• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

help! Applications uninstalling themselves!

Status
Not open for further replies.

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#1
, I have an issue with my win7 that I have never seen before, I am having applications completely dissapear from my harddrive,
the folder is still left behind in the start window but is empty, even if I click on the apps desktop icon & open properties, the file path is greyed out confirming its gone!
Im useing a 64bit so its not a rootkit, I find nothing in AV scans, & so far I have not seen the issue if I run a vurtual box, wtf is going on?
Its not just third party app disapearing either , windows media center vanished nad so does windows movie maker, # I am stumped, I found practicaly nothing about this on the web,
So what the hell is going on?
:banghead:
thanks in advance
 
Joined
Apr 10, 2010
Messages
1,685 (0.55/day)
Likes
303
Location
London
System Name Jaspe
Processor i7 7800X 4.3Ghz
Motherboard MSI X299 Gaming Pro Carbon AC
Cooling Silverstone Tundra Lite
Memory 16Gb Corsair 3200mhz
Video Card(s) EVGA GTX 1080 SC
Storage PNY M.2 480GB Crucial M500 WD Velociraptor
Display(s) AOC Q2778VQE
Case In Win GRone
Audio Device(s) Onboard
Power Supply Antec Signature 650
Software Windows 10 Home
#2
Welcome to TPU. Wait for the experts but I think you have a bad spirit in your PC. :laugh:
 

epicfail

New Member
Joined
Nov 10, 2008
Messages
496 (0.14/day)
Likes
50
Location
Manitoba, Canada
System Name GavinComp/// Laptop
Processor Intel Core 2 Duo E8500 3,16//I7 920m
Motherboard ASUS P5Q PRO P45//
Cooling stock// looks like a bad ass f117
Memory 2x2gb gskill DDR2-1066// 8gb ddr3
Video Card(s) Palit 4870x2 2gb//5870m
Storage 500gb Hitachi Deskstar//2x 500gb harddrive
Display(s) 22 inch Samsung Vsyng t220/ 17.3
Case antec 900
Audio Device(s) x-fi titanium pro
Power Supply 750w PC power and cooling
Software Windows 7 ultimate x64
#3
off topic: someone in your family is pulling your leg and laughing right now at you posting asking about it.

ontopic: Welcome to TPU,
 
Joined
Apr 16, 2010
Messages
3,144 (1.02/day)
Likes
1,125
Location
Portugal
System Name _JP_'s Daily Driver
Processor AMD Ryzen 7 1700
Motherboard MSI X370 Gaming Plus
Cooling Noctua NH-C12P SE14 + NM-AM4 + NF-P14r
Memory 2x 8GB G.Skill Trident Z (F4-3200C16D-16GTZB)(Hynix)
Video Card(s) MSI AMD Radeon R9 280X Gaming
Storage HyperX Savage 240GB + KC300 240GB + 750EVO 500GB
Display(s) LG Flatron W2361V 23'' FHD
Case NOX Blaze
Audio Device(s) ASUS Xonar DX
Power Supply Corsair TX650M
Mouse Microsoft Comfort Mouse 4500
Keyboard Logitech Media Keyboard (PS/2)
Software Windows 10 x86-64 (1703)
#4
, I have an issue with my win7 that I have never seen before, I am having applications completely dissapear from my harddrive,
the folder is still left behind in the start window but is empty, even if I click on the apps desktop icon & open properties, the file path is greyed out confirming its gone!
Im useing a 64bit so its not a rootkit, I find nothing in AV scans, & so far I have not seen the issue if I run a vurtual box, wtf is going on?
Its not just third party app disapearing either , windows media center vanished nad so does windows movie maker, # I am stumped, I found practicaly nothing about this on the web,
So what the hell is going on?
:banghead:
thanks in advance
Welcome to TPU! :)

Uhm, yeah, about that, well just because you're running a 64-bit OS it doesn't mean that you are immune from rootkits. There are also 64-bit rootkits, just not as many as 32-bit. But the fact that it is rare to find one, isn't something you should go ignoring, because it can bite you when you're not looking.
Also, a 64-bit OS can run 32-bit applications, programs and files.
If it isn't a rootkit, you could start looking for trojans, worms, the usual stuff.

BTW, what AV are you using?

EDIT: Baco, you should really edit your Thread Title. It goes against the rules, you should have read them. Please, don't anger the Mods. Thanks.
 
Last edited:

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#5
well first of all , its not someone in my family because I live alone, I use eset smart security , mlware bytes, with winpatrol, I have not found any malware trojans etc in the scans I have done, as for rootkits , can you suggest what I could use to scan a 64bit OS?
ps whats wrong with my thread title?
thanks all . baco
 

AsRock

TPU addict
Joined
Jun 23, 2007
Messages
15,708 (3.82/day)
Likes
5,062
Location
UK\US
Processor 2500k \ 3770k
Motherboard ASRock Z68 \ Z77
Memory Samsung low profile 1600
Video Card(s) XFX 6770 \ XFX R9 390X
Storage Intel 80Gb (SATA2) WD 250Gb \ Team SSD+Samsung Evo 250Gb+500Gb+ 2xCorsair Force+WD250GbHDD
Display(s) Samsung 1080P \ Toshiba HDTV 1080P
Case HTPC400 \ Thermaltake Armor case ( original ), With Zalman fan controller ( wattage usage ).
Audio Device(s) Yamaha RX-A820 \ Yamaha CX-830+Yamaha MX630 Tannoy Mercury MKII Paradigm 5SE + Tannoy Mercury F4
Power Supply PC&Power 750w \ Seasonic 750w MKII
Mouse MS intelimouse \ Logitech G700s + Steelseries Sensei wireless
Keyboard Logitech K120 \ ROCCAT MK Pro ( modded amber leds )
Benchmark Scores Meh benchmarks.
#6
You could try chkdisk and see if there is errors on the HDD. And with it being a boot drive make sure it reboots before checking.
 
Joined
Apr 16, 2010
Messages
3,144 (1.02/day)
Likes
1,125
Location
Portugal
System Name _JP_'s Daily Driver
Processor AMD Ryzen 7 1700
Motherboard MSI X370 Gaming Plus
Cooling Noctua NH-C12P SE14 + NM-AM4 + NF-P14r
Memory 2x 8GB G.Skill Trident Z (F4-3200C16D-16GTZB)(Hynix)
Video Card(s) MSI AMD Radeon R9 280X Gaming
Storage HyperX Savage 240GB + KC300 240GB + 750EVO 500GB
Display(s) LG Flatron W2361V 23'' FHD
Case NOX Blaze
Audio Device(s) ASUS Xonar DX
Power Supply Corsair TX650M
Mouse Microsoft Comfort Mouse 4500
Keyboard Logitech Media Keyboard (PS/2)
Software Windows 10 x86-64 (1703)
#7
Never mind the title then.

Try installing and running a program called HijackThis. Just run it in administrator mode, do a scan and save a logfile, and after paste that logfile into this site's textbox. Press analyze and check if there's anything wrong. If you have any doubts, please, post them here.

The ESET Smart Security is an A-OK AV, in my opinion, as I also use it. There's just one problem with it, without real-time protection over all things, rootkits get in very easily (as well as with any other AV with real-time disabled) and are (almost) never spotted after they're in.
Winpatrol is a very good tool, but only if you know what you are looking for.
And if Malware bytes didn't find a rootkit, either it's very well buried (and in that case, any other anti-rootkit won't find it) or it isn't there at all.

You said you didn't find practically anything about you're problem. I did some research, as this is a rather odd thing, and found out that this, in case of not being a rootkit, it's most likely a corrupt registry.

Backup your files, boot into safe mode, and run for a last time all of your security systems, as an administrator and enable low-lever searches if that's available. Low-lever searches are needed because the rootkit (if there is one) can be running with a kernel driver and in safe mode it will be disabled (hopefully :p).

If it was a rootkit and you solved it, your problems should be gone, if not, there are more drastic measures:

1 - Repair Install

Then login to your computer, take your Win7 DVD, and with it try to do a repair it with the repair install option. This may correct any problems with the Windows registry. Beware some applications and drivers may need to be reinstalled after this. Heres a neat Guide on how to do it.

2 - Format and Reinstall Windows

This one is pretty much known by everyone that uses a computer and already has had a serious problem with it. It's the harshest approach, but most of the times, the most effective.

Due to the lack of info on that particular problem, there aren't any more options I can give you (for the time being...), as it is a very awkward problem.

P.S.: If anyone else wants to give any more inputs to help, I think they would be very welcome.
 
Last edited:

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#8
thanks for your reply , but I thought I would mention I have allready reinstalled my OS more than once and the issue was still there, but I will take on board what you have sugested and will post the results,
regards , Baco
 
Joined
Jun 2, 2007
Messages
5,105 (1.23/day)
Likes
1,249
Location
Kansas
Processor Core i5 3570K
Motherboard AsRock z77 Pro4
Cooling Zalman CNPS10X Extreme
Memory 2x4GB GSkill Sniper
Video Card(s) MSI GTX970 Gaming
Storage 240GB OCZ ARC 100, Samsung Spinpoint F3 1TB
Display(s) LG 23" 1920x1080
Case Antec P100
Audio Device(s) Onboard
Power Supply Antec Edge 750W
Software Windows 8.1 Pro 64
#9
If you're having this problem after a reinstall, I'd be willing to bet on a bad HDD.
 

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#10
odd, as I have done a memory test and a chkdsk test and both reported no errors, I am going to buy a new HDD as that will tell me for sure one way or the other,
I have also since run the sophos rootkit scan and that was also clean,
what is odd though (to me at least) is that I have not (yet) seen the issue when I ran my OS in a VMware virtual box..
its really perplexing, I have encountered and cured most things you would encounter but this is definatly a new one for me!
 
Last edited:
Joined
Jan 11, 2009
Messages
9,044 (2.55/day)
Likes
1,459
Location
Montreal, Canada
System Name Homelabs, #2 in construction
Processor i7 3930k @ 3.6 GHz | Ryzen 1700
Motherboard AsRock X79 Fatal1ty pro | AsRock x370
Cooling Dark Rock Pro 3 | Wraith Cooler
Memory 32GB (4x8gb) DDR3 2133Mhz | can't afford DDR4 yet lol
Video Card(s) GTX 970 incoming | RX 560 2gb
Storage Bunch of SSDs (HDDs coming eventually)
Display(s) Korean 1440p | Dell refurb 19"
Case BeQuiet! SilentBase 800 | some ATX case
Audio Device(s) AKG KXXX
Power Supply EVGA P2 750W | none yet
#11
maybe a bad OS install? Like your DVD is corrupted? Are you doing complete reinstalls?
 

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#12
yep complete, and not only that but I have used two different DVDs so I doubt they would both be corrupted with the same issue? one is a vista home prem to win 7 prem upgrade disk the other is a full win7 ultimate disc, I will keep checking the ideas/suggestions that get posted to me here and will install to a different HDD and will keep the thread updated as to my progress, as it may be usefull to another user in the future? Thanks for all the inputs so far peeps..
Baco.
 
Joined
Jan 11, 2009
Messages
9,044 (2.55/day)
Likes
1,459
Location
Montreal, Canada
System Name Homelabs, #2 in construction
Processor i7 3930k @ 3.6 GHz | Ryzen 1700
Motherboard AsRock X79 Fatal1ty pro | AsRock x370
Cooling Dark Rock Pro 3 | Wraith Cooler
Memory 32GB (4x8gb) DDR3 2133Mhz | can't afford DDR4 yet lol
Video Card(s) GTX 970 incoming | RX 560 2gb
Storage Bunch of SSDs (HDDs coming eventually)
Display(s) Korean 1440p | Dell refurb 19"
Case BeQuiet! SilentBase 800 | some ATX case
Audio Device(s) AKG KXXX
Power Supply EVGA P2 750W | none yet
#13
maybe someone is accessing your computer remotely? Are you connect to a network? is your connection secure?
 

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#14
yep its secure Im on my wired home network through my router firewall and my pc firewall,plus I have tested the problem unplugged...
 

Solaris17

Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
19,765 (4.13/day)
Likes
6,799
Location
Florida
System Name Venslar
Processor I9 7980XE
Motherboard MSI x299 Tomahawk Arctic
Cooling EKWB L360 R2.0
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Gigabyte 1080TI
Storage 2x 2TB Micron SSDs | 1x ADATA 128SSD | 1x Drevo 256SSD | 1x 1TB 850 EVO | 1x 250GB 960 EVO
Display(s) 3x AOC Q2577PWQ (2k IPS)
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Realtek ALC 1220 on Audio-Technica ATH-AG1
Power Supply Seasonic 1050W Snow
Mouse Roccat Tyon White
Keyboard Ducky Shine 6 Snow White
Software Windows 10 x64 Pro
#15
run HD tune. prntscrn S.M.A.R.T data screen for your boot drive and run a (long) check for bad sectors on your boot(OS) drive. also check sata cables iv seen/had some weird shit happen with loose sata cables.
 

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#16
well heres an update of sorts, I ran HDTune deep scan and that came back all green , no bad sectors, there were no loose sata cables, as for the prntscm S>M>A>R>T data screen thats something new to me though the cmd does seem to suggest a print out? could you give me more details and I will give it a try,
thanks, ,Baco
 

Solaris17

Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
19,765 (4.13/day)
Likes
6,799
Location
Florida
System Name Venslar
Processor I9 7980XE
Motherboard MSI x299 Tomahawk Arctic
Cooling EKWB L360 R2.0
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Gigabyte 1080TI
Storage 2x 2TB Micron SSDs | 1x ADATA 128SSD | 1x Drevo 256SSD | 1x 1TB 850 EVO | 1x 250GB 960 EVO
Display(s) 3x AOC Q2577PWQ (2k IPS)
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Realtek ALC 1220 on Audio-Technica ATH-AG1
Power Supply Seasonic 1050W Snow
Mouse Roccat Tyon White
Keyboard Ducky Shine 6 Snow White
Software Windows 10 x64 Pro
#17
well heres an update of sorts, I ran HDTune deep scan and that came back all green , no bad sectors, there were no loose sata cables, as for the prntscm S>M>A>R>T data screen thats something new to me though the cmd does seem to suggest a print out? could you give me more details and I will give it a try,
thanks, ,Baco
just open the SMART screen and take a screen shot. then hit paste in paint save it and upload here so we can read the SMART read out of the drive.
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
22,823 (6.28/day)
Likes
11,864
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
#18
Open up "Computer" and in the address bar, clear everything in there, put the following line in, and hit enter:

%windir%\ehome\ehshell.exe

If Windows Media Center opens, the application is still there but your links are gone/bad.
 

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#19
hi thanks for your reply , its not just media center its allmost EVERY appin my start menu that dissapears the only thing left is an empty folder and the desktop icon,
if I click on the D.T icon and click properties /find target the target line is greyed out cos its gone, now recently even Malwarebytes refuses to reinstall after it too disapears,as a sytem file is gone & wont reistall, so I dont have to explain everthing , if you havent allready? please read all the other posts & replies, thanks again for your post,
Baco

Ok I will save and upload a screen shot , but I dont see how that will help you get any more info? aas all you will see is a Block of green with no red at all , As like I said before there was no damaged sektors , And also paint is another app that has dissapeared..
but I will see what I can do to post all the stats that the test gives me,
regards Baco
 
Last edited by a moderator:

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
22,823 (6.28/day)
Likes
11,864
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
#20
Did you try it?

If you did and it says file not found, you got a virus. You're best fix for that is erasing the computer and reinstalling Windows from the disk.
 

Solaris17

Dainty Moderator
Staff member
Joined
Aug 16, 2005
Messages
19,765 (4.13/day)
Likes
6,799
Location
Florida
System Name Venslar
Processor I9 7980XE
Motherboard MSI x299 Tomahawk Arctic
Cooling EKWB L360 R2.0
Memory 32GB Corsair DDR4 3000mhz
Video Card(s) Gigabyte 1080TI
Storage 2x 2TB Micron SSDs | 1x ADATA 128SSD | 1x Drevo 256SSD | 1x 1TB 850 EVO | 1x 250GB 960 EVO
Display(s) 3x AOC Q2577PWQ (2k IPS)
Case Inwin 303 White (Thermaltake Ring 120mm Purple accent)
Audio Device(s) Realtek ALC 1220 on Audio-Technica ATH-AG1
Power Supply Seasonic 1050W Snow
Mouse Roccat Tyon White
Keyboard Ducky Shine 6 Snow White
Software Windows 10 x64 Pro
#21
hi thanks for your reply , its not just media center its allmost EVERY appin my start menu that dissapears the only thing left is an empty folder and the desktop icon,
if I click on the D.T icon and click properties /find target the target line is greyed out cos its gone, now recently even Malwarebytes refuses to reinstall after it too disapears,as a sytem file is gone & wont reistall, so I dont have to explain everthing , if you havent allready? please read all the other posts & replies, thanks again for your post,
Baco

Ok I will save and upload a screen shot , but I dont see how that will help you get any more info? aas all you will see is a Block of green with no red at all , As like I said before there was no damaged sektors , And also paint is another app that has dissapeared..
but I will see what I can do to post all the stats that the test gives me,
regards Baco

the green boxes arent what i want i want the "HEALTH" tab.
 

Baco

New Member
Joined
Jun 7, 2010
Messages
9 (0.00/day)
Likes
0
#22
re my last reply

ok, Sorry about that I missunderstood what you wanted,
will do,
Baco.
 

duperudee

New Member
Joined
Sep 14, 2018
Messages
1 (0.08/day)
Likes
0
#23
Never mind the title then.

Try installing and running a program called HijackThis. Just run it in administrator mode, do a scan and save a logfile, and after paste that logfile into this site's textbox. Press analyze and check if there's anything wrong. If you have any doubts, please, post them here.

The ESET Smart Security is an A-OK AV, in my opinion, as I also use it. There's just one problem with it, without real-time protection over all things, rootkits get in very easily (as well as with any other AV with real-time disabled) and are (almost) never spotted after they're in.
Winpatrol is a very good tool, but only if you know what you are looking for.
And if Malware bytes didn't find a rootkit, either it's very well buried (and in that case, any other anti-rootkit won't find it) or it isn't there at all.

You said you didn't find practically anything about you're problem. I did some research, as this is a rather odd thing, and found out that this, in case of not being a rootkit, it's most likely a corrupt registry.

Backup your files, boot into safe mode, and run for a last time all of your security systems, as an administrator and enable low-lever searches if that's available. Low-lever searches are needed because the rootkit (if there is one) can be running with a kernel driver and in safe mode it will be disabled (hopefully :p).

If it was a rootkit and you solved it, your problems should be gone, if not, there are more drastic measures:

1 - Repair Install

Then login to your computer, take your Win7 DVD, and with it try to do a repair it with the repair install option. This may correct any problems with the Windows registry. Beware some applications and drivers may need to be reinstalled after this. Heres a neat Guide on how to do it.

2 - Format and Reinstall Windows

This one is pretty much known by everyone that uses a computer and already has had a serious problem with it. It's the harshest approach, but most of the times, the most effective.

Due to the lack of info on that particular problem, there aren't any more options I can give you (for the time being...), as it is a very awkward problem.

P.S.: If anyone else wants to give any more inputs to help, I think they would be very welcome.
Please help. I am having the same issue. Thank you.
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:08:51 PM, on 9/14/2018
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Users\ugyen sir\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
C:\Program Files (x86)\SAP\SapSetup\setup\Updater\NwSapSetupUserNotificationTool.exe
C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
C:\Users\ugyen sir\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: 0.0.0.1 mssplus.mcafee.com
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Soda PDF 5 IE Helper - {C737F472-1193-4281-BF53-A00B67AB3E19} - C:\Program Files (x86)\Soda PDF 5\PDFIEHelper.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O3 - Toolbar: Soda PDF 5 IE Toolbar - {F335ABA2-FDB4-4644-92B2-5CC4B0FC91D6} - C:\Program Files (x86)\Soda PDF 5\PDFIEPlugin.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
O4 - HKLM\..\Run: [DTRun] C:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [StatusAlerts] "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:eek:n /alerts:eek:n /notifications:eek:n /fl:eek:n /fr:eek:n /appData:eek:n /tmcp:eek:n
O4 - HKLM\..\Run: [SAP_WUS_UNT] "C:\Program Files (x86)\SAP\SAPsetup\setup\Updater\NwSapSetupUserNotificationTool.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
O4 - HKCU\..\Run: [WildMeadow] "C:\Windows\rss\csrss.exe"
O4 - HKCU\..\Run: [CloudNet] "C:\Users\ugyen sir\AppData\Roaming\EpicNet Inc\CloudNet\cloudnet.exe" 31339
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.11.766\SSScheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{F5A50334-1C8A-4C73-9E66-432909EAD553}: NameServer = 202.144.128.214,202.144.128.205
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Program Files\IDT\WDM\AESTSr64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Company - C:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP LaserJet Service - Unknown owner - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe (file missing)
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - C:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe (file missing)
O23 - Service: hpHotkeyMonitor - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Identity Protection Technology Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: McAfee Endpoint Encryption Agent - Unknown owner - C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe (file missing)
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.11.766\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SAPSetup Automatic Workstation Update Service (NWSAPAutoWorkstationUpdateSvc) - SAP AG - C:\Program Files (x86)\SAP\SAPsetup\setup\Updater\NwSapAutoWorkstationUpdateService.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: Portrait Displays SDK Service (PdiService) - Portrait Displays, Inc. - C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: QMEmulatorService - Tencent - C:\Program Files\TxGameAssistant\AppMarket\QMEmulatorService.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: RtlISMServ - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Internet Sharing Manager\HP_UI\RtlService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: Soda PDF 5 Helper Service - LULU Software - C:\Program Files (x86)\Soda PDF 5\HelperService.exe
O23 - Service: Soda PDF 5 Service - LULU Software - C:\Program Files (x86)\Soda PDF 5\ConversionService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - Unknown owner - C:\Program Files\IDT\WDM\STacSV64.exe (file missing)
O23 - Service: TCPSvc - Unknown owner - C:\Users\ugyen sir\AppData\Local\Temp\csrss\proxy\tor.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\Windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: Windows Defender Helper Service (Windows 1703 Creators Update) (WinDefender) - Unknown owner - C:\Windows\windefender.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15023 bytes
 

RCoon

Gaming Moderator
Staff member
Joined
Apr 19, 2012
Messages
11,655 (4.96/day)
Likes
9,911
Location
Gypsyland, UK
System Name HP Omen 17
Processor i7 7700HQ
Memory 16GB 2400Mhz DDR4
Video Card(s) GTX 1060
Storage Samsung SM961 256GB + HGST 1TB
Display(s) 1080p IPS G-SYNC 75Hz
Audio Device(s) Bang & Olufsen
Power Supply 230W
Mouse Roccat Kone XTD+
Software Win 10 Pro
#24
Please make a new thread and link to this one as prior evidence. Necroing a 10 year old thread with an OP that likely doesn't visit the site anymore isn't going to help anyway, and I know for sure people are not gonna read the thread date and start replying to eight year old posts.
 
Status
Not open for further replies.
Top