Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer is running extremely slow

Started by bethabbott49 , May 20 2012 05:15 PM

  • Please log in to reply

#1
bethabbott49
Posted 20 May 2012 - 05:15 PM

bethabbott49

    New Member

  • Member
  • Pip
  • 1 posts
I apologize first andforemost for my ignorance with computers. I have been experiencing issueswith my laptop running extremely hot, and resolved most of them by downloadingthe Speedfan. (HD 37°C, Temp1 runs between 60° and 70°, Core0-50°and Core1-45°). I have an HP G62 withWindows7, Pentium Dual-Core CPU T-4500 @ 2.30Ghz, RAM 3.0 GB, and64-bit OS. I have run my McAfee and itfound nothing. I'm at the end of my rope because Im constantly running at 100%. I appreciate all the help that I can get!!! taskman.jpg

My results from OTL;

OTL logfile created on: 5/20/2012 6:17:35 PM - Run 2

OTL by OldTimer - Version 3.2.43.0 Folder = C:\Users\Beth's\Downloads

64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy



2.93 Gb Total Physical Memory | 1.68 Gb Available Physical Memory | 57.30% Memory free

5.86 Gb Paging File | 3.93 Gb Available in Paging File | 66.95% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]



%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 283.77 Gb Total Space | 56.49 Gb Free Space | 19.91% Space Free | Partition Type: NTFS

Drive D: | 14.03 Gb Total Space | 2.32 Gb Free Space | 16.53% Space Free | Partition Type: NTFS

Drive E: | 99.34 Mb Total Space | 95.23 Mb Free Space | 95.87% Space Free | Partition Type: FAT32



Computer Name: BETHS-PC | User Name: Beth's | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days



========== Processes (SafeList) ==========



PRC - [2012/05/19 20:41:21 | 000,595,456 | ---- | M] (OldTimer Tools) -- C:\Users\Beth's\Downloads\OTL.exe

PRC - [2012/03/26 13:05:04 | 004,656,632 | ---- | M] (Almico Software (www.almico.com)) -- C:\Program Files (x86)\SpeedFan\speedfan.exe

PRC - [2012/02/18 08:59:28 | 000,282,648 | ---- | M] (McAfee, Inc.) -- c:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe

PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe

PRC - [2011/03/09 08:30:08 | 000,092,592 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

PRC - [2010/11/22 05:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe

PRC - [2010/09/03 02:45:02 | 000,255,536 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\SSScheduler.exe

PRC - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

PRC - [2010/02/04 06:10:51 | 000,131,752 | ---- | M] (Lexmark International Inc.) -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\ezprint.exe

PRC - [2010/02/04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxdumon.exe

PRC - [2009/02/24 15:47:06 | 000,143,360 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe

PRC - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe





========== Modules (No Company Name) ==========



MOD - [2012/05/20 16:44:21 | 000,192,512 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Temp\sfamcc00001.dll

MOD - [2012/05/20 16:44:21 | 000,158,720 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Temp\sfareca00001.dll

MOD - [2012/05/08 23:04:52 | 000,441,840 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppgooglenaclpluginchrome.dll

MOD - [2012/05/08 23:04:51 | 003,921,904 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll

MOD - [2012/05/08 23:03:36 | 000,553,456 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\libglesv2.dll

MOD - [2012/05/08 23:03:35 | 000,117,744 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\libegl.dll

MOD - [2012/05/08 23:03:25 | 000,134,656 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\avutil-51.dll

MOD - [2012/05/08 23:03:24 | 000,250,368 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\avformat-54.dll

MOD - [2012/05/08 23:03:23 | 002,375,680 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\avcodec-54.dll

MOD - [2010/02/22 14:19:10 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll

MOD - [2010/02/22 14:19:08 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll

MOD - [2010/02/22 14:19:08 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

MOD - [2010/02/04 06:10:44 | 000,676,520 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxdumon.exe

MOD - [2010/02/04 05:28:36 | 000,081,920 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxducaps.dll

MOD - [2010/02/04 05:28:27 | 000,380,928 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxduscw.dll

MOD - [2010/02/04 05:28:26 | 001,036,288 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxdudrs.dll

MOD - [2010/02/04 05:27:21 | 000,380,928 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\iptk.dll

MOD - [2010/02/04 05:17:11 | 000,188,416 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxdudatr.dll

MOD - [2010/02/04 05:17:07 | 000,069,632 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxducnv4.dll

MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

MOD - [2007/09/06 06:11:34 | 000,151,552 | ---- | M] () -- C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxduptp.dll





========== Win32 Services (SafeList) ==========



SRV:64bit: - [2012/03/22 19:30:56 | 000,502,032 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)

SRV:64bit: - [2012/03/20 13:11:30 | 000,162,192 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)

SRV:64bit: - [2012/03/20 12:56:24 | 000,210,584 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV:64bit: - [2012/03/20 12:55:54 | 000,199,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe -- (McShield)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNASvc)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (mcmscsvc)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2011/01/27 18:28:20 | 000,249,936 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)

SRV:64bit: - [2010/06/24 15:24:12 | 000,315,392 | ---- | M] (Realtek Semiconductor Corp.) [Auto | Running] -- C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe -- (RtVOsdService)

SRV:64bit: - [2010/01/18 18:04:08 | 000,020,480 | ---- | M] () [Auto | Running] -- C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)

SRV:64bit: - [2009/11/17 22:14:26 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)

SRV:64bit: - [2009/10/16 17:06:40 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)

SRV:64bit: - [2009/10/16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)

SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2009/03/27 22:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Program Files\LSI SoftModem\agr64svc.exe -- (AgereModemAudio)

SRV - [2011/09/09 18:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)

SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)

SRV - [2011/03/09 08:30:08 | 000,092,592 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)

SRV - [2010/11/22 05:48:46 | 003,226,632 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG10\avgfws.exe -- (avgfws)

SRV - [2010/10/22 05:58:18 | 000,265,400 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe -- (avgwd)

SRV - [2010/09/03 02:45:02 | 000,227,232 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\McAfee Security Scan\2.1.121\McCHSvc.exe -- (McComponentHostService)

SRV - [2010/04/13 20:11:18 | 000,231,224 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe -- (MOBKbackup)

SRV - [2010/03/10 15:26:48 | 000,189,728 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)

SRV - [2010/01/04 14:03:42 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)

SRV - [2009/10/16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)

SRV - [2009/10/16 12:06:30 | 000,589,824 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)

SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2008/11/09 16:48:14 | 000,602,392 | ---- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)





========== Driver Services (SafeList) ==========



DRV:64bit: - [2012/02/22 13:29:46 | 000,647,208 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,487,296 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2012/02/22 13:29:46 | 000,289,664 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,229,528 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,160,792 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,100,912 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdet.sys -- (mferkdet)

DRV:64bit: - [2012/02/22 13:29:46 | 000,075,936 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfenlfk.sys -- (mfenlfk)

DRV:64bit: - [2012/02/22 13:29:46 | 000,065,264 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2012/02/17 21:07:25 | 001,390,640 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)

DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2011/04/11 14:29:20 | 000,071,800 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\McPvDrv.sys -- (McPvDrv)

DRV:64bit: - [2011/02/23 09:43:37 | 000,347,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/02/22 12:17:34 | 002,736,640 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2010/09/13 16:28:00 | 000,027,216 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AVGIDSEH.sys -- (AVGIDSEH)

DRV:64bit: - [2010/08/03 16:24:28 | 000,157,264 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)

DRV:64bit: - [2010/08/03 16:24:24 | 000,035,920 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)

DRV:64bit: - [2010/04/13 20:10:24 | 000,066,040 | ---- | M] (Mozy, Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\MOBK.sys -- (MOBKFilter)

DRV:64bit: - [2010/04/13 10:44:22 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)

DRV:64bit: - [2010/03/05 15:57:18 | 000,144,896 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService) Intel®

DRV:64bit: - [2010/03/05 15:57:00 | 010,300,800 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2009/10/21 13:14:10 | 000,066,088 | ---- | M] (Fuzhou Rockchip Electronics Co,Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rockusb.sys -- (rockusb)

DRV:64bit: - [2009/09/22 21:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV:64bit: - [2009/08/13 15:20:46 | 001,209,856 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem)

DRV:64bit: - [2009/07/13 21:52:21 | 000,106,576 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2009/07/13 21:52:21 | 000,028,752 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2009/07/13 21:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/07/13 20:35:32 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\serscan.sys -- (StillCam)

DRV:64bit: - [2009/07/13 19:31:10 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)

DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)

DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)

DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)

DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)

DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) Intel®

DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009/05/18 13:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV - [2009/09/22 21:39:00 | 000,225,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\RtsUStor.sys -- (RSUSBSTOR)

DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)





========== Standard Registry (SafeList) ==========





========== Internet Explorer ==========



IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {3A7BAE3F-F52E-46ED-8DE1-8A163A58084C}

IE:64bit: - HKLM\..\SearchScopes\{29A6AF49-0C0B-45A3-B126-A58889ED388F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl

IE:64bit: - HKLM\..\SearchScopes\{3A7BAE3F-F52E-46ED-8DE1-8A163A58084C}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT/1

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKLM\..\SearchScopes,DefaultScope = {3A7BAE3F-F52E-46ED-8DE1-8A163A58084C}

IE - HKLM\..\SearchScopes\{29A6AF49-0C0B-45A3-B126-A58889ED388F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl

IE - HKLM\..\SearchScopes\{3A7BAE3F-F52E-46ED-8DE1-8A163A58084C}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKLM\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}

IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/?fr=fp-yie9

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/?fr=fp-yie9

IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

IE - HKCU\..\URLSearchHook: {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)

IE - HKCU\..\URLSearchHook: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

IE - HKCU\..\SearchScopes,DefaultScope = {C5E90571-9653-4A87-B335-C883DDF0C5A7}

IE - HKCU\..\SearchScopes\{29A6AF49-0C0B-45A3-B126-A58889ED388F}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl

IE - HKCU\..\SearchScopes\{3A7BAE3F-F52E-46ED-8DE1-8A163A58084C}: "URL" = http://www.bing.com/...rc=IE-SearchBox

IE - HKCU\..\SearchScopes\{4C4328B1-AD30-4960-9AEA-9A0CCD50107A}: "URL" = http://delicious.com...p={searchTerms}

IE - HKCU\..\SearchScopes\{7F80267C-9455-4EDA-B14A-A937624B13F3}: "URL" = http://search.avg.co...}&iy=b&ychte=us

IE - HKCU\..\SearchScopes\{97B2FCC4-9CD1-4F23-9529-DBC91351EDB2}: "URL" = http://search.yahoo....p={SearchTerms}

IE - HKCU\..\SearchScopes\{a5b9c0f5-5616-47cd-a95f-e43b488faccf}: "URL" = http://search.mywebs...r={searchTerms}

IE - HKCU\..\SearchScopes\{A8E800C7-1363-4AE3-A76B-558FF687260F}: "URL" = http://www.flickr.co...q={searchTerms}

IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.condui...&ctid=CT2786678

IE - HKCU\..\SearchScopes\{C5E90571-9653-4A87-B335-C883DDF0C5A7}: "URL" = http://search.yahoo....rtPage?}&fr=ie8

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*



========== FireFox ==========



FF - prefs.js..extensions.enabledItems: [email protected]:1.7.1

FF - prefs.js..extensions.enabledItems: [email protected]:1.0.2

FF - user.js - File not found



FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\progra~2\mcafee\msc\npmcsn~1.dll ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Beth's\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Beth's\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)



FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/24 15:41:23 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG10\Firefox4\ [2011/08/01 08:46:15 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012/03/03 13:33:57 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{D19CA586-DD6C-4a0a-96F8-14644F340D60}: C:\Program Files (x86)\Common Files\McAfee\SystemCore [2012/05/20 16:32:01 | 000,000,000 | ---D | M]



[2011/03/25 18:01:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beth's\AppData\Roaming\Mozilla\Extensions

[2011/03/25 18:01:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Beth's\AppData\Roaming\Mozilla\Extensions\[email protected]

[2012/01/19 11:07:24 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2011/11/08 13:08:16 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}

[2011/07/11 21:00:18 | 000,000,000 | ---D | M] (Map status indicator) -- C:\PROGRAM FILES (X86)\TOMTOM HOME 2\XUL\EXTENSIONS\[email protected]

[2011/10/22 21:09:52 | 000,002,024 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml



========== Chrome ==========



CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}

CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer

CHR - plugin: Native Client (Enabled) = C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\ppGoogleNaClPluginChrome.dll

CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\pdf.dll

CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Beth's\AppData\Local\Google\Chrome\Application\19.0.1084.46\gcswf32.dll

CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\McChPlg.dll

CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll

CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll

CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll

CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll

CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll

CHR - plugin: Google Update (Enabled) = C:\Users\Beth's\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll

CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll

CHR - plugin: McAfee SecurityCenter (Enabled) = c:\progra~2\mcafee\msc\npmcsn~1.dll

CHR - Extension: YouTube = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\

CHR - Extension: Google Search = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\

CHR - Extension: SiteAdvisor = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.41.123.2_0\

CHR - Extension: CPDD-Blossom = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlialpgnoagkdecfaggejocpfdbommon\1.3_0\

CHR - Extension: Facebook Notifications = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmameahlembdcigphohgiodcgjomcgeo\1.27_0\

CHR - Extension: Yahoo Mail Widget = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\opeeoaeaoifnbgnigifffgcmfcfimijl\1.7.6_0\

CHR - Extension: Gmail = C:\Users\Beth's\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\



O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120430094104.dll (McAfee, Inc.)

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)

O2 - BHO: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.

O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120519222224.dll (McAfee, Inc.)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O2 - BHO: (Microsoft Live Search Toolbar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)

O2 - BHO: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll (Yahoo! Inc)

O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Microsoft Live Search Toolbar) - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0566.0\msneshellx.dll (Microsoft Corp.)

O3 - HKLM\..\Toolbar: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (uTorrentBar Toolbar) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.

O3 - HKLM\..\Toolbar: (FrostWire Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)

O3 - HKLM\..\Toolbar: (Yahoo! Toolbar) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)

O3 - HKCU\..\Toolbar\WebBrowser: (Conduit Engine ) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngin.dll (Conduit Ltd.)

O3 - HKCU\..\Toolbar\WebBrowser: (uTorrentBar Toolbar) - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} - C:\Program Files (x86)\uTorrentBar\prxtbuTor.dll (Conduit Ltd.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [HP Quick Launch] C:\Program Files\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Company)

O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [McPvTray_exe] C:\Program Files\McAfee\MAT\McPvTray.exe (McAfee, Inc.)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [RtkOSD] C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe (Realtek Semiconductor Corp.)

O4 - HKLM..\Run: [] File not found

O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)

O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [EzPrint] C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\ezprint.exe (Lexmark International Inc.)

O4 - HKLM..\Run: [lxdumon.exe] C:\Program Files (x86) (x86)\Lexmark 5600-6600 Series\lxdumon.exe ()

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe (Nikon Corporation)

O4 - HKCU..\Run: [DelayShred] c:\Program Files\McAfee\MQS\ShrCL.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O15 - HKCU\..Trusted Domains: adobe.com ([www] https in Trusted sites)

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_17)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_31)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 184.63.128.68 184.63.128.69

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{2FA37FA0-BDA4-4A53-BCF9-27A325F26A3D}: DhcpNameServer = 192.168.1.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EC930F8A-81A0-451A-AAE0-EA0C997307D5}: DhcpNameServer = 192.168.1.1 184.63.128.68 184.63.128.69

O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{dd63661c-1c52-11e1-91b0-c80aa96147e1}\Shell - "" = AutoRun

O33 - MountPoints2\{dd63661c-1c52-11e1-91b0-c80aa96147e1}\Shell\AutoRun\command - "" = G:\setup.exe -a

O33 - MountPoints2\{ea7f2ec7-0e65-11e0-bdd9-c80aa96147e1}\Shell - "" = AutoRun

O33 - MountPoints2\{ea7f2ec7-0e65-11e0-bdd9-c80aa96147e1}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O33 - MountPoints2\G\Shell - "" = AutoRun

O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a

O34 - HKLM BootExecute: (autocheck autochk *)

O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgchsva.exe /sync)

O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG10\avgrsa.exe /sync /restart)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)



========== Files/Folders - Created Within 30 Days ==========



[2012/05/19 16:17:34 | 000,000,000 | ---D | C] -- C:\Users\Beth's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpeedFan

[2012/05/19 16:17:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpeedFan

[2012/05/19 16:17:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SpeedFan

[2012/05/19 15:55:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp

[2012/05/19 15:54:59 | 000,000,000 | ---D | C] -- C:\Program Files\Core Temp

[2012/05/12 13:48:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe

[2012/05/12 13:46:21 | 000,000,000 | ---D | C] -- C:\Program Files\Adobe

[2012/05/12 13:41:32 | 000,000,000 | ---D | C] -- C:\Users\Beth's\Desktop\Adobe

[2012/05/12 12:47:22 | 000,000,000 | ---D | C] -- C:\Users\Beth's\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2012/05/12 12:43:15 | 000,000,000 | ---D | C] -- C:\Users\Beth's\AppData\Local\Deployment

[2012/04/22 18:37:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]



========== Files - Modified Within 30 Days ==========



[2012/05/20 18:18:42 | 000,001,102 | ---- | M] () -- C:\Users\Beth's\Desktop\OTL - Shortcut.lnk

[2012/05/20 17:49:07 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925352974-2285395685-1364058530-1001UA.job

[2012/05/20 16:39:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012/05/20 16:39:25 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012/05/20 16:36:55 | 000,001,747 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Total Protection.lnk

[2012/05/20 16:32:03 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012/05/20 16:32:01 | 2361,585,664 | -HS- | M] () -- C:\hiberfil.sys

[2012/05/20 13:39:39 | 000,000,860 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925352974-2285395685-1364058530-1001Core.job

[2012/05/20 11:04:49 | 000,007,605 | ---- | M] () -- C:\Users\Beth's\AppData\Local\Resmon.ResmonCfg

[2012/05/19 22:33:30 | 003,887,779 | ---- | M] () -- C:\Users\Beth's\Documents\lawnmower manual.pdf

[2012/05/19 16:17:35 | 000,001,011 | ---- | M] () -- C:\Users\Beth's\Desktop\SpeedFan.lnk

[2012/05/19 16:17:34 | 000,000,045 | ---- | M] () -- C:\Windows\SysWow64\initdebug.nfo

[2012/05/19 15:55:00 | 000,000,948 | ---- | M] () -- C:\Users\Beth's\Desktop\Core Temp.lnk

[2012/05/15 23:54:00 | 000,002,406 | ---- | M] () -- C:\Users\Beth's\Desktop\Google Chrome.lnk

[2012/05/12 13:48:26 | 000,002,055 | ---- | M] () -- C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk

[2012/05/11 15:27:50 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForBeth's.job

[2012/05/01 15:08:02 | 000,001,450 | ---- | M] () -- C:\Users\Beth's\AppData\Roaming\wklnhst.dat

[2012/04/29 21:21:06 | 000,000,111 | ---- | M] () -- C:\Users\Beth's\webct_upload_applet.properties

[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]

[1 C:\Windows\SysNative\drivers\*.tmp files -> C:\Windows\SysNative\drivers\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]



========== Files Created - No Company Name ==========



[2012/05/20 18:18:42 | 000,001,102 | ---- | C] () -- C:\Users\Beth's\Desktop\OTL - Shortcut.lnk

[2012/05/19 22:32:28 | 003,887,779 | ---- | C] () -- C:\Users\Beth's\Documents\lawnmower manual.pdf

[2012/05/19 16:17:35 | 000,001,011 | ---- | C] () -- C:\Users\Beth's\Desktop\SpeedFan.lnk

[2012/05/19 16:17:33 | 000,000,045 | ---- | C] () -- C:\Windows\SysWow64\initdebug.nfo

[2012/05/19 15:55:00 | 000,000,948 | ---- | C] () -- C:\Users\Beth's\Desktop\Core Temp.lnk

[2012/05/16 19:39:31 | 000,007,605 | ---- | C] () -- C:\Users\Beth's\AppData\Local\Resmon.ResmonCfg

[2012/05/12 13:48:26 | 000,002,063 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 4 64-bit.lnk

[2012/05/12 13:48:26 | 000,002,055 | ---- | C] () -- C:\Users\Public\Desktop\Lightroom 4 64-bit.lnk

[2012/05/12 12:47:24 | 000,002,406 | ---- | C] () -- C:\Users\Beth's\Desktop\Google Chrome.lnk

[2012/05/12 12:44:54 | 000,000,912 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925352974-2285395685-1364058530-1001UA.job

[2012/05/12 12:44:53 | 000,000,860 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1925352974-2285395685-1364058530-1001Core.job

[2012/04/04 14:55:50 | 000,000,044 | ---- | C] () -- C:\Windows\VisualSuperScript.ini

[2011/12/17 09:23:05 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll

[2011/12/17 09:23:05 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll

[2011/12/17 09:23:04 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll

[2011/12/17 09:23:04 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll

[2011/12/17 09:23:04 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll

[2011/12/17 09:23:03 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll

[2011/12/17 09:23:03 | 000,860,160 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll

[2011/12/17 09:23:03 | 000,684,032 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll

[2011/12/17 09:23:03 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll

[2011/12/17 09:23:03 | 000,323,584 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe

[2011/12/17 09:23:02 | 000,761,856 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll

[2011/12/17 09:23:02 | 000,589,824 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe

[2011/12/17 09:23:02 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll

[2011/12/17 09:23:02 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe

[2011/12/17 09:07:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll

[2011/12/17 09:07:18 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll

[2011/12/17 09:07:17 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll

[2011/10/22 01:35:28 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Basics

[2011/10/22 01:35:28 | 000,000,268 | RH-- | C] () -- C:\Users\Beth's\AppData\Roaming\Automator

[2011/10/22 01:35:28 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT

[2011/10/22 01:34:37 | 000,000,268 | RH-- | C] () -- C:\Users\Beth's\AppData\Roaming\BSD

[2011/10/22 01:34:37 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Bass

[2011/10/22 01:34:37 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Basic Track

[2011/10/22 01:34:37 | 000,000,268 | RH-- | C] () -- C:\Users\Beth's\AppData\Roaming\Automatic Filter

[2011/10/22 01:34:37 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT

[2011/10/22 01:34:37 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT

[2011/08/22 17:56:32 | 000,161,736 | ---- | C] () -- C:\Program Files (x86)\64res.dll

[2011/08/19 15:05:48 | 000,000,256 | ---- | C] () -- C:\Windows\Brpfx04a.ini

[2011/08/19 15:05:48 | 000,000,093 | ---- | C] () -- C:\Windows\brpcfx.ini

[2011/08/19 15:04:57 | 000,000,419 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2011/08/19 15:04:57 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI

[2011/08/19 15:03:47 | 000,106,496 | ---- | C] () -- C:\Windows\SysWow64\BrMuSNMP.dll

[2011/08/19 15:03:47 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini

[2011/08/19 15:03:45 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat

[2011/08/19 14:33:28 | 000,031,767 | ---- | C] () -- C:\Windows\maxlink.ini

[2011/06/25 12:39:40 | 000,000,031 | ---- | C] () -- C:\Windows\QUICKEN.INI

[2011/03/31 19:24:04 | 000,001,854 | ---- | C] () -- C:\Users\Beth's\AppData\Roaming\GhostObjGAFix.xml

[2011/01/22 12:59:26 | 000,001,450 | ---- | C] () -- C:\Users\Beth's\AppData\Roaming\wklnhst.dat



========== LOP Check ==========



[2011/03/10 03:46:21 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\AVG10

[2010/12/26 21:50:49 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\Big Fish Games

[2011/04/24 20:15:09 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

[2010/12/26 21:26:56 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\ERS G-Studio

[2012/03/29 21:59:40 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\FrostWire

[2011/12/17 14:17:02 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\Nik Software

[2011/10/22 18:04:44 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\Nikon

[2010/12/22 21:39:22 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\PictureMover

[2011/01/22 12:59:35 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\Template

[2011/07/11 21:00:38 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\TomTom

[2011/11/22 22:09:22 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\Ulead Systems

[2011/08/01 11:37:23 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\uTorrent

[2010/12/22 21:43:13 | 000,000,000 | ---D | M] -- C:\Users\Beth's\AppData\Roaming\WildTangent

[2011/11/13 18:31:27 | 000,032,590 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT



========== Purity Check ==========







========== Alternate Data Streams ==========



@Alternate Data Stream - 231 bytes -> C:\ProgramData\Temp:8E5EA40F

@Alternate Data Stream - 213 bytes -> C:\ProgramData\Temp:71612023

@Alternate Data Stream - 202 bytes -> C:\ProgramData\Temp:D31BE97C

@Alternate Data Stream - 197 bytes -> C:\ProgramData\Temp:78E0DF72

@Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:D667795F




< End of report >
  • 0

Advertisements

#2
WhiteHat
Posted 21 May 2012 - 06:32 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hello bethabbott49 and welcome to GeeksToGo :)

My nickname is WhiteHat and I'm going to help you fix your problem.

Please note that I'm currently in training and my posts have to be approved by an expert before I reply.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • Please do not try to fix anything without being asked
  • I suggest you print or save any instructions I give you for easy reference. We may be using Safe mode and you will not always be able to access this thread.
  • I am currently reviewing your logs.


  • 0

#3
WhiteHat
Posted 22 May 2012 - 07:41 PM

WhiteHat

    Trusted Helper

  • Retired Staff
  • 1,925 posts
Hi bethabbott49,

The computer's temperature is really high and this can cause permanent hardware damage. I recommend you to backup your important data and clean the interior of the computer. If you don't know how to do this, see the tutorial below:
http://www.bleepingc...ide-of-your-pc/

Can you tell me what process is using ~ 100% of CPU? You posted an image but is not possible to the name of the process.

You have two antivirus installed on your computer (AVG 10 and McAffe). Please uninstall one of them because have both installed brings no benefit for computer security. Besides, They can compete with each other for system resources. More than one AV running has been known to produce false positives, and you end up with less protection.

I need you to run OTL again.

Run OTL.exe again.


  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • In Extra Registry, select Use SafeList
  • Under the Custom Scan box paste this in
    netsvcs
    msconfig
    drives
    %SYSTEMDRIVE%\*.*
    %systemdrive%\drivers\*.exe
    %systemroot%\system32\drivers\*.* /90
    %PROGRAMFILES%\*.*
    /md5start
    explorer.exe
    winlogon.exe
    Userinit.exe
    svchost.exe
    /md5stop
    C:\Windows\assembly\tmp\U /s
    HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /rs
    HKLM\SOFTWARE\CLIENTS\Startmenuinternet|command /64 /rs
    CREATERESTOREPOINT
  • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP