Bloatware Solved

Question

]Hello,
I just bought a new computer and there are already lots of pre-installed software.
I would like your opinion on which ones I could uninstall.
[image:http://static.commentcamarche.net/www.commentcamarche.net/pictures/SUKklA04tnYs8dc0fP1uQ7qNNimdzcdmgCJpP1pRmWiY4s4LyFwxea7YqeBOcM7p-liste-logiciel-s-.png|325px||center
Thank you.

lilidurhone · Answer

Hello

Already purchased and already infected :(

Uninstall Activeris

You must have installed potentially unwanted programs

To avoid this kind of problem:

- Do not download any programs offered in advertisements or on suspicious sites. Note that some well-known sites like Softronic, Tuto4PC, etc. sometimes modify the programs offered for download to include adware ==> Always prefer downloading directly from the publisher's site.

- During the installation of a free program, read carefully and uncheck all additional programs that are offered, especially toolbars.

For your information, read these files on Potentially Unwanted Programs and Toolbars; they are not mandatory

* Download this easy-to-use tool

https://toolslib.net/downloads/viewdownload/1-adwcleaner/

* If there's a problem with the first link, take it here https://www.commentcamarche.net/telecharger/securite/2759-adwcleaner/

* Run it (On Vista/7/8, right-click on it and select run as administrator); if you are on XP, double-click on it

* Click on scan
* Post the search report C:\Adwcleaner[R]

* Note that the search report is also saved under C:\Adwcleaner[R1]

* Host the report on cjoint

* To help you https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

--
If there is a problem, there is always a solution
~~~~~~ Cs ~~~~~~

divayv · Answer

Hello,
Honestly, none of these programs are essential! You can uninstall them all unless some seem useful to you (for example, some of those that start with "HP", or Chrome or LibreOffice).
Best regards

mgb35 · Answer

Thank you for your answers. I had already run adw so the report is empty.
It wasn’t enough to remove Activeris, more hd, Re markit.
I did it manually.
Are there any others that I absolutely need to remove?
What about Microsoft Visual ++?

lilidurhone · Answer

Post the report -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

The first report: https://www.cjoint.com/?DEEwt4oNnYC  The one I just made: https://www.cjoint.com/?DEEwu4bo2uh

lilidurhone · Answer

Disabling  Key Present: HKCU\Software\AppDataLow\Software  And redo deletion  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

divayv · Answer

On my side, I've sorted the good and the less good: all those for which I've put a red line are good to uninstall: http://hpics.li/e472047 (unless you find them useful like Microsoft Office). First, create a restore point!
Best regards

mgb35 · Answer

Thank you. I don't understand what it means: Uncheck  Key Present: HKCU\Software\AppDataLow\Software  Otherwise, I started to remove some software on the advice of divayv.

lilidurhone · Answer

There is a false positive
* Download ZHPDiag (from Nicolas Coolman)
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html or https://www.commentcamarche.net/telecharger/utilitaires/24803-zhpdiag/

* In case the first link doesn't work, click on the one below
ftp://zebulon.fr/ZHPDiag2.exe

* Double-click if you're on Windows XP (otherwise right-click to run as admin starting from Vista)

* Let yourself be guided during the installation, it will launch automatically at the end.

* Above all, don't forget to install its icon on the desktop, the icon is in the shape of a parchment
https://www.cjoint.com/13sp/CIvuQfap3YY_zhpdiag.png

* Upon opening the software, you will be offered 3 options "search", "configure" and complete

* Click on "complete"

* Save the report on your desktop using the icon representing a floppy disk

* To host the report, go to cjoint.com
* Click on choose a file and fetch the report from your PC.

* The report is hosted:
- For XP: C:\Documents and Settings\username\Local Settings\Application Data\ZHP
- Since Vista: C:\Users\username\AppData\Roaming\ZHP

* Once the report is found, select it, and click on Open

* Choose the type of distribution (unlimited or 21 days)
* Then click on create the cjoint link

* Once you have obtained the link, copy it and paste it in your next response

* To help you https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers

--
If there is a problem, there is always a solution
~~~~~~ Cs ~~~~~~

