Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer boots/operates VERY SLOWLY


  • This topic is locked This topic is locked

#1
CZ2761

CZ2761

    Member

  • Member
  • PipPip
  • 95 posts
My computer was working fine until I started it a couple days ago and it wouldn't bring up the desktop. I cleaned it up as best I could but it still boots very slowly. Once the icons load (about 20 minutes), it takes anywhere from 10-30 minutes for action to be taken on any task I wish to perform. I'm suspecting a malware.

OTN log:

OTL logfile created on: 9/19/2011 4:35:51 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Rankin\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 65.93% Memory free
8.15 Gb Paging File | 6.71 Gb Available in Paging File | 82.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.98 Gb Total Space | 352.21 Gb Free Space | 77.75% Space Free | Partition Type: NTFS
Drive D: | 12.78 Gb Total Space | 1.74 Gb Free Space | 13.63% Space Free | Partition Type: NTFS

Computer Name: RANKIN-PC | User Name: Rankin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/09/19 16:35:24 | 000,582,656 | ---- | M] (OldTimer Tools) -- C:\Users\Rankin\Downloads\OTL.exe
PRC - [2011/09/19 10:42:56 | 000,594,448 | ---- | M] (Webroot) -- C:\Program Files (x86)\Webroot\WRSA.exe
PRC - [2011/09/14 05:41:54 | 001,030,200 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2011/05/15 09:50:22 | 001,201,656 | ---- | M] (Webroot Software, Inc. ) -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe
PRC - [2011/03/22 10:14:12 | 004,048,256 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe
PRC - [2009/07/08 15:48:38 | 000,245,760 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\UVC Video Camera\UVCSti.exe
PRC - [2009/04/24 17:07:12 | 007,540,736 | ---- | M] (Alcor Micro Corp.) -- C:\Program Files (x86)\UVC Video Camera\EffectDir\UVCTray.exe
PRC - [2008/11/03 18:21:18 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
PRC - [2008/11/03 18:21:16 | 000,182,808 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2007/04/18 11:01:34 | 000,065,536 | ---- | M] (Hewlett-Packard Company) -- C:\hp\support\hpsysdrv.exe
PRC - [2006/06/08 16:33:38 | 001,871,872 | ---- | M] (PIXELA CORPORATION) -- C:\Program Files (x86)\PIXELA\ImageMixer for HDD Camcorder\IMx3Launcher.exe


========== Modules (No Company Name) ==========

MOD - [2011/09/14 05:41:53 | 000,412,728 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\ppgooglenaclpluginchrome.dll
MOD - [2011/09/14 05:41:51 | 003,696,184 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\pdf.dll
MOD - [2011/09/14 05:40:26 | 000,142,568 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\avutil-51.dll
MOD - [2011/09/14 05:40:24 | 000,253,320 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\avformat-53.dll
MOD - [2011/09/14 05:40:23 | 002,403,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\avcodec-53.dll
MOD - [2011/09/14 03:17:25 | 006,338,720 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\gcswf32.dll
MOD - [2005/12/28 16:59:32 | 000,073,728 | ---- | M] () -- C:\Program Files (x86)\PIXELA\ImageMixer for HDD Camcorder\smf_avi_krs_win32dll.dll
MOD - [2005/11/29 19:10:42 | 000,364,544 | ---- | M] () -- C:\Program Files (x86)\PIXELA\ImageMixer for HDD Camcorder\pxl_m17n_tool.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2008/01/20 22:47:32 | 000,383,544 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2007/10/18 11:37:22 | 000,412,672 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.exe -- (XAudioService)
SRV - [2011/09/19 10:42:56 | 000,594,448 | ---- | M] (Webroot) [Auto | Running] -- C:\Program Files (x86)\Webroot\WRSA.exe -- (WRSVC)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/05/15 09:50:22 | 001,201,656 | ---- | M] (Webroot Software, Inc. ) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\WRConsumerService.exe -- (WRConsumerService)
SRV - [2011/03/22 10:14:12 | 004,048,256 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Auto | Running] -- C:\Program Files (x86)\Webroot\WebrootSecurity\SpySweeper.exe -- (WebrootSpySweeperService)
SRV - [2010/10/12 13:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/03/30 00:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008/11/03 18:21:18 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) Intel®


