and A: drives aren't listed in My Computer.

I looked into this problem and found solutions on this site. I've ran Spybot, SDFix, AVG, Registry Mechanic, etc. etc.

Now I don't receive the pop-ups anymore and "VIRUS ALERT" is gone.

However, the time is still messed up, my background is still blank and can't be changed, C: and A: are still missing, and every file on the desktop still has the extension written after the name.

The report.txt from the SDfix:

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-07-12 19:22:08
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

disk error: C:\WINDOWS\system32\config\system, 0
scanning hidden registry entries ...

disk error: C:\WINDOWS\system32\config\software, 0
disk error: C:\Documents and Settings\david.DAVID-132C88F55\ntuser.dat, 0
scanning hidden files ...

disk error: C:\WINDOWS\

please note that you need administrator rights to perform deep scan

Remaining Services :


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcont... Read more

A:"Virus Alert", C: and A: missing, background blank

I don't know whether bumps are allowed or not, but I couldn't find a button to do it so here I am.

Apologies if they aren't.
 

Read other 1 answers
RELEVANCY SCORE 84.8

Well, folks, the title says it all. When I go to my pictures folder and right click on an image, the option to set as my background is completely gone from the list. It is not greyed out, it is completely gone. This happened before I reinstalled windows (and was one of the many reasons I did aside from it being far too long since the last reinstall), so i have a feeling that perhaps one of the programs i use did it or that i have an infected file that did it. I don't know how long the option has been missing. I changed my wallpaper with the right click option probably about 3 weeks ago, so it could have happened at any time.


I looked up a bunch of support already for un-greying the option, but there is no option to ungrey. i have also tried to reverse engineer the solution by looking up how to prevent changing the background. All of these led me to the same answer of 'Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer\ActiveDesktop ' or something very similar. The problem is, i don't have an ActiveDesktop folder in the registry. Could this be part of the problem?


thanks for an answer if you have one.

A:Right click "set as background" completely missing

Quote:





Originally Posted by Adny


Well, folks, the title says it all. When I go to my pictures folder and right click on an image, the option to set as my background is completely gone from the list. It is not greyed out, it is completely gone. This happened before I reinstalled windows (and was one of the many reasons I did aside from it being far too long since the last reinstall), so i have a feeling that perhaps one of the programs i use did it or that i have an infected file that did it. I don't know how long the option has been missing. I changed my wallpaper with the right click option probably about 3 weeks ago, so it could have happened at any time.


I looked up a bunch of support already for un-greying the option, but there is no option to ungrey. i have also tried to reverse engineer the solution by looking up how to prevent changing the background. All of these led me to the same answer of 'Go to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\
Explorer\ActiveDesktop ' or something very similar. The problem is, i don't have an ActiveDesktop folder in the registry. Could this be part of the problem?


thanks for an answer if you have one.




Want to take a look at this?

http://msdn.microsoft.com/library/de...ls/context.asp

Read other 2 answers
RELEVANCY SCORE 84.8

Title is supposed to say that it is NOT animated.

I recently purchased a Dell Studio 1737 direct from Dell.

Every time I turn on my laptop and log into my account, there would be a blue, animated circle cursor indicating that the laptop was just turned on and that it is working in the background.

Later on however, I noticed that whenever there were programs working in the background, my cursor shows a blue circle with a light in it, but it wouldn't be animated. This usually happens about 15 minutes after the laptop has turned on. I'm assuming that the cursor SHOULD be animated just like how it was during start-up.

I tried switching the pointers (eg. aero large to aero regular) and it seemed to solve the problem (i think), but after a while, the circle becomes frozen again; I am faced with the same issue. I tried downloading and installing different cursor sets (from DeviantART), and the ones that WERE animated in ANYWAY, were also frozen after a couple minutes.

I'm wondering if anybody else has had this problem and would greatly appreciated it if they provided a solution.

I'm using a 64-bit 7 Home Premium with ATI Radeon HD 3650.

Thanks in advance!

A:Windows Vista/7 "Working In Background/"Busy" Cursor NO

  
Quote: Originally Posted by Andresu


I recently purchased a Dell Studio 1737 direct from Dell.

Every time I turn on my laptop and log into my account, there would be a blue, animated circle cursor indicating that the laptop was just turned on and that it is working in the background.

Later on however, I noticed that whenever there were programs working in the background, my cursor shows a blue circle with a light in it, but it wouldn't be animated. This usually happens about 15 minutes after the laptop has turned on. I'm assuming that the cursor SHOULD be animated just like how it was during start-up.

I tried switching the pointers (eg. aero large to aero regular) and it seemed to solve the problem (i think), but after a while, the circle becomes frozen again; I am faced with the same issue. I tried downloading and installing different cursor sets (from DeviantART), and the ones that WERE animated in ANYWAY, were also frozen after a couple minutes.

I'm wondering if anybody else has had this problem and would greatly appreciated it if they provided a solution.

I'm using a 64-bit 7 Home Premium with ATI Radeon HD 3650.

Thanks in advance!


Hi and welcome

How much ram? can you take a screen shot of task manager (right click task bar) in teh performance tab. to get to task manager right click task bar

Thanks

Ken J+

Read other 7 answers
RELEVANCY SCORE 84.4

I'm posting this in the Vista forum because this has never happened with Windows 2000 or XP.

I bought two exact duplicate models of hard disks. I set up Vista Ultimate on one of my systems. I used Acronis True Image 10 to clone the operating disk to the factory-new, never-used, same model disk as a backup drive in the event the first disk failed. I put in the clone to be sure it runs; but, I get the error mentioned in the title of this thread.

Now, if the second disk is supposed to be a clone of the first, why does this happen and how can I fix it?

I'm not married to Acronis for this job so I would use any disk cloning tool that makes a sector-for-sector copy. I use Norton Ghost 2003 for making sector-for-sector raw image (forensic) copies of PATA drives; but, these are SATA drives and Ghost 2003 simply sits there like Tarbaby and he don't say nuttin' to no SATA drive.
 

A:"Windows failed to start" "\Windows\System32\winload.exe missing or corrupt"

Read other 7 answers
RELEVANCY SCORE 83.6

Got my computer back today (Windows XP), and my background is now all green with a black box in the middle saying "Your System Is Infected...etc"

Also a red circle with a white X in the task bar

I can't open the task manager

Can Anyone Help???...

Downloaded HiJackThis

My log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:51 AM, on 12/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\sy... Read more

A:"Your System Is Infected" Background + "Internet Security 2010" virus/malware problem

Hi and welcome to TSF.

I'm afraid HijackThis no longer provides the information we require.

We want all our members to perform the steps outlined in the link given below, as far as they possibly can, before posting for assistance.

http://www.techsupportforum.com/f50/...lp-305963.html

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.

This thread will now be closed.

Read other 1 answers
RELEVANCY SCORE 83.6

Got my computer back today (Windows XP), and my background is now all green with a black box in the middle saying "Your System Is Infected...etc"

Also a red circle with a white X in the task bar

I can't open the task manager

Can Anyone Help???...

Downloaded HiJackThis

My log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:04:51 AM, on 12/29/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\dlcqcoms.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\i... Read more

Read other answers
RELEVANCY SCORE 83.6

In Windows XP, fully updated, I have several folders full of mp3's and want to see the bit rate and duration. I right click on a column heading and select "Bit rate". I then click on "More..." so I can get to "Duration", and I select that one too.

But all the figures in the "Duration" column appear to be in "hours" and "minutes", so I see "00:04" or "00:03", but what I want is "minutes" and "seconds".

Any thoughts as to how to change this?
 

A:Solved: Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes"

Read other 16 answers
RELEVANCY SCORE 83.2

Hello all.

First off, I am in no means acquainted with any troubleshooting or fancy thing outside of everyday computer usage, so please respond as if you are talking to a dummy. I do have fairly decent common sense and Google skill however, which has given me enough confidence to try and fix this issue on my own.

Basically, one day I start my computer (running Windows XP Professional SP3) up and get a black screen saying:

"We apologize for the inconvenience, but Windows did not start successfully. A recent hardware or software change might have caused this

Start in safe mode.
Safe mode with networking.
Safe mode with command prompt.
Last known good configuration setting (most recent setting that worked).
Start Windows normally."

For a few times, I was able to get Windows working with the last two options, but before I could dedicate time to fix the issue, it became so that none of these options worked, and I got caught in a restart cycle with this screen. Last things that I can recall that may have caused this: Windows Update or CCleaner Registry Fix (just something I do sometimes to make sure everything is working, nothing was wrong prior).

I bought an external HDD enclosure with hopes of popping my internal into it, and saving my stuff onto my laptop before messing around. Oddly, in My Computer, the 2 drive icons (a System Recovery one, and my Main one) would flash for a few seconds, every few minutes, and when I'd quickly click them, it'd say the... Read more

A:"Windows did not start successfully" to "ntldr is missing"

BTW if it IS in fact possible to copy certain files from my laptop's OS, I just realized I can probably just copy those files into the desktop internal (when plugged in as an external) instead of going through the whole DOS thing? But keep in mind, that's the small 3GB partition, so I don't know if that would even work. Unless putting those boot files on that small partition, will help open up the rest of the drive. Not sure how that works.
EDIT: Apologies for the double post, just saw the "edit" button.
 

Read other 2 answers
RELEVANCY SCORE 83.2

I think I am infected with Malware, Spyware, or some type of virus. My desktop background has become a bright red screen with a toxic symbol on it and underneath it, it says "Your Privacy Is In Danger!" On the bottom right, in the taskbar, right next to the time and date, it says "Virus Alert!" My computer is also attempting to run anti-Spyware programs all by itself, opening browsers with websites to Spy programs and pop-ups warning me of possible hackers. Below is my HJT log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 06:36: VIRUS ALERT!, on 7/20/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\ezSP_Px.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\AVPersonal\AVGNT.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched... Read more

Read other answers
RELEVANCY SCORE 83.2

Mouse cursor constantly flickering between "arrow" and "working in background" .
How can this be fixed?
 

A:Mouse cursor constantly flickering between "arrow" and "working in background"

Hi, is this a desktop or a laptop?
Let us have some Pc specifications.
Check and post
TSG System Information Utility - found here.
http://library.techguy.org/wiki/TSG_Valuable_links
 

Read other 1 answers
RELEVANCY SCORE 83.2

My mouse cursor is constantly flickering between the normal "arrow" and "working in background". I restarted the pc, but that didn't work. Anyone had this happen before, or know how to stop it?
 

A:Mouse cursor constantly flickering between "arrow" and "working in background".

Read other 15 answers
RELEVANCY SCORE 83.2

I was having an issue with my Windows 7 cursor flickering between 'arrow' and 'working in background' at an irritianting rate and found the following TechSupportGuy thread a couple of minutes ago:

http://forums.techguy.org/windows-vista/642572-mouse-cursor-constantly-flickering-between.html

One of the posts in the thread lead me to the solution but unfortunately it seems most people have opted for reinstalling the OS instead!

Given the the original thread is closed I decided to create a new one and post the solution here in an attempt to prevent people from taking such drastic measures to get rid of this (incredibly irritant) issue in the future.

I simply disabled the Windows Search service and killed the process behind it (SearchIndexer.exe) in Task Manager. My cursor is now back to normal

Disabling this service means any new files will not be indexed although you can re-enable it and leave the pc running for a couple of hours every now and again so that new files are indexed. Hope this helps!
 

Read other answers
RELEVANCY SCORE 82.8

Hey everyone,
        I am trying to get the REST queries to work with the sharepoint end points instead of graph end points. I first created an app with relevant permissions and have given it the admin consent. Then I am hitting the https://login.microsoftonline.com/<tenant>.onmicrosoft.com/oauth2/token?Content-Type=application/x-www-form-urlencoded end
point with https://<tenant>.sharepoint.com as resource. I am then using the access token retrieved to give the rest call to https://<tenant>.sharepoint.com/_api/v2.0/drives/b!3indYSbqZ0-hVSPnCgIZy-2xDMh7jH9AuQnEzJMc6TEfQoSJvJT-R6tT0lFBQiPr/root/delta
but it is failing with "error":{"code":"generalException","message":"General exception while processing"}}. The REST response code is 401 Unauthorized. I have filed a Microsoft support ticket but they
have asked me to post on these forms. Can someone please help me with this? I am not able to move forward because the error is pretty generic and doesn't give any additional details.
Thanks,
Sai Kiran Katuri.

Read other answers
RELEVANCY SCORE 82.4

I am running Windows XP SP3, fully updated, on an Acer lap top PC.

I have several folders full of .mp3's and want to see the bit rate and duration. To do this I right click on a column heading and select "Bit rate". I then click on "More..." so I can get to "Duration", and I select that one too.

The two new columns appear, but the format of the "Duration" column appears to be "hours:minutes", so I see "00:04" or "00:03" for most .mp3's, when what I want to see is 'hours:minutes:seconds", e.g. "00:03:45".

This also happens for video files (.avi files), e.g. all my episodes of "Heroes" (sad, I know) have a duration of "00:42" instead of "00:42:xx".


Here are two pictures showing the problem with the .mp3's. The first is of Explorer showing the Duration as "Hours:Minutes":




The second picture is of the properties window of the first .mp3 in the list above:




I copied some .mp3 files to another (old) PC on my home network, and it displayed the duration field correctly:




Also, the properties window correctly shows the duration also:





I'm not the only person to have this problem. I received a private message from a member of another forum where I posted about this problem several weeks ago. That person also has the same problem with the duration field.

The tech guys on that forum were unable to find the source... Read more

A:Windows Explorer "Duration" Column - no "Seconds", just "Hours" and "Minutes"

* bump *

Tricky, this one!

Read other 8 answers
RELEVANCY SCORE 80.8

I have 2 Dell 780's that I would like to reset to factory using the Dell Recovery partition.  These are Windows 7 64bit Pro machines.  The units have 3 partitions, diagnostics, recovery and OS.  I have followed instructions to start the recovery process and can successfully get the units to boot to the standard windows restore options page, but the expected last item "Dell Factory..." is not present.www.dell.com/.../how-to-restore-your-windows-7-computer-to-factory-settingsI do not see Dell Backup and Recovery installed.www.dell.com/.../DriversDetailsThere is nothing on the C:\ partition I wish to retain and want to do a clean (re)install, ideally on a formatted drive.  I would like to keep the recovery partition functionality intact so this can be done again.  I rather not do an upgrade where I get left with a windows.old folder and other unused folders in the root directory.Related:1 - I think I read somewhere that recovery can only be done once.  Is this correct?2 - Does recovery also include the Cyberlink software?3 - From where is the System Recovery tools run?Also have seen this:  en.community.dell.com/.../20141229

Read other answers
RELEVANCY SCORE 80.4

Hello, i've been having this problem for a week now, tried to fix it but no luck what so ever. So i got tired and i am looking for your assistance on this matter.
Every time I play Aion online, in about 10-30mins i get a blue screen saying "REFERENCE BY POINTER" or "IRQL NOT LESS OR EQUAL", tried many methods that were stated on the forums of different sites but no luck... that is why i am attaching my BSOD information and hoping for you assistance. Thank you in advance.
PS: When I play Aion, and the PC restarts (caused by BSOD) most of the time the minidump isn't created and sometimes it doesn't go into the BSOD it just restarts, but i know the problem is the BSOD.

I have Windows 7 Ultimate x86(32bit)
It's the original installed OS on my system (OEM)
I've had this computer for ~4years, drivers always up to date and i reisntalled my Windows yesterday.
Attaching the Zip file with the information required which was on BSOD posting instructions post.

A:BSOD playing Aion, "REFERENCE BY POINTER" and "IRQL NOT LESS OR EQUAL"

No DMPS included in upload try this method.

We do need the DMP file as it contains the only record of the sequence of events leading up to the crash, what drivers were loaded, and what was responsible.

If you are overclocking STOP
We could also use some system information, which you can get easily by running msinfo32.
To do that go to start>run>type msinfo32>enter

When it is finished running go to file>save>name it and upload to us here.
You may be able to get the DMP files without crashing by booting into safe mode (F8) with networking.

To enable us to assist you with your computer's BSOD symptoms, upload the contents of your "\Windows\Minidump" folder.

The procedure:





Quote:
* Copy the contents of \Windows\Minidump to another (temporary) location somewhere on your machine.
* Zip up the copy.
* Attach the ZIP archive to your post using the "paperclip" (file attachments) button.
*If the files are too large please upload them to a file sharing service like "Rapidshare" and put a link to them in your reply.



To ensure minidumps are enabled:





Quote:
* Go to Start, in the Search Box type: sysdm.cpl, press Enter.
* Under the Advanced tab, click on the Startup and Recovery Settings... button.
* Ensure that Automatically restart is unchecked.
* Under the Write Debugging Information header select Small memory dump (256 kB) in the dropdown box (the 256kb varies).
* Ensure that the Sma... Read more

Read other 9 answers
RELEVANCY SCORE 79.2
A:"msvcr80.dll is missing from your computer." WindowsUpdate_00000643" "WindowsUpdate_dt000"

Hi,

Please share more information with us, when did you found this iussue? what action are you doing when you found this issue?
Plese first refer to this KB, does it fit this issue?
NET Framework update installation error: "0x80070643" or "0x643"
http://support.microsoft.com/kb/976982/en-us
More information will be appreciate.
Regards
Yolanda
TechNet Community Support

Read other 5 answers
RELEVANCY SCORE 79.2

I got my dell few days ago. Installed it with Samsung EVO 850 SSD 500 Gb and Kingston 8GB PC3L - 12800 SODIMM.The Windows 10 Home OEM home is installed on HDD 1TB so I decided to use Samsung Data Migration software to clone the data to SSD. However, the OS crashed and decided to install a fresh Windows 10 Enterprise to SSD and deleted the previous OS on HDD using diskpart.Now after Installing Windows 10 Ent OS files. Every after BIOS run, I got BSOD errors "MEMORY MANAGEMENT" + "Page Fault it non paged area" + "IRQL NOT LESS OR EQUAL" 

Read other answers
RELEVANCY SCORE 78.8

Hi all,

I'm puzzling this one. In the folder options when I choose 'view' the radio button to show the hidden files is missing. I've already checked the registry at the HKLM/Software/Microsoft/Windows/CurrentVersion/Explorer/Advanced/Hidden

and everything seems ok (value for 'Type' is 'group' etc.). Using the XP tweak (Kelly's corner #155) shows the hidden files, but the button still missing.

Another thing that I encountered with was that from the start menu the "Help and Support" not working. Again, the registry seems fine, and the process is activated (started). This came up when I tried to use system restore option - with no success.

Virus scan didn't find alerts of any kind

To make a long story short- below is the log file of HiJackThis. Please review it and reply if you see something to be concerned with for repairing my computer.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:36:54, on 21-Dec-08
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\McAf... Read more

A:missing "show hidden files" button + "Help and Support" not working from start menu

Ok I found the answer (after quite a lot searching), as follows:

1. for the 'Hidden files' radio button - I used methods 1 and 2 from here-
http://www.technize.com/2007/05/13/s...s-not-working/

2. for the helpcenter I just reinstalled it as described here -
http://windowsxp.mvps.org/rebuildhelp.htm
note that the file 'dataspec.xml' is needed to be available for this, and it can't be done directly from the XP CD. The thing that worked for me was to insert the XP CD, and use the file that in my computer (C:\) and afterwards another file on the CD.

Again, all this happened with no virus detection, so I believe that there is no infection. However, if someone has remarks on the HiJackThis log I've put, feel free to add them.

Have a nice day,

Fitch.

Read other 1 answers
RELEVANCY SCORE 78.4

Howdy everybody!
When I hit the Windows & Print Screen keys, it is supposed to generate a picture of my Desktop into a Folder, within Pictures, labelled “Screenshots.”
But there is no such "ScreenShots" folder there!
What should I do? If I simply create a new folder, and label it “Screenshots,” will do that do the trick?  Or is there a more complicated fix?
Your help would be appreciated. Thanks!

Read other answers
RELEVANCY SCORE 78.4

i have a dell inspiron 6400 with the built in restore option (Ctrl +F11... or something)
i split my hard drive manual with partition magic.

i wanted to know, if i will restor my system will the hard disk goes back to one, or will it stay split?
 

A:install <span id="EBSpanHighlighter" style="background-color: Fuchsia; color: black;"

it'll stay split unless you actually delete the 2nd partition. Just reinstall on c: & you'll be fine
 

Read other 1 answers
RELEVANCY SCORE 78

I have to set up a Broadband connection. But Local Area connection icon is missing. Someone told "drivers" could be missing... I installed few. But the problem is as it was.. please guide me in this regards.. Thank you

Screen shots Attached

A:"Local Area Connection" missing in "Change adapter Settings".. Plz hlp

Hi and welcome to the Forum
Is the Broadband connection working OK?
Where are you looking for the icon? Can you post a screenshot of the location where you expect to see the LAN icon?

Read other 9 answers
RELEVANCY SCORE 77.6

I have a windows 7 starter machine I can't right-click on a picture and set a picture because I have NO "set as desktop background"entry on the list.I also went to my pictures and right-clicked on the picture in the slideshow and it gave me some entries but not the "set as desktop background.Could someone from this great site help me THANKS.
 

A:Solved: no "set as desktop background" on windows 7 Starter

Windows 7 Starter has no Personalization features for changing desktop backgrounds, as well as a host of other things it can't do.

Give this a read. Windows 7 Starter: top questions
 

Read other 3 answers
RELEVANCY SCORE 77.2

The files in one of my folders aren't showing up. It's only that specific folder that is having problem. Whenever I try to access it, no files show up even though there are clearly files in it (Properties say 20.5 GB). And it will always stuck at "not responding"

This is what it looks like:

http://i.imgur.com/p2bCy4s.jpg?1

I've found a possible solution but since it deals with command prompt, I want to make sure I don't make things worse. I need to know what exactly the following command does:

attrib -h -r -s /s /d g:\*.*, in which g is the drive letter.

This video: says it reveals hidden folders but I'm not sure if it's relates to my problem exactly since Properties doesn't have "Hidden" checked. It only has "Read-Only" checked under the General tab.
 

Read other answers
RELEVANCY SCORE 77.2

My friend's computer seemingly got a virus, since it sent an email to somebody in her email list, on its own. She asked me to take a look.

She had a virus checker, but it had never been updated. So I installed "AVGfree" and ran that. It found a "trojan horse" virus as well as some other stuff that it said should be removed, so I did. I then ran "ccleaner" and it suggested to remove a TON of crap, like 500mb worth of files (she installs dumb stuff on her computer all the time). I removed these files. Then I ran "spybot" and it removed some stuff. I then defragged, which it needed.

So here I am, feeling like a hero, but then I reboot and there's a message saying that "lsass.exe" cannot be found. I cancel this message, and then there's another message saying that "ipwins.dll" cannot be found.

I tell her to just ignore these messages until I figure it out, but then she informs me today that she cannot access her email account on her computer. So I've gotta figure out how to fix this.

Any advice?? Thanks.

A:After virus checking and cleaning, "lsass.exe" and "ipwins.dll" missing

She could try the system file checker : tell her to prepare her XP CD (she'll need it if it asks to replace the missing files), then she will have to go to start => run, and type "sfc /scannow".

If that fails, she can perform a repair install if she has an OEM, retail or upgrade XP CD (recovery CD's cant' do that). She will have to boot on the cd, thus she needs first to change the boot order in the bios to CD-rom first. Then, when XP setup loads, choose the option "To setup Windows XP now" (not the one about recovery console). On the next screen (after the licence agreement) she should be given the option to repair her current xp installation by typing R.

Once that's done, if the CD wasn't a SP2 version, first thing is to go to windows update to reinstall XP SP2 and all updates she could have done since. Don't surf on the internet before any antivirus and firewall (either windows or another) is enabled.

Read other 2 answers
RELEVANCY SCORE 77.2

Computer Specs:
CPU: I5-2400
MB: Asus Pz868
Ram: Corsair 8GB Vengeance LP
Using on board VIdeo For now
Maxtor HD Sata
WD Raptor Sata
HP Lightscribe DVD-r Drive Sata

Problem I was having once I completed my new build with old system parts was as listed in title. It started out as select proper boot device, and now it states ntldr is missing. From what I have been reading it seems as if my partition with my windows 7 install is not set active. I do not have my windows 7 DVD only my old vista DVD. I tried to boot into it to make use of CMD and attempt to make my partition active but I was unsuccessful to even get into CMD. I went into bios and forced booted from the drive with the OS and still same error, also I attempted to disable the other sata and run the computer again with no success also. Look forward to hearing from someone soon. I will be sitting by my laptop all night until this computer gets running.

A:"Select Proper Boot Device" now "NTLDR is missing"

Finally Got to command prompt but it shows my current drive listed as x: dunno if this will be relevant and helpful to anyone.

Read other 5 answers
RELEVANCY SCORE 77.2

Can anyone help me with this ? i got a picture ... i cant sendto desktop as shortcut the icon is missing .. help !!

A:"Desktop As Shortcut" Command Is Missing from the "Send To" Menu

Maybe this info will help:
Send To Context Menu - Remove or Restore Default Items

Read other 3 answers
RELEVANCY SCORE 77.2

http://tinyurl.com/k3vyb

I tried copying a fresh version of the file to \Windows\System32. No dice. I tried renaming it all uppercase and then all lowercase. Nothing. I put a copy in the root directory. No effect. I tried everything I could think of, but nothing worked.

Then--doh!--I stopped thrashing and did what I should have done initially: I dug into the Microsoft Knowledge Base and learned about XP's built-in Rebuild command. It can often easily fix "Missing HAL" and similar problems in just a minute or two. If you know about this command and how to use it, you can potentially save yourself hours and hours of manually reinstalling or rebuilding a failed operating system.
 

Read other answers
RELEVANCY SCORE 77.2

when i right click on my DVD writer i do not get the options "OPEN",EXPLORE & AUTOPLAY"..How do i bring them back?
 

Read other answers
RELEVANCY SCORE 77.2

Okay, I have an ATI Radeon 8500 on my Windows XP system, and one day, after my dad had used the computer, the 3D video driver stoppeed working. He can't recall doing anything. So it goes. I think "whatever", downloaded the latest Catalyst drivers, and try to install it, only to get the message "INF Error, Video Driver Not Found" and then "Try to set up your adapter with a standard VGA driver before running setup". I tried googling for info (apparently it's a common-ish issue), but I never found anything that worked. I tried uninstalling anything ATI and then installing, to no avail. I tried uninstalling the error-listed VGA adapter from the Device Manager and then running install which didn't work. Rebooting after that also didn't work (it popped up with "New hardware found" after the reboot, but it couldn't find the proper drivers).

After an unedifying series of adventures I got to http://www.msi.com.tw/program/support/download/dld/spt_dld_detail.php?UID=45&kind=1 which has several drivers for my mobo. I first downloaded (obviously) the VGA driver, and tried to run setup. Unfortunately, after preparing the install, an Error message pops up saying "The system cannot detect the device, please confirm that the device is configured properly and restart the setup program." I then tried downloading the AGP upgrade, installed it, but nothing changed. I also downloaded the BIOS update, since it mention... Read more

A:"INF Error", VGA Driver "Missing" Installing ATI Catalyst Drivers

the radeon is not integrated with your motherboard, and the onboard video has probably been disabled in the BIOS. to install the appropriate drivers for an ATI radeon 8500 card you need to download and install the drivers from ati's website. from there you can download the latest version of catalyst and install that.
 

Read other 13 answers
RELEVANCY SCORE 76.8

ok, so I solved the activation problem
and i can change my background.

and the control pannel tells me that my OS is genuine,
but the logo
"Windows 7
Build 7600
This copy of windows is not genuine"

doesn't go away...
any suggestions?

A:Activated, but "Windows not Genuine" still in the background

Welcome to the forum,

See if this helps,

Genuine Microsoft Software

Read other 3 answers
RELEVANCY SCORE 76.4

Hi all,

So I'm kind of stuck.. I currently have the problem where I am in an endless cycle of "loading files" -> "Windows Boot Manager" (see: How To Boot Into Safe Mode On Windows 8 (The Easy Way)).
I have tried to load all of the options -- and none successfully load.
I also end up at a OneKey Recovery as well.. unfortunately, the laptop does not have initial backup or user backup images.
I have a Windows 8 CD for repairing purposes.. however, I cannot load the BIOS/UEFI to change the boot order to load the optical drives first. I have also tried to remove the CMOS battery to fix it.. did not work. .
Also - Windows Boot Manager:
Windows Setup [EMS Enabled] -- does not load properly (leads to OneKey Recovery) Safe Mode (does not load properly) Safe Mode with Networking (does not load properly) Safe Mode with Command Prompt (doesn't load - tries to boot and load all files onto partition that is too small.. can't change partition?)
Enable Boot Logging Enable Low-Resolution Video Debugging MOde Disable automatic restart on system failure Disable Driver Signature Enforcement Display Early Launch Anti-Malware Driver
Start Windows Normally
Any ideas would be greatly appreciated! Thanks!

Read other answers
RELEVANCY SCORE 76

There appears to be no open thread on this issue...disappearing context menu "new/textdocument" option.

After trying several alternate text editor demos I found that my registry .txt entry was empty except for the (default) line item...I replaced the entry with an expanded entry found elsewhere on this forum which called for notepad.exe and included ItemName and NullFile etc.

After rebooting and checking my program associations to verify that my new editor, EditPlus, was the default, I found that the "new/text document" option appears and works in all the usual places including the desktop...

But there must be more to the story... Notepad still appears in the ItemName entry. Is this just a default reg entry, with the actual default program assignments appearing elsewhere?

BTW, as an old poster suggested elsewhere X-Setup has been de-commissioned but is still available on MajorGeeks. It has some editing capability but wouldn't add a new TXT item because "it already existed" (already registered).



W7 x64 SP1

Read other answers
RELEVANCY SCORE 76

XP
Im looking for a way to re-create two folders, 1 my pictures, 2 my video. ive tried TweakUI, but that can only move a path. I tried repair (not Repair console) with XP SP2 CD, and ended up with a chose OS screen (which i found out can be avoided with msconfig.) but still regedit has a big whole where my pictues and my video should be. Ive both a SATA and an IDE drive, IDE is used as storage and SATA is partitioned and computer management say Extended partition, with boot on it and system is on the IDE one.
Before it got messed up i had my documents on the ohter partition, which is how i want it.
I would greatfull of some help and a detailed fix, i will fomat but even that is hard as that is part of how it all become so mixed up.
Vince
 

A:Missing Shell Folder for "My Pictures" + "My Video"

Vince, Tweak UI has that ability under the Repair section. Just use the drop down arrow button and choose My Videos and My Pictures one at a time, click the Repair Now button, click Apply/OK.

Tufenuf
 

Read other 2 answers
RELEVANCY SCORE 76

Hello,
I really need your help. I have exams coming up soon so need to get back on my computer as soon as possible. I have a notebook with windows XP. The model is Compaq mini CQ10-400.

When I switch the notebook on it displays the "BOOTMGR IS MISSING"... message. I cannot get on my computer passed that screen, apart from when I press escape after pressing Ctrl, Alt, Del. It gives me 4 options ... " F1 system information, F2 system diagnostics, F9 boot device options, F10 BIOS setup."

There is no disc drive so what should I do, and what is the easiest way to fix this issue.

Thanks in advance.

A:"BOOTMGR IS MISSING""PRESS Ctrl+Alt+Del to restart"

Hi and Welcome to TSF!

The only way to fix this is to use startup repair from the Windows XP CD.

Read other 15 answers
RELEVANCY SCORE 76

Hello,
I really need your help. I have exams coming up soon so need to get back on my computer as soon as possible. I have a notebook with windows XP. The model is Compaq mini CQ10-400.

When I switch the notebook on it displays the "BOOTMGR IS MISSING"... message. I cannot get on my computer passed that screen, apart from when I press escape after pressing Ctrl, Alt, Del. It gives me 4 options ... " F1 system information, F2 system diagnostics, F9 boot device options, F10 BIOS setup."

There is no disc drive so what should I do, and what is the easiest way to fix this issue.

Thanks in advance.
 

A:"BOOTMGR IS MISSING""PRESS Ctrl+Alt+Del to restart"

Read other 16 answers
RELEVANCY SCORE 75.6

Just a dumb question: what does this operation do? When in the photos application, select a picture. Then right click. There's a "Set as" button. You click that and there are a couple of choices. One is "Application Background". What is that? I could just click it and see what it does, but I didn't want to change something away from a default and find that I couldn't figure out how to get the default back. So I thought I'd ask here.

A:Photo "Set As" "Application Background"

consider yourself lucky that your photos app works at all........for many it doesn't.

Read other 3 answers
RELEVANCY SCORE 74.8

Hi guys, I ask you a lot of help because I'm in trouble up to my neck. I try to be as detailed as possible.
I have a Packard Bell with initially installed Windows Vista Home Premium (I don't know if 32-bit or 64-bit). Over time I updated it to later versions, and in fact before the problem I normally had Windows 10.

Brief introduction: as you know, telematic lessons have started in the world at home. So I installed Microsoft Teams and so far everything is ok. I noticed, however, immediately that the fan of my old PC with more than 10 years of intense work was starting to fuel quickly. While I was thinking about how to solve, the inevitable happened: during a lesson the PC freeze in the screens, and after waiting 5-10 minutes I turned it off by the button. By re-accessing it, this screen appeared, as the title says:

"Windows failed to start. A recent hardware or software change might be the cause. To fix the problem:
1. Insert your Windows installation disc and restart your computer.
2. Choose your language settings, and then click "Next."
3. Click "Repair your computer."

If you do not have the disc, contact your system administrator or computer manufacturer for assistance.

File: \ Boot \ BCD
Status: 0xc000000f
Info: The Boot Configuration Data for your PC is missing or contains errors. "

What I did: I searched on this and other sites but I was not able to juggle well. I understood that you need an installation CD, which I DO NOT ha... Read more

Read other answers
RELEVANCY SCORE 74.8

I'm running WMP 11.0.6000.6344. When I used to play a song from an album in my library (from the "Songs" view), it would automatically add the whole album (and everything after it in the library) to my "Now Playing" playlist. For some reason now it only plays the single song, and then just stops. Any thoughts?

I realize this is kind of obscure, but I thought maybe someone on here might know about it.
 

Read other answers
RELEVANCY SCORE 74.4

The title says it all. Why do I get a blue screen background in my laptop for the bubbles screensaver and not my desktop wallpaper ? I'm using windows 8.1 .

Read other answers