mgb35 · Answer

Thank you for your help.  I received antivirus alerts during its execution. Is that normal? Here is the report: ~ ZHPDiag report v2014.5.30.78 - Nicolas Coolman (30/05/2014) ~ Launched by Emmanuel (31/05/2014 14:41:01) ~ Website Address https://nicolascoolman.eu ~ Translated by Nicolas Coolman ~ Version status: Updated version. ~ Whitelist: Activated by the program ~ Privilege Elevation: OK ~ User Account Control (UAC): Activated by user   ---\ Internet Browsers MSIE: Internet Explorer v11.0.9600.16384 GCIE: Google Chrome v35.0.1916.114 (Default)  ---\ Windows Product Information ~ Language: French Windows 8.1, 64-bit (Build 9600) Windows Server License Manager Script: OK ~ Windows(R) Operating System, OEM_DM channel Windows ID Activation: OK ~ Windows Partial Key: VFQ2D Windows License: OK ~ Windows Remaining Initializations Number: 998 Software Protection Service: OK Windows Automatic Updates: OK Windows Activation Technologies: OK  ---\ System Protection Software Windows Defender W8 (Deactivate)  ---\ System Optimization Software  ---\ PeerToPeer Sharing Software  ---\ Software Monitoring  ---\ System Information ~ Processor: AMD64 Family 21 Model 16 Stepping 1, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 5301 MB (62% free) System Restore: Enabled System drive C: has 1819 GB (98%) free of 1848 GB  ---\ System Connection Mode ~ Computer Name: MANU ~ User Name: Emmanuel ~ All Users Names: HomeGroupUser$, Emmanuel, Administrator, ~ Unselected Option: None Logged in as Administrator  ---\ Environment Variables ~ System Unit: C:\ ~ %AppZHP%: C:\Users\Emmanuel\AppData\Roaming\ZHP\ ~ %AppData%: C:\Users\Emmanuel\AppData\Roaming\ ~ %Desktop%: C:\Users\Emmanuel\Desktop\ ~ %Favorites%: C:\Users\Emmanuel\Favorites\ ~ %LocalAppData%: C:\Users\Emmanuel\AppData\Local\ ~ %StartMenu%: C:\Users\Emmanuel\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir%: C:\Windows\ ~ %System%: C:\Windows\System32\  ---\ Disk Units Enumeration C: Hard drive, Flash drive, Thumb drive (Free 1819 Go of 1848 Go) D: Hard drive, Flash drive, Thumb drive (Free 2 Go of 14 Go) E: CD-ROM drive (Not Inserted)    ---\ Windows Security Center Status [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified ~ Security Center: 40 Legitimates Filtered in 00mn 00s    ---\ Specific Search for Generic Files [MD5.8479DC46E9A09015C0777A16BC22A15D] - (.Microsoft Corporation - Windows Explorer.) (.22/08/2013 - 13:39:51.) -- C:\Windows\Explorer.exe [2328880] [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Windows Startup Application.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384] [MD5.CE76481B886D891F1ECF11939DF16938] - (.Microsoft Corporation - Internet Extensions for Win32.) (.22/08/2013 - 10:29:03.) -- C:\Windows\System32\wininet.dll [2328064] [MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Windows Logon Application.) (.22/08/2013 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736] [MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - License Library.) (.22/08/2013 - 11:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Connection function driver for WinSock.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656] [MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336] [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - i8042 Port Driver.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.0063040EFD7C5B81D67CF985BA35388A] - (.Microsoft Corporation - IP Network Address Translator.) (.22/08/2013 - 12:35:33.) -- C:\Windows\system32\Drivers\IpNat.sys [141824] [MD5.405A2E5754DF76663CF0522B87D7929F] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.22/08/2013 - 12:36:11.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers
etBT.sys [282624] [MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - NT File System Driver.) (.22/08/2013 - 14:25:41.) -- C:\Windows\system32\Drivers
tfs.sys [2011488] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP device redirector.) (.22/08/2013 - 20:12:11.) -- C:\Windows\system32\Driversdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers	dx.sys [107520] [MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Volume Shadow Copy Driver.) (.22/08/2013 - 13:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160] ~ Generic Processes: Scanned in 00mn 00s    ---\ State of Hidden Files (Hidden/Total) ~ My Videos: 1/2 ~ My Favorites: 1/16 ~ My Documents: 1/4 ~ My Desktop: 2/16 ~ Start Menu: 1/48 ~ Hidden Files: Scanned in 00mn 00s    ---\ Running Processes [MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.4180] [MD5.40DF15D9D193EDD52C6A99940B7EA423] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Emmanuel\AppData\Roaming\Dropbox\bin\Dropbox.exe [33322976] [PID.5068] [MD5.4E9AF25BA5E8219310E384AEA5B0EED8] - (.CyberLink - CyberLink MediaLibrary Service.) -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576] [PID.2844] [MD5.C1BA914124E9A07FD7CAC4CEB8338EEC] - (.Nicolas Coolman - ZHPDiag Setup.) -- C:\Users\Emmanuel\Downloads\ZHPDiag2.exe [6819311] [PID.5416] [MD5.9E30AB5E3F6B43F69F928E6B4FCFD604] - (.No owner - Setup/Uninstall.) -- C:\Users\Emmanuel\AppData\Local\Temp\is-H6TOA.tmp\ZHPDiag2.tmp [680960] [PID.4312] [MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8020480] [PID.3556] [MD5.6B8AF3A2A3D9059008B55C444461CA00] - (.Frank Heyne Software - LADS.) -- C:\Program Files (x86)\ZHPDiag\Lads.exe [61952] [PID.5524] ~ Running Processes: Scanned in 00mn 00s    ---\ Google Chrome, Startup, Search, Extensions (G0, G1, G2) C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Preferences G0 - GCSP: Preference [User Data\Default][HomePage] http://start.androidnewtab.com G1 - GCS: Preference [User Data\Default] http://search.androidnewtab.com G0 - GCSP: Preference [User Data\Default][HomePage] https://www.lequipe.fr/ G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Enabled) G2 - GCE: Preference [User Data\Default] [dnhpdliibojhegemfjheidglijccjfmc] hotword helper v.0.0.1.0 (Enabled) G2 - GCE: Preference [User Data\Default] [mfffpogegjflfpflabcdkioaeobkgjik] GaiaAuthExtension v.0.0.1, (Enabled) G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Enabled) G2 - GCE: Preference [User Data\Default] [nhjnmokdaalmckkikjklibeakholpham] Web Search v. () G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Enabled) G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Enabled)  ---\ List of Google Chrome Extension Folders G2 - EXT: C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Documents] ~ Google Lines Browser: 40 Legitimates Filtered in 00mn 04s    ---\ Mozilla Firefox, Plugins, Startup, Search, Extensions (P2, M0, M1, M2, M3) P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc
pMcSnFFPl64.dll ~ Firefox Browser: 1 Legitimate Filtered in 00mn 00s    ---\ Internet Explorer, Startup, Search, URLSearchHook, Phishing (R0, R1, R3, R4) R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab ~ IE Browser: 21 Legitimate Filtered in 00mn 00s    ---\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s    ---\ Analysis of lines F0, F1, F2, F3 - IniFiles, Autoloading programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s    ---\ Hosts file redirection (O1) ~ The hosts file is clean. ~ Hosts File: Scanned in 00mn 00s ~ Number of lines: 21    ---\ Internet Explorer Toolbars (O3) O3 - Toolbar: HomeTab - [HKLM]{92aa6038-35c9-4666-893f-84716dec281c} . (...) -- C:\Program Files\HomeTab\IE\HomeTab.dll =>PUP.CertifiedToolbar ~ Toolbar: Scanned in 00mn 00s    ---\ Other User Links (O4) O4 - GS\QuickLaunch [Emmanuel]: SpeedUpMyPC.lnk . (...) -- C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe (.not file.) =>PUP.SpeedUpMyPC ~ Global Startup: 2 Legitimates Filtered in 00mn 00s    ---\ Applications Started at System Startup (O4) O4 - HKLM\..\Run: [BeatsOSDApp] . (.Hewlett-Packard - HP Beats.) -- C:\Program Files\IDT\WDM\beats64.exe O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [SimplePass] . (.Hewlett-Packard - HP SimplePass Application.) -- C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe O4 - HKLM\..\Run: [OPBHOBroker] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe O4 - HKLM\..\Run: [OPBHOBrokerDesktop] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) -- C:\Program Files\McAfee.com\Agent\mcagent.exe ~ Application: Scanned in 00mn 00s    ---\ Buttons Located on the Main Internet Explorer Toolbar (O9) O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 [64Bits] - {25510184-5A38-4A99-B273-DCA8EEF6CD08} . (...) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\Resources\Icons\HP.ico ~ IE Extra Buttons: Scanned in 00mn 00s    ---\ DNS Domain/Address Modification (O17) O17 - HKLM\System\CCS\Services\Tcpip\..\{02F3279E-8145-4997-ADA6-D2D6915A0929}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CS1\Services\Tcpip\..\{02F3279E-8145-4997-ADA6-D2D6915A0929}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 ~ Domain: Scanned in 00mn 00s    ---\ Additional Protocol (O18) O18 - Handler: wlpg [64Bits] - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} . (...) -- O18 - Filter: application/x-msdownload [64Bits] - {1E66F26B-79EE-11D2-8710-00C04F79ED0D} . (.Microsoft Corporation - Microsoft .NET Runtime Execution Engine.) -- C:\Windows\System32\mscoree.dll =>.Microsoft Corporation ~ Additional Protocol: Scanned in 00mn 00s    ---\ List of Non-Microsoft NT Services Not Disabled (O23) O23 - Service: HP SimplePass Cachedrv Service (Cachedrv server) . (...) - C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe O23 - Service: WindowsProtectManger Service (WindowsProtectManger) . (.Fuyu LIMITED - WindowsProtectManger Service.) - C:\ProgramData\WindowsProtectManger\wprotectmanager.exe ~ Services: 19 Legitimates Filtered in 00mn 06s    ---\ Automatically Scheduled Tasks (O39) [MD5.00000000000000000000000000000000] [APT] [Media_Play_AIR+-nova] (...) -- C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-nova.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [Media_Play_AIR+-novainstaller] (...) -- C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-novainstaller.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [{13FD4736-A468-400E-BF50-877EC3D95E82}] (...) -- C:\Program Files (x86)\Fre_Ven_s Pro 23\Uninstall.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [SystemSockets] (...) -- C:\Program Files (x86)\HomeTab\WBrowserHandler.exe (.not file.) [0] =>PUP.CertifiedToolbar O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore [1078] O39 - APT: - (..) -- C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA [1082] O39 - APT: Media_Play_AIR+-nova - (...) -- C:\Windows\Tasks\Media_Play_AIR+-nova.job [1484] O39 - APT: Media_Play_AIR+-nova - (...) -- C:\Windows\System32\Tasks\Media_Play_AIR+-nova [1484] O39 - APT: Media_Play_AIR+-novainstaller - (...) -- C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job [1554] O39 - APT: Media_Play_AIR+-novainstaller - (...) -- C:\Windows\System32\Tasks\Media_Play_AIR+-novainstaller [1554] ~ Scheduled Task: 44 Legitimates Filtered in 00mn 04s

lilidurhone · Answer

Follow only the tutorial    http://sosvirus.net/viewtopic.php?f=281&t=613  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

By the way, isn't it a problem to disable the antivirus? Am I at risk? Otherwise, I don't really understand what this software did. Why did it delete my Chrome settings for example?  Here is the report: ¤¤¤¤¤¤¤¤¤¤ | Shortcut_Module | g3n-h@ckm@n | 31.05.2014.1  ¤¤¤¤¤ Vista | 7 | 8 | 8.1 - 32/64 bits ¤¤¤¤¤ - Start 14:48:48 - 31/05/2014  Updated on: 31/05/2014 | 14.15 by g3n-h@ckm@n  Contact: https://www.sosvirus.net/  Feedbacks: http://www.sosvirus.net/feedbacks-t75915.html Boot: Normal  System: Windows 8.1 (64 bits) Core  RAM Memory = Total (MB): 5428 | Free (MB): 3352 Pagefile = Total (MB): 7067 | Free (MB): 4552 Virtual = Total (MB): 4194 | Free (MB): 4001   Registry backed up, to restore: C:\Shortcut_Module\Save\Clean\ERDNT.exe  ¤¤¤¤¤¤¤¤¤¤ | Windows Updates  No updates detected!!!  ¤¤¤¤¤¤¤¤¤¤ | Browsers  IE: 11.0.9600.16384 (© Microsoft Corporation. All rights reserved.) GC: 35.0.1916.114 (Copyright 2012 Google Inc. All rights reserved.)  ¤¤¤¤¤¤¤¤¤¤ | Security  AV: Windows Defender Disabled AS: Windows Defender Disabled FW: McAfee Firewall Enabled WMI: OK WU: Windows Update Service [Manual(3)] = Stopped AS: Windows Defender [Manual(3)] = Stopped FW: Windows FireWall Service [Auto(2)] = started  ¤¤¤¤¤¤¤¤¤¤ | FlashPlayer  FlashPlayer ActiveX: 11.8.800.133  ¤¤¤¤¤¤¤¤¤¤ | Processes killed  976 | [Owner: System | Parent: 692] - (. - .) - (8.0.0.51) = C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe 1020 | [Owner: System | Parent: 692] - (.Softex Inc. - HP SimplePass Service.) - (8.0.0.51) = C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe 348 | [Owner: System | Parent: 692] - (.AMD - AMD External Events Service Module.) - (6.14.11.1159) = C:\Windows\System32\atiesrxx.exe 992 | [Owner: System | Parent: 348] - (.AMD - AMD External Events Client Module.) - (6.14.11.1159) = C:\Windows\System32\atieclxx.exe 1092 | [Owner: System | Parent: 692] - (.IDT, Inc. - IDT PC Audio.) - (1.0.6482.0) = C:\Program Files\IDT\WDM\stacsv64.exe 1424 | [Owner: System | Parent: 692] - (.Fuyu LIMITED - WindowsProtectManger Service.) - (20.0.0.339) = C:\ProgramData\WindowsProtectManger\wprotectmanager.exe 1576 | [Owner: System | Parent: 692] - (.Microsoft Corporation - Print Spooler Subsystem Application.) - (6.3.9600.16384) = C:\Windows\System32\spoolsv.exe 1756 | [Owner: System | Parent: 692] - (.CyberLink - CyberLink Media Server Monitor Service.) - (2.2.0.11508) = C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe 1832 | [Owner: System | Parent: 692] - (.CyberLink - CyberLink Media Server Service.) - (2.2.0.11508) = C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe 1904 | [Owner: LOCAL SERVICE | Parent: 1056] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.16384) = C:\Windows\System32\dasHost.exe 3496 | [Owner: Emmanuel | Parent: 688] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.3.9600.16384) = C:\Windows\System32	askeng.exe 3504 | [Owner: Emmanuel | Parent: 688] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.3.9600.16384) = C:\Windows\System32	askhostex.exe 3644 | [Owner: Emmanuel | Parent: 3548] - (.Microsoft Corporation - Windows Explorer.) - (6.3.9600.16384) = C:\Windows\explorer.exe 3420 | [Owner: System | Parent: 692] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.9600.16384) = C:\Windows\System32\SearchIndexer.exe 3364 | [Owner: System | Parent: 952] - (. - .) - (0.0.0.0) = C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe 4180 | [Owner: Emmanuel | Parent: 688] - (.Google Inc. - Google Chrome.) - (35.0.1916.114) = C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 4648 | [Owner: Emmanuel | Parent: 3644] - (.Hewlett-Packard - HP Beats.) - (1.0.4.0) = C:\Program Files\IDT\WDM\Beats64.exe 4708 | [Owner: Emmanuel | Parent: 3644] - (.IDT, Inc. - IDT PC Audio.) - (1.0.6482.0) = C:\Program Files\IDT\WDM\sttray64.exe 4840 | [Owner: Emmanuel | Parent: 3644] - (.Hewlett-Packard - HP SimplePass Application.) - (8.0.0.51) = C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe 4952 | [Owner: Emmanuel | Parent: 4840] - (.Hewlett-Packard - HP SimplePass BHO Broker.) - (8.0.0.51) = C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe 5004 | [Owner: Emmanuel | Parent: 4840] - (.Hewlett-Packard - HP SimplePass BHO Broker.) - (8.0.0.51) = C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe 5068 | [Owner: Emmanuel | Parent: 3644] - (.Dropbox, Inc. - Dropbox.) - (2.8.3.0) = C:\Users\Emmanuel\AppData\Roaming\Dropbox\bin\Dropbox.exe 3856 | [Owner: Emmanuel | Parent: 5092] - (.Advanced Micro Devices Inc. - Catalyst Control Center: Monitoring program.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe 3080 | [Owner: Emmanuel | Parent: 3856] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 2844 | [Owner: Emmanuel | Parent: 688] - (.CyberLink - CyberLink MediaLibrary Service.) - (8.0.0.2002) = C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe 6140 | [Owner: System | Parent: 692] - (.Hewlett-Packard Company - HP Support Assistant Service.) - (7.2.35.3) = C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe 5164 | [Owner: NETWORK SERVICE | Parent: 692] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.9600.16384) = C:\Program Files\Windows Media Player\wmpnetwk.exe 5996 | [Owner: Emmanuel | Parent: 820] - (.Microsoft Corporation - Host Process for Setting Synchronization.) - (6.3.9600.16384) = C:\Windows\System32\SettingSyncHost.exe 4060 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.7903) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 5416 | [Owner: Emmanuel | Parent: 3644] - (.Nicolas Coolman - ZHPDiag Setup.) - (2014.5.30.78) = C:\Users\Emmanuel\Downloads\ZHPDiag2.exe 4312 | [Owner: Emmanuel | Parent: 5416] - (. - Setup/Uninstall.) - (51.49.0.0) = C:\Users\Emmanuel\AppData\Local\Temp\is-H6TOA.tmp\ZHPDiag2.tmp 3556 | [Owner: Emmanuel | Parent: 5140] - (.Nicolas Coolman - ZHPDiag.) - (2014.5.30.78) = C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe 6756 | [Owner: Emmanuel | Parent: 820] - (.Microsoft Corporation - Communications Service.) - (17.4.9600.16384) = C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe 5524 | [Owner: Emmanuel | Parent: 820] - (.Microsoft Corporation - Runtime Broker.) - (6.3.9600.16384) = C:\Windows\System32\RuntimeBroker.exe 5820 | [Owner: Emmanuel | Parent: 3556] - (.Microsoft Corporation - Notepad.) - (6.3.9600.16384) = C:\Windows\SysWOW64
otepad.exe 3676 | [Owner: LOCAL SERVICE | Parent: 1056] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.16384) = C:\Windows\System32\dasHost.exe 6604 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.7903) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe  ¤¤¤¤¤¤¤¤¤¤ | Started processes  328 | [Owner: System | Parent: 4] - (.Microsoft Corporation - Windows Session Manager.) - (6.3.9600.16384) = C:\Windows\System32\smss.exe 520 | [Owner: System | Parent: 512] - (.Microsoft Corporation - Client/Server Runtime Process.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe 632 | [Owner: System | Parent: 512] - (.Microsoft Corporation - Windows Initialization Application.) - (6.3.9600.16384) = C:\Windows\System32\wininit.exe 652 | [Owner: System | Parent: 640] - (.Microsoft Corporation - Client/Server Runtime Process.) - (6.3.9600.16384) = C:\Windows\System32\csrss.exe 692 | [Owner: System | Parent: 632] - (.Microsoft Corporation - Services and Controller Apps.) - (6.3.9600.16384) = C:\Windows\System32\services.exe 700 | [Owner: System | Parent: 632] - (.Microsoft Corporation - Local Security Authority Process.) - (6.3.9600.16384) = C:\Windows\System32\lsass.exe 772 | [Owner: System | Parent: 640] - (.Microsoft Corporation - Windows Logon Application.) - (6.3.9600.16384) = C:\Windows\System32\winlogon.exe 820 | [Owner: System | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 864 | [Owner: NETWORK SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 960 | [Owner: DWM-1 | Parent: 772] - (.Microsoft Corporation - Desktop Window Manager.) - (6.3.9600.16384) = C:\Windows\System32\dwm.exe 436 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 688 | [Owner: System | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 876 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 1056 | [Owner: System | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 1300 | [Owner: NETWORK SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 1616 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 1736 | [Owner: System | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 1896 | [Owner: System | Parent: 692] - (.McAfee, Inc. - McAfee Process Validation Service.) - (15.1.0.668) = C:\Windows\System32\mfevtps.exe 2016 | [Owner: System | Parent: 692] - (.McAfee, Inc. - McAfee Access Protection.) - (12.8.957.0) = C:\Program Files\mcafee\msc\McAPExe.exe 1180 | [Owner: System | Parent: 692] - (.McAfee, Inc. - McAfee On-Access Scanner service.) - (1.1.3.164) = C:\Program Files\Common Files\mcafee\AMCore\mcshield.exe 2156 | [Owner: System | Parent: 692] - (.McAfee, Inc. - McAfee Core Firewall Service.) - (15.1.0.668) = C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe 2288 | [Owner: System | Parent: 692] - (.McAfee, Inc. - McAfee Service Host.) - (3.8.703.0) = C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe 2428 | [Owner: System | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 2504 | [Owner: NETWORK SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 2532 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 2872 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.3.9600.16384) = C:\Windows\System32\svchost.exe 3208 | [Owner: System | Parent: 820] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.16384) = C:\Windows\System32\wbem\WmiPrvSE.exe 3256 | [Owner: System | Parent: 820] - (.Microsoft Corporation - COM Surrogate.) - (6.3.9600.16384) = C:\Windows\System32\dllhost.exe 1248 | [Owner: Emmanuel | Parent: 4172] - (.McAfee, Inc. - McAfee.) - (5.9.2.0) = C:\Program Files\Common Files\mcafee\platform\McUICnt.exe 3080 | [Owner: Emmanuel | Parent: 3856] - (.ATI Technologies Inc. - Catalyst Control Center: Host application.) - (4.5.0.0) = C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe 2844 | [Owner: Emmanuel | Parent: 688] - (.CyberLink - CyberLink MediaLibrary Service.) - (8.0.0.2002) = C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe 1160 | [Owner: NETWORK SERVICE | Parent: 820] - (.Microsoft Corporation - WMI Provider Host.) - (6.3.9600.16384) = C:\Windows\System32\wbem\WmiPrvSE.exe 6716 | [Owner: LOCAL SERVICE | Parent: 436] - (.Microsoft Corporation - Windows Audio Device Graph Isolation.) - (6.3.9600.16384) = C:\Windows\System32\audiodg.exe 6520 | [Owner: Emmanuel | Parent: 4180] - (. - Shortcut_Module.) - (31.5.2014.1) = C:\Users\Emmanuel\Downloads\Shortcut_Module.exe 6604 | [Owner: LOCAL SERVICE | Parent: 692] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.7903) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe 6764 | [Owner: Emmanuel | Parent: 6520] - (. - Process Stopper.) - (1.0.0.0) = C:\Shortcut_Module\Protect_Module.exe  ¤¤¤¤¤¤¤¤¤¤ |

mgb35 · Answer

Why was a new extension installed? Android new tab?

lilidurhone · Answer

Refais zhpdiag  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

~ ZHPDiag report v2014.5.30.78 - Nicolas Coolman (30/05/2014) ~ Launched by Emmanuel (31/05/2014 15:17:38) ~ Website Address https://nicolascoolman.eu ~ Translated by Nicolas Coolman ~ Version status: Up to date. ~ Whitelisting: Disabled by user ~ Privilege Escalation: OK ~ User Account Control (UAC): Deactivated by user   ---\ Internet Browsers MSIE: Internet Explorer v11.0.9600.16384 GCIE: Google Chrome v35.0.1916.114 (Default)  ---\ Windows Product Information ~ Language: French Windows 8.1, 64-bit (Build 9600) Windows Server License Manager Script: OK ~ Windows(R) Operating System, OEM_DM channel Windows Activation ID: OK ~ Windows Partial Key: VFQ2D Windows License: OK ~ Windows Remaining Initializations Number: 998 Software Protection Service: OK Windows Automatic Updates: OK Windows Activation Technologies: OK  ---\ System Protection Software Windows Defender W8 (Deactivated)  ---\ System Optimization Software  ---\ PeerToPeer Sharing Software  ---\ Software Monitoring  ---\ System Information ~ Processor: AMD64 Family 21 Model 16 Stepping 1, AuthenticAMD ~ Operating System: 64 Bits Boot mode: Normal (Normal boot) Total RAM: 5301 MB (66% free) System Restore: Enabled System drive C: has 1819 GB (98%) free of 1848 GB  ---\ System Connection Mode ~ Computer Name: MANU ~ User Name: Emmanuel ~ All Users Names: HomeGroupUser$, Emmanuel, Administrator, ~ Unselected Option: None Logged in as Administrator  ---\ Environment Variables ~ System Unit: C:\ ~ %AppZHP%: C:\Users\Emmanuel\AppData\Roaming\ZHP\ ~ %AppData%: C:\Users\Emmanuel\AppData\Roaming\ ~ %Desktop%: C:\Users\Emmanuel\Desktop\ ~ %Favorites%: C:\Users\Emmanuel\Favorites\ ~ %LocalAppData%: C:\Users\Emmanuel\AppData\Local\ ~ %StartMenu%: C:\Users\Emmanuel\AppData\Roaming\Microsoft\Windows\Start Menu\ ~ %Windir%: C:\Windows\ ~ %System%: C:\Windows\System32\  ---\ Disk Units Enumeration C: Hard drive, Flash drive, Thumb drive (Free 1819 GB of 1848 GB) D: Hard drive, Flash drive, Thumb drive (Free 2 GB of 14 GB) E: CD-ROM drive (Not Inserted)    ---\ Windows Security Center Status [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiSpywareOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] AntiVirusOverride: OK [HKLM\SOFTWARE\Microsoft\Security Center\Svc] FirewallOverride: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer] NoActiveDesktopChanges: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system] EnableLUA: Modified [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK [HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] Shell: OK [HKLM\SYSTEM\CurrentControlSet\Services\COMSysApp] Type: OK ~ Security Center: 40 Scanned in 00mn 00s    ---\ Specific Generic File Search [MD5.8479DC46E9A09015C0777A16BC22A15D] - (.Microsoft Corporation - Windows Explorer.) (.22/08/2013 - 13:39:51.) -- C:\Windows\Explorer.exe [2328880] [MD5.48CFA7BE561A7BE144C29BB912055016] - (.Microsoft Corporation - Windows Startup Application.) (.22/08/2013 - 10:58:29.) -- C:\Windows\System32\Wininit.exe [144384] [MD5.CE76481B886D891F1ECF11939DF16938] - (.Microsoft Corporation - Internet Extensions for Win32.) (.22/08/2013 - 10:29:03.) -- C:\Windows\System32\wininet.dll [2328064] [MD5.7C94FDA3809015B8F2208D2E1C221F17] - (.Microsoft Corporation - Windows Logon Application.) (.22/08/2013 - 10:55:08.) -- C:\Windows\System32\Winlogon.exe [564736] [MD5.2F18065618E39AA2E656EE737B71E791] - (.Microsoft Corporation - Licensing Library.) (.22/08/2013 - 11:39:40.) -- C:\Windows\System32\sppcomapi.dll [447488] [MD5.239268BAB58EAE9A3FF4E08334C00451] - (.Microsoft Corporation - Connection Function Driver for WinSock.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers\AFD.sys [567296] [MD5.74B14192CF79A72F7536B27CB8814FBD] - (.Microsoft Corporation - ATAPI IDE Miniport Driver.) (.22/08/2013 - 13:43:41.) -- C:\Windows\system32\Drivers\atapi.sys [26464] [MD5.2FA6510E33F7DEFEC03658B74101A9B9] - (.Microsoft Corporation - CD-ROM File System Driver.) (.22/08/2013 - 12:40:15.) -- C:\Windows\system32\Drivers\Cdfs.sys [88576] [MD5.C6796EA22B513E3457514D92DCDB1A3D] - (.Microsoft Corporation - SCSI CD-ROM Driver.) (.22/08/2013 - 09:46:35.) -- C:\Windows\system32\Drivers\Cdrom.sys [164352] [MD5.5DB26D7E0216D0BF364A81D3829AD7B9] - (.Microsoft Corporation - DFS Namespace Client Driver.) (.22/08/2013 - 12:38:00.) -- C:\Windows\system32\Drivers\DfsC.sys [134656] [MD5.03909BDBFF0DCACCABF2B2D4ADEE44DC] - (.Microsoft Corporation - High Definition Audio Bus Driver.) (.22/08/2013 - 12:38:38.) -- C:\Windows\system32\Drivers\HDAudBus.sys [78336] [MD5.84CFC5EFA97D0C965EDE1D56F116A541] - (.Microsoft Corporation - i8042 Port Driver.) (.22/08/2013 - 12:39:15.) -- C:\Windows\system32\Drivers\i8042prt.sys [107520] [MD5.0063040EFD7C5B81D67CF985BA35388A] - (.Microsoft Corporation - IP Network Address Translator.) (.22/08/2013 - 12:35:33.) -- C:\Windows\system32\Drivers\IpNat.sys [141824] [MD5.405A2E5754DF76663CF0522B87D7929F] - (.Microsoft Corporation - Minirdr SMB Windows NT.) (.22/08/2013 - 12:36:11.) -- C:\Windows\system32\Drivers\MRxSmb.sys [402432] [MD5.0217532E19A748F0E5D569307363D5FD] - (.Microsoft Corporation - MBT Transport driver.) (.22/08/2013 - 12:37:02.) -- C:\Windows\system32\Drivers
etBT.sys [282624] [MD5.4412D565C0278C401575E11072C7DCE3] - (.Microsoft Corporation - NT File System Driver.) (.22/08/2013 - 14:25:41.) -- C:\Windows\system32\Drivers
tfs.sys [2011488] [MD5.764B1121867B2D9B31C491668AC72B2B] - (.Microsoft Corporation - Parallel Port Driver.) (.22/08/2013 - 12:40:02.) -- C:\Windows\system32\Drivers\Parport.sys [94208] [MD5.BBB6272B7F46C4640A8CDB8A70C3450F] - (.Microsoft Corporation - RAS L2TP mini-port/call-manager driver.) (.22/08/2013 - 12:35:51.) -- C:\Windows\system32\Drivers\Rasl2tp.sys [120832] [MD5.680C1DAE268B6FB67FA21B389A8B79EF] - (.Microsoft Corporation - Microsoft RDP Device Redirector.) (.22/08/2013 - 20:12:11.) -- C:\Windows\system32\Driversdpdr.sys [195584] [MD5.FFF28F9F6823EB1756C60F1649560BBF] - (.Microsoft Corporation - TDI Translation Driver.) (.22/08/2013 - 14:25:35.) -- C:\Windows\system32\Drivers	dx.sys [107520] [MD5.9F9CE33B50611A1C61A46B8911E0B30B] - (.Microsoft Corporation - Volume Snapshot driver.) (.22/08/2013 - 13:39:15.) -- C:\Windows\system32\Drivers\volsnap.sys [312160] ~ Generic Processes: Scanned in 00mn 00s    ---\ Status of Hidden Files (Hidden/Total) ~ My Favorites: 1/8 ~ My Documents: 1/2 ~ My Desktop: 2/9 ~ Programs: 1/24 ~ Hidden Files: Scanned in 00mn 00s    ---\ Running Processes [MD5.40DF15D9D193EDD52C6A99940B7EA423] - (.Dropbox, Inc. - Dropbox.) -- C:\Users\Emmanuel\AppData\Roaming\Dropbox\bin\Dropbox.exe [33322976] [PID.4100] [MD5.4E9AF25BA5E8219310E384AEA5B0EED8] - (.CyberLink - CyberLink MediaLibrary Service.) -- c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111576] [PID.4728] [MD5.1620FE36666F4BBC2314B7F360FB1965] - (.Google Inc. - Google Chrome.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488] [PID.4736] [MD5.6D652B06EB3916DC41A9DBBBC4EDEED1] - (.Nicolas Coolman - ZHPDiag.) -- C:\Program Files (x86)\ZHPDiag\ZHPDiag.exe [8020480] [PID.3396] ~ Processes Running: Scanned in 00mn 00s    ---\ Google Chrome, Startup, Search, Extensions (G0,G1,G2) C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Preferences G1 - GCS: Preference [User Data\Default] None G0 - GCSP: Preference [User Data\Default][HomePage] http://start.androidnewtab.com G1 - GCS: Preference [User Data\Default] http://search.androidnewtab.com G0 - GCSP: Preference [User Data\Default][HomePage] https://www.lequipe.fr/ G2 - GCE: Preference [User Data\Default] [ahfgeienlihckogmohjhadlkjgocpleb] Google Store v.0.2 (Enabled) G2 - GCE: Preference [User Data\Default] [aohghmighlieiainnegkcijnfilokake] Google Documents v.0.6 (Enabled) G2 - GCE: Preference [User Data\Default] [apdfllckaahabafndbhieahigkjlhalf] Google Drive v.6.3 (Enabled) G2 - GCE: Preference [User Data\Default] [blpcfgokakmgnkcojhhkbfbldkacnbeo] YouTube v.4.2.6 (Enabled) G2 - GCE: Preference [User Data\Default] [coobgpohoikkiipiblmjeljniedjpjpf] Google Search v.0.0.0.20 (Enabled) G2 - GCE: Preference [User Data\Default] [eemcgdkfndhakfknompkggombfjjjeno] Bookmark Manager v.0.1 (Enabled) G2 - GCE: Preference [User Data\Default] [ennkphjdgehloodpbhlhldgbnhmacadg] Settings v.0.2 (Enabled) G2 - GCE: Preference [User Data\Default] [gfdkimpbcpahaombhbimeihdjnejgicl] Feedback v.1.0 (Enabled) G2 - GCE: Preference [User Data\Default] [mfehgcgbbipciphmccgaenjidiccnmng] Cloud Print v.0.1 (Enabled) G2 - GCE: Preference [User Data\Default] [mgndgikekgjfcpckkfioiadnlibdjbkf] Chrome v.0.1 (Enabled) G2 - GCE: Preference [User Data\Default] [neajdppkdcdipfabeoofebfddakdcjhd] Google Network Speech v.1.0 (Enabled) G2 - GCE: Preference [User Data\Default] [nhjnmokdaalmckkikjklibeakholpham] Web Search v. () G2 - GCE: Preference [User Data\Default] [nkeimhogjdpnpccoofpliimaahmaaome] Google+ Hangouts v.1.0 (Enabled) G2 - GCE: Preference [User Data\Default] [nmmhkkegccagdldgiimedpiccmgmieda] Google Wallet v.0.0.6.1 (Enabled) G2 - GCE: Preference [User Data\Default] [pafkbggdmjlpgkdkcbjmhmfcdpncadgh] Google Now v.1.2.0.1 (Enabled) G2 - GCE: Preference [User Data\Default] [pjkljhegncpnkpknbcohdijeoejaedia] Gmail v.7 (Enabled)  ---\ List of Google Chrome Extension Folders G2 - EXT: C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [Google Documents] G2 - EXT: C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [Google Drive] G2 - EXT: C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [YouTube] G2 - EXT: C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [Google Search] G2 - EXT: C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions
mmhkkegccagdldgiimedpiccmgmieda [Google Wallet] G2 - EXT: C:\Users\Emmanuel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [Gmail] ~ Google Lines Browser: 26 Scanned in 00mn 00s    ---\ Mozilla Firefox, Plugins, Startup, Search, Extensions (P2,M0,M1,M2,M3) P2 - FPN: [HKLM] [@mcafee.com/MSC,version=10] - (...) -- C:\Program Files\mcafee\msc
pMcSnFFPl64.dll ~ Firefox Browser: 1 Scanned in 00mn 00s    ---\ Internet Explorer, Startup, Search, URLSearchHook, Phishing (R0,R1,R3,R4) R0 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl R0 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?gws_rd=ssl R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?gws_rd=ssl R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/ R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = https://www.microsoft.com/fr-fr/ R1 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = https://www.google.com/?gws_rd=ssl R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs,Tabs = about:newtab R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.microsoft.com/fr-fr/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.microsoft.com/fr-fr/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.microsoft.com/fr-fr/ R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons R1 - HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk R3 - URLSearchHook: Microsoft Url Search Hook [64Bits] - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Browser.) (11.00.9600.16384 (winblue_rtm.130821-1623)) -- C:\Windows\SysWOW64\ieframe.dll ~ IE Browser: 22 Scanned in 00mn 00s    ---\ Internet Explorer, Proxy Management (R5) R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1 R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll ~ Proxy management: Scanned in 00mn 00s    ---\ Analysis of F0, F1, F2, F3 Lines - IniFiles, Autoloading Programs F2 - REG:system.ini: USERINIT=C:\Windows\system32\userinit.exe, F2 - REG:system.ini: Shell=C:\Windows\explorer.exe F2 - REG:system.ini: VMApplet=C:\Windows\System32\SystemPropertiesPerformance.exe ~ Keys: Scanned in 00mn 00s    ---\ Hosts file redirection (O1) ~ The hosts file is clean. ~ Hosts File: Scanned in 00mn 00s ~ Number of lines: 21    ---\ Browser Helper Objects (O2) O2 - BHO: (no name) [64Bits] - {92aa6038-35c9-4666-893f-84716dec281c} Orphan key O2 - BHO: HP Network Check Helper [64Bits] - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} . (.Hewlett-Packard - HP Network Check IE Plug-in.) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll ~ BHO: 3 Scanned in 00mn 00s    ---\ Applications Launched at System Startup (O4) O4 - HKLM\..\Run: [BeatsOSDApp] . (.Hewlett-Packard - HP Beats.) -- C:\Program Files\IDT\WDM\beats64.exe O4 - HKLM\..\Run: [SysTrayApp] . (.IDT, Inc. - IDT PC Audio.) -- C:\Program Files\IDT\WDM\sttray64.exe O4 - HKLM\..\Run: [SimplePass] . (.Hewlett-Packard - HP SimplePass Application.) -- C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe O4 - HKLM\..\Run: [OPBHOBroker] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe O4 - HKLM\..\Run: [OPBHOBrokerDesktop] . (.Hewlett-Packard - HP SimplePass BHO Broker.) -- C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe O4 - HKLM\..\Wow6432Node\Run: [StartCCC] . (.Advanced Micro Devices, Inc. - Catalyst® Control Center Launcher.) -- C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe =>.Advanced Micro Devices, Inc O4 - HKLM\..\Wow6432Node\Run: [mcpltui_exe] . (.McAfee, Inc. - McAfee Security Center.) --

lilidurhone · Answer

You know  "Software: WindowsProtectManager20.0.0.339"  If not, uninstall it  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

It's done.

lilidurhone · Answer

Please host the report  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

Here it is: https://www.cjoint.com/?DEFpKXuOcMw

lilidurhone · Answer

Download Malwarebytes anti-malware here
https://www.commentcamarche.net/telecharger/securite/14361-malwarebytes-anti-malware/

* Install it (make sure to choose French; do not modify the installation settings)
* Uncheck the box for Activate the free trial of Malwarebytes Anti-Malware Premium at the end of the installation
* /!\ Windows Vista/7/8/8.1 users: right-click on the MalwareBytes' Anti-Malware shortcut and choose Run as administrator
* Click on Update in the Dashboard to update the database.
* In the Scan tab, select Threat Scan and then click on Scan Now.
* Once the scan is complete, click on Quarantine All and then Apply Actions

* (If a message asks to restart the PC to complete the removal, accept)

* The report is available in History > Application Logs. (Be sure to select the most recent one)
* You select the file and request to display it

* In the bottom left, there is an export button; click it, choose text file, and then select where to save it so you can later post it in your next response by hosting it on cjoint

* To help you https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers
--
If you have any problems, there is always a solution
~~~~~~ Cs ~~~~~~

mgb35 · Answer

here is https://www.cjoint.com/?DEFqUjIllnQ

lilidurhone · Answer

Refais zhpdiag  You are allowed to take a break if you wish ;)  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

Lol.. no worries https://www.cjoint.com/?DEFrlk6AiSE

lilidurhone · Answer

Attention customized script not to be reproduced on another computer risk of crashing!  * Only copy the lines indicated in bold below to the clipboard or Notepad (highlight with the mouse and then right-click copy from Script ZHPFix to the end, i.e. sysrestore)  Script ZHPFix G0 - GCSP: Preference [User Data\Default][HomePage] http://start.androidnewtab.com G1 - GCS: Preference [User Data\Default] http://search.androidnewtab.com O23 - Service: WindowsProtectManger Service (WindowsProtectManger) . (...) - C:\ProgramData\WindowsProtectManger\wprotectmanager.exe (.not file.) [MD5.00000000000000000000000000000000] [APT] [{13FD4736-A468-400E-BF50-877EC3D95E82}] (...) -- C:\Program Files (x86)\Fre_Ven_s Pro 23\Uninstall.exe (.not file.) [0] [MD5.00000000000000000000000000000000] [APT] [SystemSockets] (...) -- C:\Program Files (x86)\HomeTab\WBrowserHandler.exe (.not file.) [0] =>PUP.CertifiedToolbar O41 - Driver: ({8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64) . (.StdLib - StdLib.) - C:\Windows\System32\drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys =>PUP.LinkiDoo [HKLM\Software\Wow6432Node\supWindowsProtectManger] O43 - CFD: 31/05/2014 - 15:06:54 - [] ----D C:\ProgramData\WindowsProtectManger O45 - LFCP:[MD5.B00B4AB81FE7462DB90176A71C79B012] - 30/05/2014 - 18:52:39 ---A- - C:\Windows\Prefetch\AMSETUP_ACTIVERIS_DEFAULT_010-09DDD744.pf =>PUP.Activeris O45 - LFCP:[MD5.360CEF2E4A95BFAAEC7F5005E85AA439] - 30/05/2014 - 19:25:14 ---A- - C:\Windows\Prefetch\ANYPROTECT.EXE-53752276.pf =>PUP.AnyProtect O45 - LFCP:[MD5.A5577D6CEE819445163D1DA35FA32230] - 30/05/2014 - 19:22:59 ---A- - C:\Windows\Prefetch\ANYPROTECTSCANNERSETUP.EXE-43936199.pf =>PUP.AnyProtect O45 - LFCP:[MD5.0D2C5BED8AF4A879A3FA185DCDC42272] - 30/05/2014 - 19:02:57 ---A- - C:\Windows\Prefetch\ANYPROTECTSCANNERSETUP.EXE-DA22E31C.pf =>PUP.AnyProtect O45 - LFCP:[MD5.355C501451AC872E41DFF1C9492704A9] - 30/05/2014 - 18:43:44 ---A- - C:\Windows\Prefetch\FREESOFTTODAY.TMP-4A63E0D1.pf =>Adware.FreeSoftToday O45 - LFCP:[MD5.83FB978A0371AD8FEAE5843DA3790136] - 30/05/2014 - 18:43:21 ---A- - C:\Windows\Prefetch\RE-MARKITI90.EXE-B62DA68A.pf =>PUP.ReMarkIt O45 - LFCP:[MD5.635268C3283161D10EC5967E3BEC3E3D] - 30/05/2014 - 18:45:05 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC-STANDALONE-SETUP.-3E632043.pf =>PUP.SpeedUpMyPC O45 - LFCP:[MD5.C237CA5FAE9D08F935467BE43E857E48] - 30/05/2014 - 18:43:49 ---A- - C:\Windows\Prefetch\SPEEDUPMYPC.TMP-5268CBD6.pf =>PUP.SpeedUpMyPC O45 - LFCP:[MD5.B4F397B2111E575D1CE927ED63F3286C] - 30/05/2014 - 18:47:28 ---A- - C:\Windows\Prefetch\UPFST_FR_198.EXE-2807B83C.pf =>Adware.FreeSoftToday O58 - SDL:22/05/2014 - 17:24:44 ---A- . (.StdLib - StdLib.) -- C:\Windows\System32\Drivers\{8ce1c375-1e13-43f7-a4fd-6530f47c4fde}Gw64.sys [61120] =>PUP.LinkiDoo O69 - SBI: SearchScopes [HKCU] {9BB47C17-9C68-4BB3-B188-DD9AF0FD2492} - (default-search.net) - https://www.default-search.net/ =>Hijacker.Browsers O69 - SBI: SearchScopes [HKCR] {afdbddaa-5d3f-42ee-b79c-185a7020515b} [DefaultScope] - (Web Search) - http://ww7.certified-toolbar.com =>PUP.CertifiedToolbar SS - | Auto 10/07/1658 0 | (WindowsProtectManger) . (...) - C:\ProgramData\WindowsProtectManger\wprotectmanager.exe [HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}] =>Adware.Bandoo^ sysrestore   * Run ZHPFix (syringe icon) as administrator (if you are on Vista/7/8) otherwise double-click the syringe-shaped icon and then click OK to continue.  * Click on import (In some cases the script is automatically pasted in the script area and does not require clicking the "IMPORT" button.)  * If you do not see the lines right-click in the box and paste  * Click the GO button to start the cleaning and let the tool work.  * Zhpfix will offer to empty the recycle bin if you wish click yes if you do not wish click no  * Restart the PC and post the report C:\ZHP\ZHPFixReport.txt by hosting it on cjoint  * To help you https://www.commentcamarche.net/faq/29493-utiliser-cjoint-pour-heberger-des-fichiers    -- If there is a problem there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

Here it is https://www.cjoint.com/?DEFrDr1fjbZ

lilidurhone · Answer

No more worries?  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

Apparently not. Thank you very much for your help. Have a good evening.

lilidurhone · Answer

1) Uninstalling disinfection tools Download Delfix here https://www.commentcamarche.net/telecharger/securite/7111-delfix/  Run it as an administrator (if you are on XP, double-click the downloaded file) and once you are on the interface, check the following boxes   -remove disinfection tools -purge system restore  Then click on Run and wait during the deletion process.  The report will be saved to the clipboard and to your hard drive (C:\DelFix.txt). Post the report  2) Don't forget to update Java, Adobe Reader, and Flash Player for IE (Chrome already integrates it) A useful link to read https://www.commentcamarche.net/faq/13362-mettre-a-jour-son-pc-contre-les-failles-de-securite Also remember to keep Windows updated via Windows update https://www.java.com/fr/download/manual.jsp    3) To enable your software to update, I recommend using Filehippo Update Checker  You can download it here https://www.commentcamarche.net/telecharger/utilitaires/9771-filehippo-app-manager/  For the installation of Filehippo, only uncheck the option to place the icon in the quick launch bar    4) To clean temporary files (note, no registry cleaning), you can use CCleaner with a tutorial to configure it properly (https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/ Download link https://www.commentcamarche.net/telecharger/utilitaires/5647-ccleaner/ You can also use Windows Disk Cleaner Don't forget to defragment your hard drive from time to time, either by using the utility or a third-party software like Defraggler or Auslogics Disk Defrag  Forget about cleaner types like Tuneup, Glary, and other miracle cleaners, they will only slow down your machine, and cleaning too much may cause serious malfunctions    5) Secure your browsers for example with WOT and simple Adblock for Internet Explorer To download WOT for IE, it's here https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp https://adblockplus.org/ For Chrome (if you have Chrome)  WOT available here https://chrome.google.com/webstore/detail/wot-web-of-trust-website/bhmmomiinigofkjcapegjjndpbikblnp?hl=fr  Adblock available here https://www.commentcamarche.net/telecharger/web-internet/2555-adblock-plus-pour-chrome/  Download link for WOT on Firefox https://addons.mozilla.org/fr/firefox/addon/wot-safe-browsing-tool/  Link to download Adblock +  https://addons.mozilla.org/fr/firefox/addon/adblock-plus/?src=ss   6) Be careful about what you download, where and how Try to avoid downloading from O1net, Tom's Guide, Télécharger.com and Softonic and the like as they repackage software with potentially unwanted programs To read http://www.stoppublicites.fr/ https://www.malekal.com/adwares-pup-protection/  7) Why you should avoid downloading from P2P  The risks are high; your machine may become a zombie PC A bit of reading regarding the dangers and risks https://forum.malekal.com/viewtopic.php?t=3208&start= https://forum.malekal.com/viewtopic.php?t=893&start=  -- If there is a problem, there is always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

Here it is: https://www.cjoint.com/?DEFrVKsHR4T

lilidurhone · Answer

Keep going :=)  -- If there's a problem, there's always a solution ~~~~~~ Cs ~~~~~~

mgb35 · Answer

Thank you for everything!

Bloatware

31 answers

Excel spreadsheet

Atlantis light version, the free alternative to word for old pcs

Mouse pointer works but mouse has no effect in libreoffice

Why are french government websites getting hacked?

Hello, why can't i open my recent videos anymore?

No "pin - windows hello" prompt at windows 10 startup

Add google calendar appointment by voice

Is the autodoc app worth it?

Suspected virus

Audio processing object apo update failed?