========== Driver Services (SafeList) ==========

DRV:64bit: - [2011/09/19 10:59:06 | 000,106,824 | ---- | M] (Webroot) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\WRkrn.sys -- (WRkrn)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/03/22 10:14:24 | 000,135,304 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssidrv.sys -- (ssidrv)
DRV:64bit: - [2011/03/22 10:14:22 | 000,037,512 | ---- | M] (Webroot Software, Inc. (www.webroot.com)) [Kernel | Boot | Running] -- C:\Windows\SysNative\DRIVERS\ssfs0bbc.sys -- (ssfs0bbc)
DRV:64bit: - [2010/06/06 23:12:22 | 000,035,840 | R--- | M] (Avanquest Software) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BVRPMPR5a64.SYS -- (BVRPMPR5a64)
DRV:64bit: - [2009/09/30 20:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009/07/08 15:48:38 | 000,362,880 | ---- | M] (CamVendor) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\cam3820a.sys -- (Cam3820)
DRV:64bit: - [2009/05/18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2008/11/03 18:10:08 | 000,406,040 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iastor.sys -- (iaStor)
DRV:64bit: - [2008/03/25 05:50:18 | 007,715,680 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\igdkmd64.sys -- (igfx)
DRV:64bit: - [2008/02/14 10:56:14 | 000,160,768 | ---- | M] (Realtek Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\Rtlh64.sys -- (RTL8169)
DRV:64bit: - [2008/02/12 11:50:14 | 000,286,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAXHWBS3.sys -- (CAXHWBS3)
DRV:64bit: - [2008/02/12 11:48:10 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2008/02/12 11:47:08 | 001,481,216 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\CAX_DP.sys -- (HSF_DP)
DRV:64bit: - [2007/10/18 11:37:10 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\xaudio64.sys -- (XAudio)
DRV:64bit: - [2006/06/19 10:27:24 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\mdmxsdk.sys -- (mdmxsdk)

========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cndt
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cndt

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = www.bing.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Elf 1.13 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "http://search.condui...={searchTerms}"
FF - prefs.js..browser.search.order.1: "Yahoo"
FF - prefs.js..browser.search.order.2: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Elf 1.13 Customized Web Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://www.google.com/"
FF - prefs.js..extensions.enabledItems: [email protected]:3.2.1.265
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: [email protected]:7
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.3.20100310105313
FF - prefs.js..extensions.enabledItems: [email protected]:3.3.0.19
FF - prefs.js..extensions.enabledItems: {b80f591e-fe9a-46cf-a13e-180377240586}:3.3.0.19
FF - prefs.js..keyword.URL: "http://us.yhs.search...2-tb-web_us&p="
FF - prefs.js..network.proxy.http: "127.0.0.1"
FF - prefs.js..network.proxy.http_port: 53414
FF - prefs.js..network.proxy.type: 1


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Rankin\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@movenetworks.com/Quantum Media Player: C:\Users\Rankin\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll (Move Networks)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/23 21:07:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{27182e60-b5f3-411c-b545-b44205977502}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ [2011/07/04 12:01:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/07/04 12:01:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Users\Rankin\AppData\Roaming\Move Networks [2009/09/27 18:09:40 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/23 21:07:00 | 000,000,000 | ---D | M]

[2009/01/10 12:08:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rankin\AppData\Roaming\Mozilla\Extensions
[2011/07/02 10:48:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Rankin\AppData\Roaming\Mozilla\Firefox\Profiles\6vomydt2.default\extensions
[2010/08/29 09:16:43 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Rankin\AppData\Roaming\Mozilla\Firefox\Profiles\6vomydt2.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2010/08/29 09:16:44 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\Rankin\AppData\Roaming\Mozilla\Firefox\Profiles\6vomydt2.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/12/31 15:07:25 | 000,000,000 | ---D | M] (Elf 1.13 Community Toolbar) -- C:\Users\Rankin\AppData\Roaming\Mozilla\Firefox\Profiles\6vomydt2.default\extensions\{b80f591e-fe9a-46cf-a13e-180377240586}
[2010/12/31 15:07:25 | 000,000,000 | ---D | M] (Conduit Engine) -- C:\Users\Rankin\AppData\Roaming\Mozilla\Firefox\Profiles\6vomydt2.default\extensions\[email protected]
[2010/09/06 13:27:40 | 000,000,000 | ---D | M] (Ask.com Toolbar) -- C:\Users\Rankin\AppData\Roaming\Mozilla\Firefox\Profiles\6vomydt2.default\extensions\[email protected]
[2010/12/30 18:16:14 | 000,000,919 | ---- | M] () -- C:\Users\Rankin\AppData\Roaming\Mozilla\Firefox\Profiles\6vomydt2.default\searchplugins\conduit.xml
[2011/07/04 08:15:22 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2010/05/04 07:04:22 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2009/09/27 18:09:40 | 000,000,000 | ---D | M] (Move Media Player) -- C:\USERS\RANKIN\APPDATA\ROAMING\MOVE NETWORKS
[2010/04/12 17:29:19 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\14.0.835.163\gcswf32.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java™ Platform SE 6 U20 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.200.2 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.7 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Rankin\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Move Streaming Media Player (Enabled) = C:\Users\Rankin\AppData\Roaming\Move Networks\plugins\npqmp071503000010.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50917.0\npctrl.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin

O1 HOSTS File: ([2010/10/11 10:48:01 | 000,000,736 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: ::1 localhost
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O2 - BHO: (Bing Bar BHO) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (@c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll,-100) - {8dcb7100-df86-4384-8842-8fa844297b3f} - c:\Program Files (x86)\MSN Toolbar\Platform\6.3.2380.0\npwinext.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe (Hewlett-Packard)
O4 - HKLM..\Run: [hpqSRMon] File not found
O4 - HKLM..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [KBD] C:\HP\KBD\KbdStub.EXE ()
O4 - HKLM..\Run: [RunUVC] C:\Program Files (x86)\UVC Video Camera\EffectDir\UVCtray.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [UVCSti] C:\Program Files (x86)\UVC Video Camera\UVCSti.exe (Alcor Micro Corp.)
O4 - HKLM..\Run: [WRSVC] C:\Program Files (x86)\Webroot\WRSA.exe (Webroot)
O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDevMgrUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Advanced\Folder\Hidden\SHOWALL: CheckedValue = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispBackgroundPage = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispSettingsPage = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Ranges: Range1 ([http] in Local intranet)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_01)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_20)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 209.18.47.61 209.18.47.62
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BDCBBADE-A576-48C8-A00B-E6AC84B8381B}: DhcpNameServer = 209.18.47.61 209.18.47.62
O18:64bit: - Protocol\Handler\ipp - No CLSID value found
O18:64bit: - Protocol\Handler\ipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img36.jpg
O29:64bit: - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (digest.dll) - File not found
O29:64bit: - HKLM SecurityProviders - (msnsspc.dll) - File not found
O29 - HKLM SecurityProviders - (msapsspc.dll) - File not found
O29 - HKLM SecurityProviders - (digest.dll) - File not found
O29 - HKLM SecurityProviders - (msnsspc.dll) - File not found
O30:64bit: - LSA: Security Packages - (pku2u) - File not found
O30 - LSA: Security Packages - (pku2u) - File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{3116ee3f-68ab-11de-831f-002354062888}\Shell - "" = AutoRun
O33 - MountPoints2\{3116ee3f-68ab-11de-831f-002354062888}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\{dab824f1-df58-11dd-82ba-002354062888}\Shell - "" = AutoRun
O33 - MountPoints2\{dab824f1-df58-11dd-82ba-002354062888}\Shell\AutoRun\command - "" = F:\LaunchU3.exe
O33 - MountPoints2\{e894b50f-40d8-11e0-84c2-002354062888}\Shell - "" = AutoRun
O33 - MountPoints2\{e894b50f-40d8-11e0-84c2-002354062888}\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/09/11 22:31:13 | 000,000,000 | ---D | C] -- C:\Users\Rankin\AppData\Roaming\Skype
[2011/09/11 22:31:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2011/09/11 22:31:01 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2011/09/11 22:30:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Skype
[2011/09/11 22:21:17 | 000,000,000 | ---D | C] -- C:\Users\Rankin\AppData\Roaming\ooVoo Details
[2011/09/11 22:21:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
[2011/09/11 22:21:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ooVoo
[2011/09/11 22:20:48 | 000,000,000 | ---D | C] -- C:\Users\Rankin\AppData\Roaming\VideoCap
[2011/09/11 22:19:05 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Microsoft.VC80.CRT
[2011/09/11 22:18:55 | 000,000,000 | ---D | C] -- C:\Users\Rankin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UVC VIDEO CAMERA
[2011/09/11 22:18:49 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Microsoft.VC80.CRT
[2011/09/11 22:18:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\UVC Video Camera
[2011/09/11 22:17:46 | 000,000,000 | ---D | C] -- C:\Users\Rankin\AppData\Local\CAM3820
[2011/09/07 18:52:43 | 000,000,000 | ---D | C] -- C:\DISNEY
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/09/19 16:13:57 | 000,000,898 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/09/19 15:57:01 | 000,000,420 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{7D26B450-4F70-4F58-A2F2-512403FEB8CD}.job
[2011/09/19 15:42:08 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/09/19 15:41:04 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2011/09/19 15:41:04 | 000,003,616 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2011/09/19 15:40:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/09/19 15:30:27 | 000,041,272 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
[2011/09/19 15:01:04 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/09/19 14:03:04 | 000,703,388 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2011/09/19 14:03:04 | 000,604,264 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2011/09/19 14:03:04 | 000,103,964 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2011/09/19 13:10:26 | 000,002,027 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2011/09/19 10:59:06 | 000,140,224 | ---- | M] (Webroot) -- C:\Windows\SysWow64\WRusr.dll
[2011/09/19 10:59:06 | 000,106,824 | ---- | M] (Webroot) -- C:\Windows\SysNative\drivers\WRkrn.sys
[2011/09/19 10:59:06 | 000,091,320 | ---- | M] (Webroot) -- C:\Windows\SysNative\WRusr.dll
[2011/09/13 07:30:18 | 000,336,525 | ---- | M] () -- C:\Users\Rankin\Documents\Poster_Fifth_Quarter_091311_SCHOOL_SAFE_FLYER (1).pdf
[2011/09/12 22:17:55 | 000,002,569 | ---- | M] () -- C:\Users\Rankin\Desktop\Microsoft Word.lnk
[2011/09/12 10:00:01 | 000,001,718 | ---- | M] () -- C:\Windows\tasks\wrSpySweeper_LA27C691D7E5D4F0CACDDE3AA3D22A037.job
[2011/09/12 06:56:53 | 000,404,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2011/09/11 22:31:02 | 000,001,890 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/09/11 22:21:07 | 000,000,591 | ---- | M] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2011/09/11 22:18:57 | 000,002,051 | ---- | M] () -- C:\Users\Rankin\Desktop\UVC Effect Setting.lnk
[2011/09/11 22:18:56 | 000,002,075 | ---- | M] () -- C:\Users\Rankin\Desktop\VideoCap.lnk
[2011/09/01 16:44:34 | 000,000,818 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2011/08/31 17:00:50 | 000,025,416 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2011/08/25 15:58:22 | 000,182,784 | ---- | M] () -- C:\Users\Rankin\Documents\Subbing.wps
[2011/08/25 15:58:22 | 000,001,894 | ---- | M] () -- C:\Users\Rankin\AppData\Roaming\wklnhst.dat
[2 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/09/13 07:30:18 | 000,336,525 | ---- | C] () -- C:\Users\Rankin\Documents\Poster_Fifth_Quarter_091311_SCHOOL_SAFE_FLYER (1).pdf
[2011/09/11 22:31:02 | 000,001,890 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2011/09/11 22:21:07 | 000,000,591 | ---- | C] () -- C:\Users\Public\Desktop\ooVoo.lnk
[2011/09/11 22:18:57 | 000,002,051 | ---- | C] () -- C:\Users\Rankin\Desktop\UVC Effect Setting.lnk
[2011/09/11 22:18:56 | 000,002,075 | ---- | C] () -- C:\Users\Rankin\Desktop\VideoCap.lnk
[2011/08/25 15:58:22 | 000,182,784 | ---- | C] () -- C:\Users\Rankin\Documents\Subbing.wps
[2011/03/22 10:14:16 | 000,031,104 | ---- | C] () -- C:\Windows\SysWow64\wrLZMA.dll
[2010/03/23 21:06:44 | 000,023,143 | ---- | C] () -- C:\Windows\hpqins15.dat
[2009/12/08 14:22:56 | 000,077,407 | ---- | C] () -- C:\Windows\hpqins05.dat
[2009/08/04 14:21:05 | 000,117,248 | ---- | C] () -- C:\Windows\SysWow64\EhStorAuthn.dll
[2009/08/04 14:20:38 | 000,107,612 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchema.bin
[2009/08/04 14:20:10 | 000,368,640 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2009/04/06 14:12:58 | 000,000,164 | ---- | C] () -- C:\Windows\install.dat
[2009/03/09 17:23:52 | 000,093,017 | ---- | C] () -- C:\Users\Rankin\AppData\Local\.ipc_copyrecord
[2009/03/09 17:15:28 | 000,000,048 | ---- | C] () -- C:\Users\Rankin\AppData\Local\84756-11986-27475-00TC1-94865
[2009/02/10 17:16:20 | 000,000,059 | ---- | C] () -- C:\Windows\SysWow64\cam3820.ini
[2009/02/09 16:03:14 | 000,000,016 | ---- | C] () -- C:\Windows\popcinfo.dat
[2009/01/18 15:56:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2009/01/18 15:55:54 | 000,038,407 | ---- | C] () -- C:\Windows\scunin.dat
[2009/01/16 01:58:15 | 000,080,384 | ---- | C] () -- C:\Users\Rankin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/01/14 10:34:48 | 000,000,376 | ---- | C] () -- C:\Windows\ODBC.INI
[2009/01/12 11:04:24 | 000,166,244 | ---- | C] () -- C:\Windows\hpoins28.dat
[2009/01/10 19:30:34 | 000,001,894 | ---- | C] () -- C:\Users\Rankin\AppData\Roaming\wklnhst.dat
[2009/01/10 12:11:52 | 000,018,904 | ---- | C] () -- C:\Windows\SysWow64\StructuredQuerySchemaTrivial.bin
[2008/05/11 23:49:03 | 000,000,796 | ---- | C] () -- C:\Windows\hpomdl28.dat
[2008/01/20 22:50:05 | 000,060,124 | ---- | C] () -- C:\Windows\SysWow64\tcpmon.ini
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelTraditionalChinese.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSwedish.dll
[2007/07/23 10:03:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSpanish.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelSimplifiedChinese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelPortugese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelKorean.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelJapanese.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelGerman.dll
[2007/07/23 10:03:30 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\AgCPanelFrench.dll
[2006/11/02 11:37:05 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2006/11/02 08:37:14 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2006/11/02 08:24:17 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2006/11/02 08:18:17 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2006/11/02 05:47:54 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2002/08/27 12:53:44 | 002,215,364 | ---- | C] () -- C:\Windows\SysWow64\igklg400.bin
[2002/08/27 12:53:44 | 001,971,732 | ---- | C] () -- C:\Windows\SysWow64\igklg450.bin
[2002/08/27 12:53:44 | 000,029,932 | ---- | C] () -- C:\Windows\SysWow64\igmedcompkrn.bin
[2002/08/27 12:29:56 | 000,107,384 | ---- | C] () -- C:\Windows\hpqins13.dat
[2002/08/27 12:02:15 | 000,327,680 | ---- | C] () -- C:\Windows\SysWow64\pythoncom25.dll
[2002/08/27 12:02:15 | 000,102,400 | ---- | C] () -- C:\Windows\SysWow64\pywintypes25.dll
[2002/06/20 15:09:10 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\hpodinet.dll
[2002/05/24 08:46:08 | 000,036,864 | ---- | C] () -- C:\Windows\hpfsched.exe
[1999/01/22 14:46:58 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\MSRTEDIT.DLL

< End of report >


OTN Extras Log:

OTL Extras logfile created on: 9/19/2011 4:35:51 PM - Run 1
OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Rankin\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19120)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.99 Gb Total Physical Memory | 2.63 Gb Available Physical Memory | 65.93% Memory free
8.15 Gb Paging File | 6.71 Gb Available in Paging File | 82.30% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 452.98 Gb Total Space | 352.21 Gb Free Space | 77.75% Space Free | Partition Type: NTFS
Drive D: | 12.78 Gb Total Space | 1.74 Gb Free Space | 13.63% Space Free | Partition Type: NTFS

Computer Name: RANKIN-PC | User Name: Rankin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = internetshortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UacDisableNotify" = 0
"InternetSettingsDisableNotify" = 0
"AutoUpdateDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 1
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01 [binary data]
"VistaSp2" = E9 A1 F3 C3 F6 44 CA 01 [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0FF6EA70-BF5B-441A-8773-781EC89A9D12}" = rport=445 | protocol=6 | dir=out | app=system |
"{23FAD357-3925-40FE-B0C9-E7CB86333CC3}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{2ACC7867-9B95-47B0-8AF0-23B1AC4168AA}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{360C0060-1AA9-4283-B835-7B2926DE8827}" = lport=139 | protocol=6 | dir=in | app=system |
"{72A19A77-2840-4C82-BCD8-18C49B1BA40C}" = lport=445 | protocol=6 | dir=in | app=system |
"{8B460455-CF5E-4A8C-B1D9-BD5A1EB9E428}" = lport=138 | protocol=17 | dir=in | app=system |
"{90A32196-7D3B-45A6-864E-4F65EFFE2ABA}" = rport=137 | protocol=17 | dir=out | app=system |
"{A4CAEC88-3361-4D41-A0EC-9F41404EA8BF}" = rport=138 | protocol=17 | dir=out | app=system |
"{C0B49124-0DB9-4E54-8C67-8AAE377BDB46}" = lport=137 | protocol=17 | dir=in | app=system |
"{F7301327-295C-4002-BD1F-4D0C849874DC}" = rport=139 | protocol=6 | dir=out | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{036AC4EF-18FB-466B-A474-4715B458D870}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"{0FAFBCFB-00B2-4354-82A8-2B7CFC6638A5}" = protocol=6 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\ut3.exe |
"{1DF95279-BA1A-4067-AEF5-BA81A03FB07E}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1EE32A58-7E39-459C-8477-431B85840053}" = protocol=58 | dir=in | [email protected],-28545 |
"{1F5717C4-1512-451B-80E4-8AD0667138A8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{2110B092-2423-4613-BE14-8A7F404F1B8A}" = protocol=58 | dir=out | [email protected],-28546 |
"{239E6ED2-8953-4D03-8125-7C985E08CB0C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{28393826-4606-46A0-BB72-990D330161DD}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2A39E3F8-98B5-4C06-BB5A-0C97D01021B0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{3CF0F61B-B63A-4305-A5CA-61D0945CE3D0}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3D78111A-4244-4FB4-80F5-F2CD5EAFF3AA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{3E99442B-F791-4D0D-9B4A-1FEBE91A0007}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{5DFDB897-CA16-4365-8939-8E86A1761A28}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{631C1169-7E28-426C-87C8-FB21DD139221}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{87430854-2178-4EDE-ADC0-A75849B387EC}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{966D06CF-CD98-4C22-8513-5B52F01C1073}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{9D2BF9BB-5003-471A-A8B9-DBD27706AB05}" = protocol=1 | dir=in | [email protected],-28543 |
"{AA9967A9-B569-4450-9600-959455CC59F8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B04F6C7D-9EC7-49C3-A169-108A085BF204}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{B139B849-3FC6-420B-B8CF-50CEAAE055E7}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B58DE6E0-42B9-492F-80E4-C954ABAB2316}" = protocol=17 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\ut3.exe |
"{B7B92E9D-9C5F-45D3-B247-4C3FD57D947F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{B7F2462C-4E63-483E-8D96-CDB52B37C1E2}" = protocol=1 | dir=out | [email protected],-28544 |
"{C242CB1B-1DF1-413E-A1D8-D6033BE7A6BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{D09BB6B8-3268-4336-878F-1EAA5F8130FD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{D1F5BB95-1B5D-434A-8315-6F038ECB5B86}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe |
"{E79BCEC5-4541-44C6-9BFE-4A291FF73AA2}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{EF19B520-48F2-4B1D-8B37-A607B2535D39}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{FBB0834F-54E1-4A3B-A724-A89B33D12B17}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe |
"TCP Query User{32FF8C06-A8EB-4CC8-A025-1EA69F962D57}C:\program files (x86)\blinkx\blinkx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"TCP Query User{3F741786-067D-4414-AA84-6AD48E8F1BC8}C:\program files (x86)\unreal tournament 3\binaries\unrealconsole.exe" = protocol=6 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\unrealconsole.exe |
"TCP Query User{91D6A703-2CB0-47A7-AAA2-A233AC875935}C:\program files (x86)\blinkx\blinkx.exe" = protocol=6 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"TCP Query User{BBF27977-05F3-452F-A6FF-947710460033}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"TCP Query User{F4EEB6C2-2C3B-404A-A0D5-1C11B8754449}C:\program files (x86)\oovoo\oovoo.exe" = protocol=6 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{6D25099E-42D4-40C5-A0AC-17F82AACBECA}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{725F65E3-7494-423F-866E-ED9243A4E8A8}C:\program files (x86)\blinkx\blinkx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |
"UDP Query User{74C8D485-C52D-42DF-9B12-5BC4BF6BDD39}C:\program files (x86)\unreal tournament 3\binaries\unrealconsole.exe" = protocol=17 | dir=in | app=c:\program files (x86)\unreal tournament 3\binaries\unrealconsole.exe |
"UDP Query User{C953E050-8F45-4A3B-A826-446E841D6E97}C:\program files (x86)\oovoo\oovoo.exe" = protocol=17 | dir=in | app=c:\program files (x86)\oovoo\oovoo.exe |
"UDP Query User{F145A0B7-A953-4AD7-BA18-D1DEE9135C7A}C:\program files (x86)\blinkx\blinkx.exe" = protocol=17 | dir=in | app=c:\program files (x86)\blinkx\blinkx.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E543634-7E25-4B8F-8D5B-97880E5E5088}" = Bonjour
"{28D73032-5DAA-4F83-B154-85105DBCCB92}" = iTunes
"{350AA351-21FA-3270-8B7A-835434E766AD}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
"{439760BC-7737-4386-9B1D-A90A3E8A22EA}" = Apple Mobile Device Support
"{56F26668-13DA-497A-883F-61434A10CBAB}" = MobileMe Control Panel
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6DA2E7DC-BC1E-4595-83A9-99BAD907AA1C}" = AVG 2011
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{78F697ED-EC97-4D8D-881D-838984EA9855}" = 64 Bit HP CIO Components Installer
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3B6AEB1-390C-4792-8677-CD87F8B2C959}" = HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CNXT_MODEM_PCI_HSF" = PCIe Soft Data Fax Modem with SmartCP
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 11.0
"HP Photosmart Essential" = HP Photosmart Essential 3.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 11.0
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Shop for HP Supplies" = Shop for HP Supplies

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00000409-78E1-11D2-B60F-006097C998E7}" = Microsoft Office 2000 Premium
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}" = Status
"{08234a0d-cf39-4dca-99f0-0c5cb496da81}" = Bing Bar
"{09633A5E-3089-41A8-9FF1-382171423C5D}" = PSSWCORE
"{13515135-48BB-4184-8C1F-2FAE0138E200}" = TBS WMP Plug-in
"{15B8AFD9-92E9-4E86-96D9-83FAC510B82E}" = HPPhotoSmartPhotobookWebPack1
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Deluxe
"{1FCC574F-AFA2-4432-9EF1-79CA7BA73431}_is1" = Spy Sweeper
"{22F761D1-8063-4170-ADF7-2D2F47834CA9}" = VideoToolkit01
"{254C37AA-6B72-4300-84F6-98A82419187E}" = ActiveCheck component for HP Active Support Library
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java™ 6 Update 20
"{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}" = HPSSupply
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{2FB04107-7BC2-449C-915A-530B29B5E0FE}" = UE3Redist
"{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{305D4B08-5807-4475-B1C8-D54685534864}" = LightScribeTemplateLabeler
"{317ABBF3-AF60-415D-85EF-DED297100D08}" = Preclick PhotoMovieMaker
"{317ABBF3-AF60-415D-85EF-DED297104715}" = Preclick PhotoMovieMaker
"{32343DB6-9A52-40C9-87E4-5E7C79791C87}" = MSXML 4.0 SP2 and SOAP Toolkit 3.0
"{3248F0A8-6813-11D6-A77B-00B0D0160010}" = Java™ SE Runtime Environment 6 Update 1
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{3F5B6210-0903-4DC6-8034-8F488AA3A782}" = Spy Sweeper Core
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{431A5BB6-E5E2-444E-8AF3-70E6BF16DEF6}" = UVC VIDEO CAMERA
"{44E5B47F-870E-4E38-A458-8A5FC4DCFECF}" = ImageMixer for HDD Camcorder
"{45235788-142C-44BE-8A4D-DDE9A84492E5}" = AGEIA PhysX v7.09.13
"{460B7EDA-9425-471B-AC11-C2E80049DEB4}" = TouchCopy 09
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{538D98C6-CFC9-4BD3-B373-653B7A382CE8}" = IE2K
"{55979C41-7D6A-49CC-B591-64AC1BBE2C8B}" = HP Picasso Media Center Add-In
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DAA9C36-8F8B-462F-8CCA-E205BC3751F5}" = HP Active Support Library
"{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}" = DJ_AIO_03_F4200_Software
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6365C963-4B72-43F8-8392-2A5441EC2A86}" = DJ_AIO_03_F4200_ProductContext
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{669D4A35-146B-4314-89F1-1AC3D7B88367}" = HPAsset component for HP Active Support Library
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B976ADF-8AE8-434E-B282-A06C7F624D2F}" = Python 2.5.2
"{6C1E7AA1-44E9-446D-AAB2-0DE6D9EFEAB1}" = Safari
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A43E42-3658-4DD9-8551-FACDA3632538}" = HP Advisor
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{787D1A33-A97B-4245-87C0-7174609A540C}" = HP Update
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79C0E275-6568-459B-BDA3-98F9E4FB1D47}" = PhotoMovieMaker
"{7F10292C-A190-4176-A665-A1ED3478DF86}" = LightScribe System Software
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask.com Toolbar
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{928B06E4-DDAA-476A-926A-641620326327}" = Microsoft Search Enhancement Pack
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{97ABD26A-3249-46CB-B2E2-F66E64B2E480}" = HP Demo
"{98B6FB8A-8638-4037-AD44-CF7D0EEAB875}_is1" = TypingMaster Pro
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}" = TrayApp
"{9DBA770F-BF73-4D39-B1DF-6035D95268FC}" = HP Customer Feedback
"{9E1BAB75-EB78-440D-94C0-A3857BE2E733}" = System Requirements Lab
"{9F4EE72A-C5C9-42ad-ABEF-427690843577}" = MarketResearch
"{A0640EC2-B97E-4FC1-AD14-227C9E386BB4}" = HP Recovery Manager RSS
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA2E8A46-B45E-4aea-8A23-88AB57D04523}" = WebReg
"{AA59DDE4-B672-4621-A016-4C248204957A}" = Skype™ 5.5
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC76BA86-7AD7-1033-7B44-AA1000000001}" = Adobe Reader X (10.1.0)
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{ACA4951F-15EC-4A01-BD27-26FED87DA61E}" = TouchCopy
"{B194272D-1F92-46DF-99EB-8D5CE91CB4EC}" = Adobe AIR
"{B3575D00-27EF-49C2-B9E0-14B3D954E992}" = Apple Application Support
"{B61A79BE-E94C-42C0-921D-8B7E5217069C}" = F4200
"{B86C9440-82D7-423C-9FEC-6CB3092D1AA4}" = Bing Bar Platform
"{B9AB88D8-3A09-4A4A-8993-0E2F6F9F294B}" = muvee autoProducer 6.1
"{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}" = DJ_AIO_03_F4200_Software_Min
"{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}" = BufferChm
"{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"{C17F3696-8EE5-46B0-ADD7-7F5ED6208879}" = Music Oasis
"{C27C82E4-9C53-4D76-9ED3-A01A3D5EE679}" = HP Customer Experience Enhancements
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C89B5E3A-690F-4CEE-909A-BF869E198B0A}" = Scan
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{D16B4BE6-8B10-422f-8034-96D1CA9483B5}" = GPBaseService
"{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"{D74CFE48-087F-46E1-80E6-E2950E1A8DCE}" = HP Photosmart Essential 2.5
"{E133E97F-5186-4503-BEC8-752EB9E8EBD7}" = Copy
"{E535C94A-B87F-4182-BEA8-1E9322078D3E}" = Cards_Calendar_OrderGift_DoMorePlugout
"{E96B0085-6659-486b-A221-5042A042728D}" = Toolbox
"{ECEE0279-785F-4CB3-9F28-E69813234BF8}" = SPORE Creature Creator Trial Edition
"{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}" = DeviceDiscovery
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F5346614-B7C4-4E94-826A-E2363155233D}" = EasyCleaner
"{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}" = F4200_Help
"{FA3B34BE-4246-4062-90A3-34CBBEA12B72}" = HPTCSSetup
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"blinkx beat" = blinkx beat
"Google Chrome" = Google Chrome
"InstallShield_{2FB04107-7BC2-449C-915A-530B29B5E0FE}" = UE3Redist
"InstallShield_{538D98C6-CFC9-4BD3-B373-653B7A382CE8}" = Dell Picture Studio - Image Expert 2000
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D4936AAF-FFD0-44A1-A7EA-A2DB41CEB5BC}" = iPod for Windows 2005-09-23
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware version 1.51.2.1300
"PC-Doctor for Windows" = Hardware Diagnostic Tools
"Starcraft" = Starcraft
"WildTangent hp Master Uninstall" = My HP Games
"WRUNINST" = Webroot Cloud AntiVirus
"Yahoo! Companion" = Yahoo! Toolbar

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Facebook Plug-In" = Facebook Plug-In
"InstallShield_{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}" = Unreal Tournament 3
"Move Media Player" = Move Media Player

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 9/15/2011 6:41:52 PM | Computer Name = Rankin-PC | Source = EventSystem | ID = 4621
Description =

Error - 9/19/2011 12:23:29 PM | Computer Name = Rankin-PC | Source = System Restore | ID = 8193
Description =

Error - 9/19/2011 1:23:26 PM | Computer Name = Rankin-PC | Source = System Restore | ID = 8193
Description =

Error - 9/19/2011 1:23:26 PM | Computer Name = Rankin-PC | Source = System Restore | ID = 8210
Description =

Error - 9/19/2011 1:53:17 PM | Computer Name = Rankin-PC | Source = EventSystem | ID = 4621
Description =

Error - 9/19/2011 2:20:14 PM | Computer Name = Rankin-PC | Source = MsiInstaller | ID = 11316
Description =

Error - 9/19/2011 2:20:15 PM | Computer Name = Rankin-PC | Source = Windows Search Service | ID = 3100
Description =

Error - 9/19/2011 2:20:24 PM | Computer Name = Rankin-PC | Source = Windows Search Service | ID = 3013
Description =

Error - 9/19/2011 2:37:49 PM | Computer Name = Rankin-PC | Source = Windows Search Service | ID = 3024
Description =

Error - 9/19/2011 4:17:35 PM | Computer Name = Rankin-PC | Source = Application Hang | ID = 1002
Description = The program Explorer.EXE version 6.0.6002.18005 stopped interacting
with Windows and was closed. To see if more information about the problem is available,
check the problem history in the Problem Reports and Solutions control panel. Process
ID: 1ec Start Time: 01cc77041438bd6b Termination Time: 15

[ System Events ]
Error - 9/19/2011 3:57:05 PM | Computer Name = Rankin-PC | Source = DCOM | ID = 10010
Description =

Error - 9/19/2011 3:57:19 PM | Computer Name = Rankin-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 9/19/2011 3:57:33 PM | Computer Name = Rankin-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/19/2011 3:58:08 PM | Computer Name = Rankin-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 9/19/2011 3:58:22 PM | Computer Name = Rankin-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/19/2011 4:00:31 PM | Computer Name = Rankin-PC | Source = Service Control Manager | ID = 7009
Description =

Error - 9/19/2011 4:00:45 PM | Computer Name = Rankin-PC | Source = Service Control Manager | ID = 7000
Description =

Error - 9/19/2011 4:10:27 PM | Computer Name = Rankin-PC | Source = DCOM | ID = 10010
Description =

Error - 9/19/2011 4:11:46 PM | Computer Name = Rankin-PC | Source = DCOM | ID = 10010
Description =

Error - 9/19/2011 4:28:58 PM | Computer Name = Rankin-PC | Source = DCOM | ID = 10010
Description =


< End of report >



Thank you!
  • 0

Advertisements


#2
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Hi, CZ2761! My name is BlackOxide and I will be assisting you with your Malware/Security problems. Please make sure you read all of the instructions and fixes thoroughly before continuing with them. If you have any queries or you are unsure about anything, just say and I'll help you out :)

It may well be worth you printing/saving the instructions throughout the fix, so you have them to hand just incase you are unable to access this site.

Please note the following:
  • Remember to post your logs, not attach them. So, any logs from any programs we run, should be just 'copied & pasted' into your reply, unless I specifically need you to attach them.
  • Please only run the tools that I request. I know malware can be frustrating but running other tools in the meantime and between posts, only makes it harder for me to analyse and fix your PC in the long run.
  • I will always try and respond to replies as soon as possible, but please be patient as some logs require more time than others to fully analyse.
  • If you are not sure of anything along the way, just ask.

OK, lets start :)

First of all, sorry for the delay in someone getting to you. If you still require assistance with this, I'll be willing to try and help you out :yes:

Just get back to me a fresh set of logs using the instructions below, if you'd like me to take a look for you.



1)
OTL Quick Scan
  • Double click on the OTL icon to run it.
  • When the window appears, underneath Output at the top, make sure Standard Output is selected.
  • Tick the Scan All Users box at the top
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open a notepad window.
  • Please post the contents of this log




2)
Download aswMBR.exe (1.8mb) to your desktop.

Double click aswMBR.exe to run it.

Click the "Scan" button to start the scan.

Posted Image


On completion of the scan click save log, save it to your desktop and post it in your next reply.

Posted Image




In your next reply
Please post the contents of...
OTL log
aswMBR log

  • 0

#3
CZ2761

CZ2761

    Member

  • Topic Starter
  • Member
  • PipPip
  • 95 posts
Thank you for getting back to me. I went ahead and reformatted my hard drive. Alls well now.
  • 0

#4
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Okey dokey, no problem at all, thanks for letting me know :)

I'll close this topic, as you are now sorted, but if anything crops up again in the future, feel free to start a new topic and we'll help you out as best as we can.

Take care.
  • 0

#5
BlackOxide

BlackOxide

    Trusted Helper

  • Malware Removal
  • 1,976 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP