Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

HP G60 laptop running slow [Solved]


  • This topic is locked This topic is locked

#1
dar124

dar124

    Member

  • Member
  • PipPip
  • 87 posts
A friend of mine was having some issues with her laptop. Before I started to give it a look, I figured that I'd run some scans by the forum here to see if any major issues stood out. When I got it today it was running SLOOOOWWWW!!! When trying to open IE, My Computer or Control Panel it took literally 45-60 seconds. I installed a handful of pending Windows updates (which required a few reboots), installed the Adobe & Java updates that were waiting and ran the Norton Anit-Virus Live Update. But before I did too many things to it I wanted to have the OTL scan checked out.

I eventually want to add some more RAM, remove some of the HP "assistant" software that came pre-installed and look over any other junk programs that are installed and remove them.

This is a HP G60 Notebook, 2.20GHz CPU, running W7 Home Premium 64 bit with 3GB of RAM. Thanks in advance for the assistance.




OTL logfile created on: 10/22/2013 3:24:12 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gina\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 45.15% Memory free
5.86 Gb Paging File | 4.18 Gb Available in Paging File | 71.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 136.98 Gb Total Space | 70.45 Gb Free Space | 51.43% Space Free | Partition Type: NTFS
Drive D: | 11.87 Gb Total Space | 2.00 Gb Free Space | 16.85% Space Free | Partition Type: NTFS

Computer Name: GINA-PC | User Name: Gina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/10/22 14:31:54 | 000,829,832 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_9_900_117_ActiveX.exe
PRC - [2013/08/10 23:20:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gina\Desktop\OTL.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccsvchst.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/10/11 14:55:17 | 000,032,849 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
PRC - [2010/10/11 14:55:17 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/22 14:45:30 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\301dacd308d96a95618bcf2f75cc79e8\PresentationFramework.Aero.ni.dll
MOD - [2013/10/22 14:44:19 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0b0f6ceaa9cbdf419839633717e24b84\System.Runtime.Remoting.ni.dll
MOD - [2013/10/22 14:44:08 | 006,618,624 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\5d9c7f4a9c240c2e98ad7200118eef9a\System.Data.ni.dll
MOD - [2013/10/22 14:43:36 | 014,322,688 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\f45cb2688e7349d8a4b732694646868d\PresentationFramework.ni.dll
MOD - [2013/10/22 14:42:53 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\960d68ec3b31e5c2be38f97b8d360714\System.Drawing.ni.dll
MOD - [2013/10/22 14:42:47 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\cd5d3a5ac684d30b32841211eede3aa4\UIAutomationTypes.ni.dll
MOD - [2013/10/22 14:42:38 | 012,216,320 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7801bbaa000ba432402d6cdd3c5f289c\PresentationCore.ni.dll
MOD - [2013/10/22 14:42:14 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\c44becb068fc02b550c2d40e05078128\WindowsBase.ni.dll
MOD - [2013/10/22 14:42:02 | 005,452,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c3c2f8fb7a29fc0df38196038770466\System.Xml.ni.dll
MOD - [2013/10/22 14:41:55 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bad9c959d8d4bfd0ea8c512f5be98fb4\System.Configuration.ni.dll
MOD - [2013/10/22 14:41:50 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\906a179577f7639f058c74166a0360ea\System.ni.dll
MOD - [2013/10/22 14:41:39 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\89fc1a821554770c219a12013977ce8e\mscorlib.ni.dll
MOD - [2012/05/04 07:40:23 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/01/22 10:30:00 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/01/22 10:29:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/01/22 10:29:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009/10/25 22:27:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/10/25 22:27:54 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/10/25 22:27:46 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/10/25 22:27:46 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/10/25 22:27:46 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/10/25 22:27:44 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/10/25 22:27:38 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/10/25 22:27:20 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
MOD - [2009/06/10 17:23:18 | 000,372,736 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2009/06/10 17:23:17 | 002,933,248 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/10/22 14:31:59 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe -- (NAV)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/10/11 14:55:17 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/16 15:43:12 | 002,792,280 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/11/13 16:13:04 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/24 13:53:32 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/20 09:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/03/01 02:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/12 17:13:48 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 01:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/22 17:17:14 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2010/03/22 17:10:26 | 000,699,960 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/12/19 10:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/10/09 22:41:20 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/24 13:53:34 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/06/24 13:53:14 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/06/24 13:52:52 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2009/06/24 13:52:46 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009/06/24 13:52:32 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/06/19 00:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/04/29 11:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2007/03/19 17:02:32 | 000,049,664 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RLVrtAuCbl.sys -- (ReallusionVirtualAudio)
DRV - [2013/10/22 15:06:28 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20131022.001\ex64.sys -- (NAVEX15)
DRV - [2013/10/22 15:06:28 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20131022.001\eng64.sys -- (NAVENG)
DRV - [2013/10/18 17:05:00 | 000,521,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20131018.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/10/01 23:20:13 | 001,525,848 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20131002.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/08/28 23:56:50 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/08/28 23:56:50 | 000,140,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {403CE8DA-BA42-478B-945D-BCD60FB70B3C}
IE:64bit: - HKLM\..\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE:64bit: - HKLM\..\SearchScopes\{403CE8DA-BA42-478B-945D-BCD60FB70B3C}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {403CE8DA-BA42-478B-945D-BCD60FB70B3C}
IE - HKLM\..\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKLM\..\SearchScopes\{403CE8DA-BA42-478B-945D-BCD60FB70B3C}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.c...lt&ltmplcache=2
IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
IE - HKCU\..\SearchScopes,DefaultScope = {403CE8DA-BA42-478B-945D-BCD60FB70B3C}
IE - HKCU\..\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
IE - HKCU\..\SearchScopes\{403CE8DA-BA42-478B-945D-BCD60FB70B3C}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKCU\..\SearchScopes\{4C192071-94BE-45B3-89EC-10A8A5B86945}: "URL" = http://www.google.co...utputEncoding?}
IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Gina\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Gina\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Gina\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gina\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gina\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/29 16:51:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\1.bin [2010/10/11 14:55:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFF [2013/10/22 15:07:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/29 16:51:58 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
O4 - HKCU..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} https://www.cchs.net...rs7/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.28.254.24 10.144.127.217
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B501DF2E-F13B-4FB6-AECD-7641FDDEBE93}: DhcpNameServer = 172.28.254.24 10.144.127.217
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/22 15:21:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gina\Desktop\OTL.exe
[2013/10/22 14:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/22 14:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/22 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/22 14:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/10/22 15:26:01 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/22 15:26:01 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/22 15:26:01 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/22 15:10:28 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 15:10:28 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/22 15:09:02 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1063068385-1061194901-4117872327-1000UA.job
[2013/10/22 15:09:02 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/22 15:03:13 | 000,000,290 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2013/10/22 15:02:15 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/22 15:01:41 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/22 15:01:34 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/22 15:00:54 | 2361,806,848 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/22 14:27:12 | 000,355,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/22 12:49:05 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1063068385-1061194901-4117872327-1000Core.job
[2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/02 17:43:24 | 000,001,854 | ---- | C] () -- C:\Users\Gina\AppData\Roaming\GhostObjGAFix.xml
[2010/11/01 20:58:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/27 17:10:00 | 000,000,290 | ---- | C] () -- C:\ProgramData\hpqp.ini

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/01/04 05:59:19 | 014,164,480 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/01/04 05:03:45 | 012,868,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009/07/13 21:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/11/23 14:01:47 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Tific
[2009/12/25 20:43:15 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\WildTangent
[2010/11/10 14:17:27 | 000,000,000 | ---D | M] -- C:\Users\Gina\AppData\Roaming\Windows Live Writer

========== Purity Check ==========



< End of report >









OTL Extras logfile created on: 10/22/2013 3:24:13 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gina\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.32 Gb Available Physical Memory | 45.15% Memory free
5.86 Gb Paging File | 4.18 Gb Available in Paging File | 71.35% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 136.98 Gb Total Space | 70.45 Gb Free Space | 51.43% Space Free | Partition Type: NTFS
Drive D: | 11.87 Gb Total Space | 2.00 Gb Free Space | 16.85% Space Free | Partition Type: NTFS

Computer Name: GINA-PC | User Name: Gina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02E9D748-4063-4ED5-9395-6E33E14F1F05}" = lport=445 | protocol=6 | dir=in | app=system |
"{042D921C-F914-43EC-93A0-B85FBAC959AC}" = rport=138 | protocol=17 | dir=out | app=system |
"{072E5323-38EA-47F5-8048-F8926FB47183}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F75792A-B640-4870-B8E8-876A7AD6AA3C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{31F836A3-E59D-4CE4-8F42-26EC1816FA2B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{440FE294-1610-4C50-9F6C-764C92822DE4}" = rport=137 | protocol=17 | dir=out | app=system |
"{45ECF997-CE46-4061-8C4C-53C0836428AE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{4A0E6860-AE40-40C8-B7DC-50BC669E8F53}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D3EEF7F-B639-4148-A2CB-55B7F190D7FD}" = rport=10243 | protocol=6 | dir=out | app=system |
"{581F18DD-6D72-4E30-BEC8-52469D4DB089}" = rport=445 | protocol=6 | dir=out | app=system |
"{59991A2F-E52E-4619-9A78-294D46BB1396}" = lport=2869 | protocol=6 | dir=in | app=system |
"{7571CA74-C9BC-4CD7-B8DB-831219C7FD12}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{77BE3376-F07F-41C7-AF95-A1E5919FFA18}" = rport=139 | protocol=6 | dir=out | app=system |
"{7F9C0B47-A70D-461D-AD8B-3DB20791B62D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9E3A9A42-103A-4F3B-A0AB-199C9674F71E}" = lport=137 | protocol=17 | dir=in | app=system |
"{9F19F4A7-C94D-4318-A668-96A67C0C59B1}" = lport=138 | protocol=17 | dir=in | app=system |
"{A561DD8D-90C8-4FDB-AB9D-B500CD31D03F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{B1E8B7F4-6C91-48B3-8887-421D540335E5}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B753C399-F4AA-4013-BBB6-29F2D08D597E}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C71F518D-13DC-4440-A854-11A855CCFFFD}" = lport=139 | protocol=6 | dir=in | app=system |
"{C82F2BB0-1656-4D06-BA7B-1F32C91D793A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{D0BCF81D-4981-4828-A43D-0891410F7347}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D1196A92-2AF0-4D48-A3C4-4F8D304A57A5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{D4E05898-14EE-4348-8368-57A8640E0BD0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{F76D987F-E44C-42A6-B1C9-D40BA1D3D6F9}" = lport=2869 | protocol=6 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02C46E64-CFAF-46C6-8E00-0A862C3D37DC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{08B04111-3318-42AA-A911-8B3A65B95B6D}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{122E53B5-B220-43CC-96D9-B6CD7A232E05}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr.exe |
"{173DF16C-1B71-4CF4-A22D-C26B35211C28}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{314CD5E8-5C34-477F-AAAA-2CEA015ACFF8}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{45515162-3BC4-4046-AD6D-1D5641F39154}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{4AE72F79-F50E-4562-A81B-697B283E0D6E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{50D9DC7E-A976-4167-9998-08404941BAC1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5811929D-02F1-4B26-A3ED-6AC86474BC93}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{6552A246-D04A-49E5-99FD-F2B3C6B609B1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6908368E-3592-4D25-AF83-A25AC029E383}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6D93C403-F9FD-41E1-BA65-A918C58B7FB0}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{72D6A746-C49D-4FB9-BFB1-9CA4CA6FF63B}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{76154938-8495-469A-9E97-345E6AC1264F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{7C64D16C-D6BC-4397-AA96-3BEF24ADBFA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8247CB21-ED54-4564-9675-FEF73816B504}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{859A0377-992C-468F-9123-BAA91BF7B15D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{86D98AF0-C259-4EB2-B9FD-C47FFD8074D4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{89ECD497-6A36-4E69-8F89-56446B65A18E}" = protocol=58 | dir=out | [email protected],-28546 |
"{8D09CDD9-B693-4E4B-A9A3-2DAF62532928}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9F094D8E-4D06-4392-8426-F129EF355C10}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FF4BA97-68F3-4329-8536-8CB063836342}" = dir=in | app=c:\program files (x86)\hp\quickplay\qpservice.exe |
"{A55A157C-B5E5-4D0A-9FA5-1161F2B4F1B4}" = protocol=58 | dir=in | [email protected],-28545 |
"{C42091FC-3570-44BB-9DCD-5C18A8808E34}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CCEEB812-9A7B-44E9-9747-7F02ADDE4886}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{D0820041-6DCD-41F5-AB0F-5D8CC8C013E6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{D8E92D14-2A42-4B73-A926-1740D359AA2C}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{DB24CFDC-8220-4AE1-9B86-C1D565F3379F}" = protocol=1 | dir=in | [email protected],-28543 |
"{DCB4E92E-FA03-4B53-A10E-6DDF1728B87C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{E1878868-55DD-4D19-AECC-B9DFDB7D73CC}" = protocol=6 | dir=out | app=system |
"{E2BB2296-FAEC-4307-98B3-E0AC1B8367CF}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E6D50ED0-6AFC-4B10-9EF6-F8C6151BCB68}" = protocol=1 | dir=out | [email protected],-28544 |
"{E8BAE7FC-AA78-4F4D-A0AB-CA2B31F2D467}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E8CE5405-AEAB-4DA6-9739-8B1BC6179661}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{EAA09289-9BB8-4497-B1E2-83195448237F}" = dir=in | app=c:\program files (x86)\hp\quickplay\qp.exe |
"{F366AD98-16E3-403F-AA44-4746C5D5B96F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{F888D97D-CB1C-4B54-8933-491E79DB2C01}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"TCP Query User{4FCD5F5E-CC95-4609-8B4B-2381819B67AF}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"TCP Query User{984FBD50-CEEC-4DDD-A53F-44CD688B1D8D}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=6 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"UDP Query User{0E7611E1-6A2B-4207-B9BC-44FA7FDE2BBE}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |
"UDP Query User{4172FA5A-1811-453D-AE0A-AB9C7F153B41}C:\program files (x86)\symantec\norton online backup\nobuclient.exe" = protocol=17 | dir=in | app=c:\program files (x86)\symantec\norton online backup\nobuclient.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java™ 6 Update 14 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5EB6F3CB-46F4-451F-A028-7F6D8D35D7D0}" = Windows Live Language Selector
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}" = MobileMe Control Panel
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CNXT_AUDIO_HDA" = Conexant HD Audio
"CNXT_MODEM_HDA_HSF" = HDAUDIO Soft Data Fax Modem with SmartCP
"HDMI" = Intel® Graphics Media Accelerator Driver
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}" = Microsoft Works
"{15CC861C-C69E-3758-8961-CE304C2595B6}" = Google Talk Plugin
"{16D0F2D2-242C-4885-BEF1-4B1655C141AE}" = Bing Bar
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 45
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{2EA45803-BEB7-46C4-9ADC-46A5F9E7BB77}" = GEAR driver installer for x86 and x64
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34D2AB40-150D-475D-AE32-BD23FB5EE355}" = HP Quick Launch Buttons
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = PowerRecover
"{45D707E9-F3C4-11D9-A373-0050BAE317E1}" = HP DVD Play 3.7
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CBABDFD-49F8-47FD-BE7D-ECDE7270525A}" = Windows Live PIMT Platform
"{4E432692-A736-4F77-AF77-F9078CF88D31}" = HP Wireless Assistant
"{50816F92-1652-4A7C-B9BC-48F682742C4B}" = Messenger Companion
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{64A7418C-6BD4-48BE-A2E3-CAEC3BCD9E81}" = HP User Guides 0156
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6A05FEDF-662E-46BF-8A25-010E3F1C9C69}" = Windows Live UX Platform Language Pack
"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.2.0
"{6F44AF95-3CDE-4513-AD3F-6D45F17BF324}" = HP Support Assistant
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (English)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}" = Windows Live Sync
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.4.4 MUI
"{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}" = HP Advisor
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Atheros Driver Installation Program
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}" = Skype Toolbars
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D1504C77-1B19-4AF0-8DEC-946666123B55}" = CrazyTalk Cam Suite
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D46D081B-F60E-467E-A7C4-117B70D76731}" = HP Update
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE626616-D7C4-4F00-7E0B-EAF26FA65749}" = muvee Reveal
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF802C05-4660-418c-970C-B988ADB1D316}" = Microsoft Live Search Toolbar
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F1D7AC58-554A-4A58-B784-B61558B1449A}" = QLBCASL
"{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}" = HP Setup
"{FA4C2D53-205F-4245-9717-F3761154824D}" = Safari
"{FA8BFB25-BF48-4F8B-8859-B30810745190}" = LightScribe System Software
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Google Chrome Frame" = Google Chrome Frame
"Homepage Protection" = Homepage Protection
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"Lippincott's Q&A Review for NCLEX-RN, 9th Edition" = Lippincott's Q&A Review for NCLEX-RN, 9th Edition
"MyWebSearch bar Uninstall" = My Web Search (Retrogamer)
"NAV" = Norton AntiVirus
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite" = Windows Live Essentials

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 8/3/2013 3:07:01 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/3/2013 3:07:01 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 64854701

Error - 8/3/2013 3:07:01 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 64854701

Error - 8/3/2013 3:07:02 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/3/2013 3:07:02 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 64855699

Error - 8/3/2013 3:07:02 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 64855699

Error - 8/3/2013 3:07:03 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 8/3/2013 3:07:03 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 64856713

Error - 8/3/2013 3:07:03 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 64856713

Error - 8/3/2013 3:07:04 PM | Computer Name = Gina-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

[ Hewlett-Packard Events ]
Error - 6/26/2012 4:57:46 PM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 6/26/2012 4:58:18 PM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 6/26/2012 4:58:18 PM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 8/25/2012 6:28:07 AM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HP.SupportAssistant.Common.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3003 Ram Utilization:
40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 8/25/2012 6:28:11 AM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3003 Ram Utilization:
40 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


Error - 3/18/2013 11:38:57 AM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 6/22/2013 5:04:28 PM | Computer Name = Gina-PC | Source = HPSFMsgr.exe | ID = 2000
Description = HP Error ID: -2146233087 Server stack trace: at System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()

at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway,
ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)

at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0] Message: The communication object, System.ServiceModel.Channels.ServiceChannel,
cannot be used for communication because it has been Aborted. StackTrace: Server
stack trace: at System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()

at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway,
ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)

at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage
methodCall, ProxyOperationRuntime operation) at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage
message) Exception rethrown at [0]: at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage
reqMsg, IMessage retMsg) at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData&
msgData, Int32 type) at HP.SupportFramework.Communicator.MessengerComm.IMessengerCommunicatorCallback.CancelTuneup()

at HPSA_Messenger.MessengerPopUpWindow.btnStackPopUp_Click(Object sender, RoutedEventArgs
e) Source: mscorlib Name: HPSFMsgr.exe Version: 01.00.00.00 Path: C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe Format:
en-US RAM: 3003 Ram Utilization: 30 TargetSite: Void HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage,
System.Runtime.Remoting.Messaging.IMessage)

Error - 8/2/2013 9:05:11 PM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261 at HPSFConfigReader.ConfigHelper.loadXML()

at HPSFConfigReader.ConfigHelper..ctor() at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Message: Object reference not set to an instance of an object. StackTrace:
at HPSFConfigReader.ConfigHelper.loadXML() at HPSFConfigReader.ConfigHelper..ctor()

at HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3003
Ram
Utilization: 40 TargetSite: Void loadXML()

Error - 8/5/2013 5:23:13 PM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 4000
Description =

Error - 8/29/2013 12:00:43 AM | Computer Name = Gina-PC | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467261HPSF.exe at HP.SupportAssistant.Common.CustomerExperience.HPSASession.AddNavigationProperties()
Message:
Object reference not set to an instance of an object. StackTrace: at HP.SupportAssistant.Common.CustomerExperience.HPSASession.AddNavigationProperties()
Source:
HP.SupportAssistant.Common Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program Files
(x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: en-US RAM: 3003 Ram Utilization:
60 TargetSite: HP.SupportFramework.HPSFReporting._Property[] AddNavigationProperties()


[ System Events ]
Error - 5/22/2011 8:05:30 PM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7009
Description = A timeout was reached (30000 milliseconds) while waiting for the HP
Software Framework Service service to connect.

Error - 5/22/2011 8:05:30 PM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7000
Description = The HP Software Framework Service service failed to start due to the
following error: %%1053

Error - 5/23/2011 2:08:14 PM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NAV service.

Error - 5/23/2011 2:08:44 PM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NAV service.

Error - 5/29/2011 1:03:56 PM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the ShellHWDetection service.

Error - 5/30/2011 8:20:27 PM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NAV service.

Error - 6/6/2011 8:27:24 PM | Computer Name = Gina-PC | Source = DCOM | ID = 10010
Description =

Error - 6/7/2011 2:32:58 PM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NAV service.

Error - 6/8/2011 9:53:54 AM | Computer Name = Gina-PC | Source = Service Control Manager | ID = 7011
Description = A timeout (30000 milliseconds) was reached while waiting for a transaction
response from the NAV service.

Error - 6/9/2011 10:04:59 PM | Computer Name = Gina-PC | Source = EventLog | ID = 6008
Description = The previous system shutdown at 9:46:43 AM on ?6/?9/?2011 was unexpected.


< End of report >
  • 0

Advertisements


#2
blmadara

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi , welcome to Geeks to Go. My name is blmadara and I will be helping you with your problems. Please be patient with me as I am still in training and my responses will have to be reviewed by an expert before I can post them.

I'd like to go over some things that will help both of us.

  • Read each of my posts entirely before performing my instructions. It would be helpful if you printed my instructions so you can read and check the steps as you perform them.
  • Follow the steps exactly in the order posted.
  • Please don't be afraid to ask questions. If you don't understand something, let me know before continuing.
  • If you can't perform a certain step, or you're unsure about what to do, please stop and let me know.
  • It is very important that you stay with me until the end so we make sure that we have removed all the bad stuff.
  • Please don't attach any logs to your posts unless I request it. It is easier for me if you copy and paste the logs into your reply.
  • Finally, never fix anything using other programs on your own. This can hinder my ability to see what is wrong with your computer and make it harder to clean your computer.

I am currently reviewing your logs and will reply with instructions as soon as possible.
  • 0

#3
dar124

dar124

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Sounds good. Looking forward to your instructions.
  • 0

#4
blmadara

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi dar124,

Step One: Uninstall Programs

  • Click the Start Orb and select Control Panel.
  • In Control Panel, select Uninstall a program or Programs and Features.
  • Select the following one at a time
    • Java™ 6 Update 14 (64-bit)
      My Web Search (Retrogamer)
  • Click Uninstall.

Step Two: OTL Fix

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot


Note: If you are using the pro version or trial version of Malwarebytes 1.6 or higher please disable it for the duration of this fix as it may interfere with the successful execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.



Run OTL
Posted Image
  • Under the Custom Scans/Fixes box at the bottom, paste in the following (do not copy the word "quote")

    :Commands
    [createrestorepoint]

    :OTL
    PRC - [2010/10/11 14:55:17 | 000,032,849 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE
    PRC - [2010/10/11 14:55:17 | 000,028,762 | ---- | M] (MyWebSearch.com) -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE
    SRV - [2010/10/11 14:55:17 | 000,028,762 | ---- | M] (MyWebSearch.com) [Auto | Running] -- C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE -- (MyWebSearchService)
    IE:64bit: - HKLM\..\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
    IE - HKLM\..\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
    IE - HKLM\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
    IE - HKCU\..\URLSearchHook: {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
    IE - HKCU\..\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpl
    IE - HKCU\..\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}: "URL" = http://search.mywebs...r={searchTerms}
    FF - HKLM\Software\MozillaPlugins\@mywebsearch.com/Plugin: C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll (MyWebSearch.com)
    FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\MyWebSearch\bar\1.bin [2010/10/11 14:55:26 | 000,000,000 | ---D | M]
    O2 - BHO: (MyWebSearch Search Assistant BHO) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (MyWebSearch.com)
    O2 - BHO: (mwsBar BHO) - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
    O3 - HKLM\..\Toolbar: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
    O3 - HKCU\..\Toolbar\WebBrowser: (My Web Search) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL (MyWebSearch.com)
    O4 - HKLM..\Run: [] File not found
    O4 - HKLM..\Run: [My Web Search Bar Search Scope Monitor] C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (MyWebSearch.com)
    O4 - HKLM..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
    O4 - HKCU..\Run: [MyWebSearch Email Plugin] C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE (MyWebSearch.com)
    O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
    O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
    O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_14)
    [2 C:\Program Files (x86)\*.tmp files -> C:\Program Files (x86)\*.tmp -> ]

    :Files
    C:\Program Files (x86)\MyWebSearch
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done and post the log it produces in your next reply.
  • Open OTL again.
  • Please select the Scan All Users checkbox.
  • Click the Run Scan button. Post the log it produces in your next reply.

Step Three: AdwCleaner

Download AdwCleaner from here or here and save it to your desktop.
Run AdwCleaner and select Scan. Once the scan is complete, select Clean.

Posted Image

Once done it will ask to reboot, allow this.
On reboot a log will be produced, please post it in your next reply.

Step Four: Junkware Removal Tool

Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step Five: Run aswMBR

Download aswMBR.exe to your desktop.

  • Double click aswMBR.exe to run it.
  • When asked if you want to download Avast's virus definitions please select, No.
  • Click Scan to start the scan.
    Posted Image
  • When the scan ends click Save Log and save it to your desktop.
    Posted Image
  • Post the log in your next reply.

Step Five: Computer Symptoms

Please let me know what problems you are having with your computer.


What I need in your next post:
1. The OTL reports, one for the fix, and the one from the new scan, OTL.txt.
2. The AdwCleaner log.
3. the Junkware Removal Tool log, JRT.txt .
4. The log produced by aswMBR.exe.
5. Let me know what problems you are having with your computer.
  • 0

#5
dar124

dar124

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Ok, I've uninstalled those 2 programs, ran the OTL fix, ran the other scans and attached the logs below.

Something may have been corrected a bit, because I've noticed that Windows update has been downloading and installing a lot of updates. I hadnt noticed that until after a couple of these scans were done. (Hopefully this is a good sign). The laptop still seems to be running slow. It takes a while for it to boot and load Windows and also IE is slow to load. I've gotten a notice/option when opening IE for me to speed up IE by "disabling add-ons". I went thru and disabled the top few on the list (the one that I remember was a Java add-on), but after rebooting and going back into IE, I get the same "disable add-ons" prompt.

I'm 90% sure that I have an extra stick of RAM (to get me to a full 4GB), so I'll try to add that in in the next day or so. I'd also like to remove some of the pre-installed HP software/bloatware. Do you have any recommendations/suggestions on which of HP programs can be removed?? Hopefully doing those 2 things would speed things up a bit??



All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
No active process named MWSOEMON.EXE was found!
No active process named MWSSVC.EXE was found!
Error: No service named MyWebSearchService was found to stop!
Service\Driver key MyWebSearchService not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSVC.EXE not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397CFBAF-01FE-4A0D-950E-041F4905DC38}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397CFBAF-01FE-4A0D-950E-041F4905DC38}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{397CFBAF-01FE-4A0D-950E-041F4905DC38}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{397CFBAF-01FE-4A0D-950E-041F4905DC38}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56256A51-B582-467e-B8D4-7786EDA79AE0}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\MozillaPlugins\@mywebsearch.com/Plugin\ not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected] not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSSRCAS.DLL not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\M3SRCHMN.EXE not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin not found.
File C:\Program Files (x86)\MyWebSearch\bar\1.bin\MWSOEMON.EXE not found.
Starting removal of ActiveX control {8AD9C840-044E-11D1-B3E9-00805F499D93}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AD9C840-044E-11D1-B3E9-00805F499D93}\ not found.
Starting removal of ActiveX control {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}\ not found.
Starting removal of ActiveX control {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}\ not found.
C:\Program Files (x86)\GUM19A7.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\GoogleCrashHandler64.exe deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\GoogleUpdate.exe deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\GoogleUpdateSetup.exe deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdate.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_en-GB.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_en.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\psmachine.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp\psuser.dll deleted successfully.
C:\Program Files (x86)\GUM19A7.tmp folder deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\GoogleCrashHandler.exe deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\GoogleCrashHandler64.exe deleted successfully.
File delete failed. C:\Program Files (x86)\GUMEED0.tmp\GoogleUpdate.exe scheduled to be deleted on reboot.
C:\Program Files (x86)\GUMEED0.tmp\GoogleUpdateBroker.exe deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\GoogleUpdateHelper.msi deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\GoogleUpdateOnDemand.exe deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\GoogleUpdateSetup.exe deleted successfully.
File delete failed. C:\Program Files (x86)\GUMEED0.tmp\goopdate.dll scheduled to be deleted on reboot.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_am.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ar.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_bg.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_bn.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ca.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_cs.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_da.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_de.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_el.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_en-GB.dll deleted successfully.
File delete failed. C:\Program Files (x86)\GUMEED0.tmp\goopdateres_en.dll scheduled to be deleted on reboot.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_es-419.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_es.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_et.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_fa.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_fi.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_fil.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_fr.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_gu.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_hi.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_hr.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_hu.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_id.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_is.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_it.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_iw.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ja.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_kn.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ko.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_lt.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_lv.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ml.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_mr.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ms.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_nl.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_no.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_pl.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_pt-BR.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_pt-PT.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ro.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ru.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_sk.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_sl.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_sr.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_sv.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_sw.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ta.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_te.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_th.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_tr.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_uk.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_ur.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_vi.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_zh-CN.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\goopdateres_zh-TW.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\npGoogleUpdate3.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\psmachine.dll deleted successfully.
C:\Program Files (x86)\GUMEED0.tmp\psuser.dll deleted successfully.
Folder delete failed. C:\Program Files (x86)\GUMEED0.tmp scheduled to be deleted on reboot.
C:\Program Files (x86)\GUT1A25.tmp deleted successfully.
File delete failed. C:\Program Files (x86)\GUTEED1.tmp scheduled to be deleted on reboot.
========== FILES ==========
File\Folder C:\Program Files (x86)\MyWebSearch not found.
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Gina\Desktop\cmd.bat deleted successfully.
C:\Users\Gina\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gina
->Temp folder emptied: 575558123 bytes
->Temporary Internet Files folder emptied: 833401503 bytes
->Java cache emptied: 124413741 bytes
->Apple Safari cache emptied: 8301568 bytes
->Flash cache emptied: 173819 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 403179569 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36053233 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 749 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,889.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10232013_152348

Files\Folders moved on Reboot...
File\Folder C:\Program Files (x86)\GUMEED0.tmp\GoogleUpdate.exe not found!
File\Folder C:\Program Files (x86)\GUMEED0.tmp\goopdate.dll not found!
File\Folder C:\Program Files (x86)\GUMEED0.tmp\goopdateres_en.dll not found!
File\Folder C:\Program Files (x86)\GUMEED0.tmp not found!
File\Folder C:\Program Files (x86)\GUTEED1.tmp not found!
C:\Users\Gina\AppData\Local\Temp\Low\JavaDeployReg.log moved successfully.
C:\Users\Gina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\ED8654D5-B9F0-4DD9-B3E8-F8F560086FDF.dat moved successfully.
C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Windows\temp\nav3717.tmp moved successfully.
C:\Windows\temp\sub5591.tmp moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...






OTL logfile created on: 10/23/2013 3:45:09 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Gina\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

2.93 Gb Total Physical Memory | 1.89 Gb Available Physical Memory | 64.60% Memory free
5.86 Gb Paging File | 4.70 Gb Available in Paging File | 80.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 136.98 Gb Total Space | 78.28 Gb Free Space | 57.15% Space Free | Partition Type: NTFS
Drive D: | 11.87 Gb Total Space | 2.00 Gb Free Space | 16.85% Space Free | Partition Type: NTFS

Computer Name: GINA-PC | User Name: Gina | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013/08/10 23:20:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Gina\Desktop\OTL.exe
PRC - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccsvchst.exe
PRC - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
PRC - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


========== Modules (No Company Name) ==========

MOD - [2013/10/23 15:21:21 | 001,051,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\6f3b99ed0b791ff4d8aa52f2f0cd0bcf\System.Management.ni.dll
MOD - [2013/10/23 14:55:55 | 000,368,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\299d0b38053fd7cbd84bac2178c3703b\PresentationFramework.Aero.ni.dll
MOD - [2013/10/23 14:55:44 | 014,339,072 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\bfaf8f86e69928fb2f67987c0203f603\PresentationFramework.ni.dll
MOD - [2013/10/23 14:55:15 | 000,185,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\UIAutomationTypes\6820836e29efa97200d3fcfb4d0f170b\UIAutomationTypes.ni.dll
MOD - [2013/10/23 14:55:07 | 012,234,752 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\2ad23de8284d4594aa658dfb5e667d97\PresentationCore.ni.dll
MOD - [2013/10/23 14:54:50 | 003,347,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\cf293040f3a93afa1ea782487acae816\WindowsBase.ni.dll
MOD - [2013/10/23 14:53:23 | 006,611,456 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\1e85062785e286cd9eae9c26d2c61f73\System.Data.ni.dll
MOD - [2013/10/23 14:53:05 | 001,587,200 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\dbfe8642a8ed7b2b103ad28e0c96418a\System.Drawing.ni.dll
MOD - [2013/10/23 14:52:48 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\5cae93d923c8378370758489e5535820\System.Runtime.Remoting.ni.dll
MOD - [2013/10/23 14:52:34 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\461d3b6b3f43e6fbe6c897d5936e17e4\System.Xml.ni.dll
MOD - [2013/10/23 14:46:35 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\bc09ad2d49d8535371845cd7532f9271\System.Configuration.ni.dll
MOD - [2013/10/23 14:46:31 | 007,963,136 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9e0a3b9b9f457233a335d7fba8f95419\System.ni.dll
MOD - [2013/10/23 14:45:11 | 011,490,304 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\62a0b3e4b40ec0e8c5cfaa0c8848e64a\mscorlib.ni.dll
MOD - [2012/05/04 07:40:23 | 000,036,920 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\HP.ActiveSupportLibrary\2.0.0.1__01a974bc1760f423\HP.ActiveSupportLibrary.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/11/04 21:58:05 | 002,927,616 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2010/01/22 10:30:00 | 007,745,536 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
MOD - [2010/01/22 10:29:58 | 002,121,728 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
MOD - [2010/01/22 10:29:58 | 000,135,168 | ---- | M] () -- C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
MOD - [2009/10/25 22:27:56 | 000,061,440 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
MOD - [2009/10/25 22:27:54 | 000,131,072 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
MOD - [2009/10/25 22:27:46 | 000,040,960 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
MOD - [2009/10/25 22:27:46 | 000,036,864 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
MOD - [2009/10/25 22:27:46 | 000,007,680 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
MOD - [2009/10/25 22:27:44 | 000,005,632 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
MOD - [2009/10/25 22:27:38 | 000,018,944 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
MOD - [2009/10/25 22:27:20 | 000,028,672 | ---- | M] () -- C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll


========== Services (SafeList) ==========

SRV:64bit: - [2010/09/22 18:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 21:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2013/10/22 16:03:14 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/07/13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2011/09/09 17:10:28 | 000,086,072 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2011/07/07 19:31:08 | 000,195,336 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/06/15 17:33:20 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (BBUpdate)
SRV - [2011/04/16 20:45:11 | 000,130,008 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ccSvcHst.exe -- (NAV)
SRV - [2011/03/28 17:07:50 | 000,094,264 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe -- (HPDrvMntSvc.exe)
SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/02/16 15:43:12 | 002,792,280 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2009/11/13 16:13:04 | 000,238,328 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2009/06/24 13:53:32 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\XAudio64.dll -- (HsfXAudioService)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/06/20 09:42:44 | 003,678,720 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/05/12 17:13:48 | 000,174,200 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2011/05/10 08:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011/04/20 21:37:49 | 000,386,168 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\symnets.sys -- (SymNetS)
DRV:64bit: - [2011/03/30 23:00:09 | 000,744,568 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2011/03/30 23:00:09 | 000,040,568 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2011/03/14 22:31:23 | 000,912,504 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\symefa64.sys -- (SymEFA)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/11 19:16:38 | 010,628,640 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/01/27 02:47:10 | 000,450,680 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\symds64.sys -- (SymDS)
DRV:64bit: - [2011/01/27 01:07:06 | 000,171,128 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NAVx64\1207010.003\ironx64.sys -- (SymIRON)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 05:37:42 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/09/23 00:36:48 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2010/03/22 17:17:14 | 000,139,264 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2010/03/22 17:10:26 | 000,699,960 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2009/12/19 10:11:40 | 000,314,400 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/24 13:53:34 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\XAudio64.sys -- (XAudio)
DRV:64bit: - [2009/06/24 13:53:14 | 001,485,824 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_DPV.sys -- (HSF_DPV)
DRV:64bit: - [2009/06/24 13:52:52 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\mdmxsdk.sys -- (mdmxsdk)
DRV:64bit: - [2009/06/24 13:52:46 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAX_CNXT.sys -- (winachsf)
DRV:64bit: - [2009/06/24 13:52:32 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CAXHWAZL.sys -- (CAXHWAZL)
DRV:64bit: - [2009/06/19 00:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009/06/10 17:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92)
DRV:64bit: - [2009/06/10 17:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac)
DRV:64bit: - [2009/06/10 17:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA)
DRV:64bit: - [2009/06/10 16:35:33 | 000,389,120 | ---- | M] (Marvell) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\yk62x64.sys -- (yukonw7)
DRV:64bit: - [2009/06/10 16:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/06/04 20:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009/04/29 11:48:32 | 000,018,432 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HpqKbFiltr.sys -- (HpqKbFiltr)
DRV:64bit: - [2007/03/19 17:02:32 | 000,049,664 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RLVrtAuCbl.sys -- (ReallusionVirtualAudio)
DRV - [2013/10/22 19:11:13 | 001,524,824 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20131022.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/10/22 15:06:28 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20131023.002\ex64.sys -- (NAVEX15)
DRV - [2013/10/22 15:06:28 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20131023.002\eng64.sys -- (NAVENG)
DRV - [2013/10/18 17:05:00 | 000,521,816 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20131022.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/08/28 23:56:50 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013/08/28 23:56:50 | 000,140,376 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {403CE8DA-BA42-478B-945D-BCD60FB70B3C}
IE:64bit: - HKLM\..\SearchScopes\{403CE8DA-BA42-478B-945D-BCD60FB70B3C}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.h...avilion&pf=cnnb
IE - HKLM\..\SearchScopes,DefaultScope = {403CE8DA-BA42-478B-945D-BCD60FB70B3C}
IE - HKLM\..\SearchScopes\{403CE8DA-BA42-478B-945D-BCD60FB70B3C}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.h...avilion&pf=cnnb
IE - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\..\SearchScopes,DefaultScope = {403CE8DA-BA42-478B-945D-BCD60FB70B3C}
IE - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\..\SearchScopes\{403CE8DA-BA42-478B-945D-BCD60FB70B3C}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\..\SearchScopes\{4C192071-94BE-45B3-89EC-10A8A5B86945}: "URL" = http://www.google.co...utputEncoding?}
IE - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Gina\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Gina\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Gina\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Gina\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Gina\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/29 16:51:58 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\IPSFF [2013/10/22 15:07:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/03/29 16:51:58 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2013/10/23 15:27:33 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: ::1 localhost
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (Symantec Intrusion Prevention) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\18.7.1.3\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
O2 - BHO: (Skype Plug-In) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (ChromeFrame BHO) - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [NortonOnlineBackup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [UpdatePRCShortCut] C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
O4 - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000..\Run: [SmartAudio] C:\Program Files\CONEXANT\SAII\SAIICpl.exe ()
O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O7 - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: WallpaperStyle = 2
O9 - Extra Button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {15B782AF-55D8-11D1-B477-006097098764} https://www.cchs.net...rs7/awswaxd.cab (Macromedia Authorware Web Player Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} http://lads.myspace....ceUploader2.cab (MySpace Uploader Control)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} http://trial.trymicr...osoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 172.28.254.24 10.144.127.217
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B501DF2E-F13B-4FB6-AECD-7641FDDEBE93}: DhcpNameServer = 172.28.254.24 10.144.127.217
O18:64bit: - Protocol\Handler\gcf - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\gcf {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\28.0.1500.95\npchrome_frame.dll (Google Inc.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/10/23 15:23:48 | 000,000,000 | ---D | C] -- C:\_OTL
[2013/10/22 18:23:52 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2013/10/22 18:23:52 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2013/10/22 16:21:57 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\SPReview
[2013/10/22 16:20:43 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\EventProviders
[2013/10/22 16:01:58 | 017,813,896 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/10/22 15:21:50 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Gina\Desktop\OTL.exe
[2013/10/22 14:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Oracle
[2013/10/22 14:54:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2013/10/22 14:53:08 | 000,264,616 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/22 14:51:44 | 000,096,168 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/22 14:51:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2013/10/22 14:51:43 | 000,175,016 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/22 14:51:43 | 000,174,504 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/22 14:38:22 | 000,000,000 | ---D | C] -- C:\ProgramData\McAfee

========== Files - Modified Within 30 Days ==========

[2013/10/23 15:49:21 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013/10/23 15:49:20 | 000,023,248 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013/10/23 15:46:47 | 000,726,444 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013/10/23 15:46:47 | 000,624,412 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013/10/23 15:46:47 | 000,106,756 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013/10/23 15:42:30 | 000,000,290 | ---- | M] () -- C:\ProgramData\hpqp.ini
[2013/10/23 15:40:45 | 000,000,890 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013/10/23 15:40:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013/10/23 15:40:09 | 2361,806,848 | -HS- | M] () -- C:\hiberfil.sys
[2013/10/23 15:27:33 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2013/10/23 15:09:57 | 000,000,894 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013/10/23 15:09:28 | 000,000,904 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1063068385-1061194901-4117872327-1000UA.job
[2013/10/23 14:48:45 | 000,355,240 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013/10/22 19:01:29 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013/10/22 16:56:17 | 000,152,576 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msclmd.dll
[2013/10/22 16:56:16 | 000,175,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msclmd.dll
[2013/10/22 16:03:14 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013/10/22 16:03:14 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013/10/22 16:01:58 | 017,813,896 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerInstaller.exe
[2013/10/22 14:50:59 | 000,096,168 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013/10/22 14:50:57 | 000,264,616 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013/10/22 14:50:57 | 000,175,016 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013/10/22 14:50:57 | 000,174,504 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013/10/22 12:49:05 | 000,000,852 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1063068385-1061194901-4117872327-1000Core.job

========== Files Created - No Company Name ==========

[2013/10/22 18:24:02 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2011/01/02 17:43:24 | 000,001,854 | ---- | C] () -- C:\Users\Gina\AppData\Roaming\GhostObjGAFix.xml
[2010/11/01 20:58:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/10/27 17:10:00 | 000,000,290 | ---- | C] () -- C:\ProgramData\hpqp.ini

========== ZeroAccess Check ==========

[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012/06/09 01:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012/06/09 00:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >





# AdwCleaner v3.010 - Report created 23/10/2013 at 22:20:44
# Updated 20/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Gina - GINA-PC
# Running from : C:\Users\Gina\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\FunWebProducts
File Deleted : C:\Users\Public\Desktop\eBay.lnk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16476


*************************

AdwCleaner[R0].txt - [6295 octets] - [23/10/2013 21:06:29]
AdwCleaner[S0].txt - [6065 octets] - [23/10/2013 22:20:44]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6125 octets] ##########






~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Gina on Wed 10/23/2013 at 22:33:10.78
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\msntask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\homepage protection"
Successfully deleted: [Empty Folder] C:\Users\Gina\appdata\local\{0A9CB89A-5570-4E65-83F7-8E94EA521A6A}
Successfully deleted: [Empty Folder] C:\Users\Gina\appdata\local\{E6F03D62-31CA-49F1-8E41-71EF74BA289F}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 10/23/2013 at 22:45:19.36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~





aswMBR version 0.9.9.1771 Copyright© 2011 AVAST Software
Run date: 2013-10-24 06:24:36
-----------------------------
06:24:36.635 OS Version: Windows x64 6.1.7601 Service Pack 1
06:24:36.635 Number of processors: 1 586 0x170A
06:24:36.635 ComputerName: GINA-PC UserName: Gina
06:24:38.055 Initialize success
06:24:51.469 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
06:24:51.469 Disk 0 Vendor: Hitachi_HTS545016B9A300 PBBOCA0G Size: 152627MB BusType: 11
06:24:51.578 Disk 0 MBR read successfully
06:24:51.578 Disk 0 MBR scan
06:24:51.594 Disk 0 unknown MBR code
06:24:51.594 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 199 MB offset 2048
06:24:51.594 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 140272 MB offset 409600
06:24:51.641 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 12154 MB offset 287686656
06:24:51.672 Disk 0 scanning C:\Windows\system32\drivers
06:25:00.361 Service scanning
06:25:03.325 Service BHDrvx64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\BASHDefs\20131022.001\BHDrvx64.sys **LOCKED** 5
06:25:06.367 Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
06:25:06.742 Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
06:25:10.782 Service IDSVia64 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\IPSDefs\20131023.002\IDSvia64.sys **LOCKED** 5
06:25:15.587 Service NAVENG C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20131023.024\ENG64.SYS **LOCKED** 5
06:25:15.727 Service NAVEX15 C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_18.1.0.37\Definitions\VirusDefs\20131023.024\EX64.SYS **LOCKED** 5
06:25:22.451 Service SRTSPX C:\Windows\system32\drivers\NAVx64\1207010.003\SRTSPX64.SYS **LOCKED** 5
06:25:23.340 Service SymDS C:\Windows\system32\drivers\NAVx64\1207010.003\SYMDS64.SYS **LOCKED** 5
06:25:23.496 Service SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS **LOCKED** 5
06:25:23.605 Service SymIRON C:\Windows\system32\drivers\NAVx64\1207010.003\Ironx64.SYS **LOCKED** 5
06:25:23.636 Service SymNetS C:\Windows\System32\Drivers\NAVx64\1207010.003\SYMNETS.SYS **LOCKED** 5
06:25:29.362 Modules scanning
06:25:29.362 Disk 0 trace - called modules:
06:25:29.393 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
06:25:29.393 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800334f500]
06:25:29.408 3 CLASSPNP.SYS[fffff8800117a43f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8002e36170]
06:25:29.408 Scan finished successfully
06:26:57.535 Disk 0 MBR has been saved successfully to "C:\Users\Gina\Desktop\MBR.dat"
06:26:57.535 The log file has been saved successfully to "C:\Users\Gina\Desktop\aswMBR.txt"
  • 0

#6
dar124

dar124

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
So over the past couple of days, I have added additional RAM to get up to 4GB, I removed some of the HP bloatware programs, removed MS Works (didnt realize that was still being used??), removed the trial version of Office 2007, installed a fresh copy of Office 2007, removed some items from the msconfig startup and manually ran Windows update a few times.

I'm still thinking (hoping) that there are some items that need to be cleaned up because the laptop is still running slow. It's better than it was, but still doesnt seem quite right.
  • 0

#7
blmadara

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi dar124,

Step One: Sidebar Advice

Your log shows Windows sidebar running. I recommend that you disable the sidebar.

There is a security vulnerability in Windows Sidebar and Gadgets. Windows Sidebar(gadgets) can compromise the security of the computer it is running on as mentioned here. So it would be best to disable this feature.

Download the Disable Windows Sidebar and Gadgets Fix-it to your desktop.

Double-click on MicrosoftFixit50906.msi and follow the prompts to disable Windows sidebar and gadgets. Once finished, reboot your computer if not advised to do so.

Step Two: OTL Fix

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot


Note: If you are using the pro version or trial version of Malwarebytes 1.6 or higher please disable it for the duration of this fix as it may interfere with the successful execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.



Run OTL
Posted Image
  • Under the Custom Scans/Fixes box at the bottom, paste in the following (do not copy the word "quote")

    :Commands
    [createrestorepoint]

    :OTL
    O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
    O2 - BHO: (hpBHO Class) - {ABD3B5E1-B268-407B-A150-2641DAB8D898} - C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll (AOL Products)
    O3 - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
    O4 - HKU\S-1-5-21-1063068385-1061194901-4117872327-1000..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe File not found
    O4 - HKU\.DEFAULT..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
    O4 - HKU\S-1-5-18..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft....?LinkID=122915" /build:7601 File not found
    O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
    O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done and post the log it produces in your next reply.

Step Three: Maleware Bytes' Anti-Malware

Malwarebytes' Anti-Malware
Please download Malwarebytes' Anti-Malware from here or here

Double Click mbam-setup.exe to install the application. Please do not accept the trial right now.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish, so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy & Paste the entire report in your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

Step Four: ESET Online Scanner

Please run a free online scan with the ESET Online Scanner
Note: You will need to use Internet Explorer running in admin mode for this scan. To do this right click on Internet Explorer and pick Run as administrator.
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • When asked, allow the ActiveX control to install
  • Click Start
  • Make sure that the option Remove found threats is not checked.
  • Make sure that the option Scan unwanted applications is checked
  • Click Scan (This scan can take several hours, so please be patient)
  • Once the scan is completed, you may close the window
  • Use Notepad to open the logfile located at C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic

Step Five: Security Check

Download Security Check by screen317 from here or here.
  • Save it to your Desktop.
  • Right click SecurityCheck.exe, select Run as administrator, and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Step Six: What problems remain?

Please let me know how your computer is running and what specific problems remain.

What I need in your next post:
1. The OTL Fix log.
2. The MBAM report.
3. The ESET Online Scanner log, C:\Program Files (x86)/ESET/ESET Online Scanner\log.txt.
4. The Security Check log, checkup.txt.
5. What symptoms remain?
  • 0

#8
dar124

dar124

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Ok, I disabled the Windows Sidebar, ran the OTL, MBAM, ESET & Security Check scans. The logs are posted below.

The PC definitely seems to be running better/faster. Occasionally it'll lag a bit, but I'm thinking that it's probably the Norton Antivirus that's causing this. I'd personally remove it and go with Avast or MSE (which I'm using on my home desktop & laptop), but this isn't my laptop and there's multiple months left on their subscription.

I'll use the laptop a bit over the weekend, monitor its performance and report back here. Let me know if you see anything in these scan logs or if there's anything else I need to do. Thanks again.



All processes killed
========== COMMANDS ==========
Restore point Set: OTL Restore Point
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ABD3B5E1-B268-407B-A150-2641DAB8D898}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ABD3B5E1-B268-407B-A150-2641DAB8D898}\ deleted successfully.
File C:\Program Files (x86)\Common Files\Homepage Protection\HomepageProtection.dll not found.
Registry value HKEY_USERS\S-1-5-21-1063068385-1061194901-4117872327-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{604BC32A-9680-40D1-9AC6-E06B23A1BA4C}\ not found.
Registry value HKEY_USERS\S-1-5-21-1063068385-1061194901-4117872327-1000\Software\Microsoft\Windows\CurrentVersion\Run\\MobileDocuments deleted successfully.
Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview deleted successfully.
Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview not found.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\Gina\Desktop\cmd.bat deleted successfully.
C:\Users\Gina\Desktop\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Gina
->Temp folder emptied: 19865310 bytes
->Temporary Internet Files folder emptied: 190782004 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 0 bytes
->Flash cache emptied: 492 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 139336895 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 43259104 bytes
%systemroot%\sysnative\config\systemprofile\AppData\LocalLow\Sun\Java\Deployment folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 375.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 10252013_160801

Files\Folders moved on Reboot...
C:\Users\Gina\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VWSZVFRH\334401-hp-g60-laptop-running-slow[2].htm moved successfully.
C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\7A7E08C8-3FF5-45F2-873D-A84D669DC82F.dat moved successfully.
C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\MSIMGSIZ.DAT moved successfully.
C:\Users\Gina\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...





Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.25.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16721
Gina :: GINA-PC [administrator]

10/25/2013 4:19:03 PM
mbam-log-2013-10-25 (16-19-03).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 199658
Time elapsed: 8 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)






C:\AdwCleaner\Quarantine\C\Program Files (x86)\FunWebProducts\Installr\1.bin\F3EZSETP.DLL.vir a variant of Win32/FunWeb.AA application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FunWebProducts\Installr\1.bin\F3PLUGIN.DLL.vir Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\FunWebProducts\Installr\1.bin\NPFUNWEB.DLL.vir Win32/Toolbar.MyWebSearch application cleaned by deleting - quarantined






Results of screen317's Security Check version 0.99.74
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 10
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Norton AntiVirus
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware version 1.75.0.1300
Java 7 Update 45
Java version out of Date!
Adobe Flash Player 11.9.900.117
Adobe Reader 9 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Norton AntiVirus Engine 18.7.1.3 ccSvcHst.exe
Symantec Norton Online Backup NOBuAgent.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
  • 0

#9
blmadara

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
Hi dar124,

Congratulations, your logs appear clean again! Now we have some cleanup to do.

Uninstall AdwCleaner

  • Right-click on AdwCleaner.exe and select Run as Administrator to start the program.
  • Click on Uninstall, then Yes, to fully remove the application and its log(s) plus quarantined items.

Clean up with OTL

Run OTL.
  • Under the Custom Scans/Fixes box at the bottom, paste in the following:
    :Commands 
    [createrestorepoint]
    [emptytemp] 
    
  • Then click the Run Fix button at the top.
  • Let the program run unhindered, reboot the PC when it is done.

  • Right click on OTL and select Run as administrator, to run it.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the Cleanup button
  • Say Yes to the prompt and then allow the program to reboot your computer.

Note: If any logs/tools remain on your desktop > right click and delete them.

Delete System Restore Points

Follow the instructions here to delete all but the most recent restore point.


Update JAVA

JAVA is out of date. It's very important that you keep your computer updated with the latest version of JAVA.

  • Go to this website, and click on Do I have Java?.
  • This will check your current version of Java and offer you an update if one is available.

Update Adobe Reader

Adobe Reader is out of date. It's very important that you keep your computer updated with the latest Adobe updates.
  • Open Adobe Reader.
  • Click Help on the menu at the top.
  • Click Check for Updates.
  • Allow any updates to be downloaded and installed.

Preventative Programs

Anti Spyware

I recommend updating and scanning with MalwareBytes Anti-Malware once a week to rid your system of spyware.


Anti-Virus Software Advice

Your anti-virus software, Norton, is setup to download and install updates as they become available. I also advise that you run a full scan weekly, to further protect yourself.

Temp File Cleaner

Finally, it is a good idea to clear out all your temp files every now and then. This will help keep your computer from slowing down and it can also assist in getting rid of files that may contain malicious code that could re-infect your computer.
  • TFC is a great tool to clean temporary files.

Update Windows

It is important to keep your operating system updated. To enable Automatic Updates so that updates are downloaded and installed automatically, click here.


I advise you to read both articles listed below. They are loaded with information that will help you keep your computer running well.

Help! My computer is slow!

What to do if your Computer is running slowly

Finally, to learn more about how to protect yourself while on the internet read How did I get infected?

I will keep this thread open for a few days, so if you have any further problems post another reply here.
  • 0

#10
dar124

dar124

    Member

  • Topic Starter
  • Member
  • PipPip
  • 87 posts
Everything is cleaned up and the laptop seems to be running a lot better. Thanks for your assistance!!!
  • 0

#11
blmadara

blmadara

    Trusted Helper

  • Malware Removal
  • 767 posts
You're welcome!! Glad I could help!!
  • 1

#12
Dakeyras

Dakeyras

    Anti-Malware Mammoth

  • Expert
  • 9,684 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP