Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

windows 8.1 SUPER SLOW [Solved]


  • This topic is locked This topic is locked

#1
demozast

demozast

    Member

  • Member
  • PipPip
  • 74 posts

My dad has his computer that is basically useless right now.  Its an HP omni 120.  I am trying to help him get the use of it back.  When he clicks Google Chrome it takes no less than 10 minutes per click to open any pages.  I have been waiting for an hour and a half JUST to post this.  He has the 64 bit system.  Here is the FRST logs.

 

Any help would be greatly appreciated :)

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015
Ran by Larry (administrator) on LARRYSCOMPUTER on 22-05-2015 23:01:29
Running from C:\Users\Larry\Downloads
Loaded Profiles: Larry & Guest (Available profiles: Larry & Guest)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Ai Squared) C:\Program Files (x86)\ZoomText 10.1\AiSquared.Magnification.Service.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Ai Squared ) C:\Program Files (x86)\ZoomText 10.1\ZoomTextHelperService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\nis.exe
(Microsoft Corporation) C:\Windows\System32\AtBroker.exe
(Ai Squared ) C:\Program Files (x86)\ZoomText 10.1\x64\ZtUac64.exe
(Ai Squared ) C:\Program Files (x86)\ZoomText Keyboard\ZoomTextKeyboard.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Apple Computer, Inc.) C:\Program Files (x86)\QuickTime\qttask.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6549136 2012-07-02] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-07] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491120 2012-07-02] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [77824 2014-05-20] (Apple Computer, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\WINDOWS\skipmetrosuite.exe,
HKU\S-1-5-21-2690978493-790239216-3970457346-1001\...\Run: [GarminExpressTrayApp] => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
HKU\S-1-5-21-2690978493-790239216-3970457346-1001\...\Run: [TWC.Win7] => C:\Program Files (x86)\The Weather Channel\Desktop Weather\TWC.Win7.exe [54608 2015-02-24] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\tray.exe [1010008 2015-04-08] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-05-21]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-21-2690978493-790239216-3970457346-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKU\S-1-5-21-2690978493-790239216-3970457346-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-21-2690978493-790239216-3970457346-1006\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPDSK13/1
HKU\S-1-5-21-2690978493-790239216-3970457346-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK13/1
HKU\S-1-5-21-2690978493-790239216-3970457346-1006\Software\Microsoft\Internet Explorer\Main,First Home Page = http://g.msn.com/HPDSK13/1
URLSearchHook: HKU\S-1-5-21-2690978493-790239216-3970457346-1001 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll (Yahoo! Inc.)
URLSearchHook: [S-1-5-21-2690978493-790239216-3970457346-501] ATTENTION ==> Default URLSearchHook is missing
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPDTDF
SearchScopes: HKLM -> {8E0E081D-FD81-46C2-AD92-3B939C17F151} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 -> {8E0E081D-FD81-46C2-AD92-3B939C17F151} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-2690978493-790239216-3970457346-1001 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPDTDF
SearchScopes: HKU\S-1-5-21-2690978493-790239216-3970457346-1001 -> {8E0E081D-FD81-46C2-AD92-3B939C17F151} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKU\S-1-5-21-2690978493-790239216-3970457346-1001 -> {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPDTDF
SearchScopes: HKU\S-1-5-21-2690978493-790239216-3970457346-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.co...54371-11896-2/4?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKU\S-1-5-21-2690978493-790239216-3970457346-1006 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll [2015-01-19] (Yahoo! Inc.)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-04] (Symantec Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn3\yt.dll [2015-01-19] (Yahoo! Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\BingExt.dll [2012-01-25] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 24.220.0.10 24.220.0.11
 
FireFox:
========
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2012-05-25] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-05] ()
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2015-05-16]
 
Chrome: 
=======
CHR Profile: C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-29]
CHR Extension: (Google Drive) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-29]
CHR Extension: (YouTube) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-29]
CHR Extension: (Google Search) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-29]
CHR Extension: (Bookmark Manager) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21]
CHR Extension: (Norton Identity Safe) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2014-08-20]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Norton Security Toolbar) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-08-19]
CHR Extension: (Google Wallet) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-24]
CHR Extension: (Gmail) - C:\Users\Larry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-29]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-20]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx [2015-03-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AiSquared ContinueUpdate; C:\Program Files (x86)\ZoomText 10.1\AiSquared.ContinueUpdate.Service.exe [30336 2014-07-01] (Ai Squared)
R2 AiSquared Magnification; C:\Program Files (x86)\ZoomText 10.1\AiSquared.Magnification.Service.exe [45696 2014-07-01] (Ai Squared)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)
R2 CrypKey License; C:\WINDOWS\system32\crypserv.exe [126976 2013-04-11] (CrypKey (Canada) Ltd.) []
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1429504 2015-03-04] (Microsoft Corporation)
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-17] (WildTangent)
S3 GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [197632 2014-04-17] (WildTangent, Inc.) []
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [708616 2015-04-08] (Garmin Ltd. or its subsidiaries)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) []
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35232 2012-07-19] (Hewlett-Packard)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.) []
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) []
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\NIS.exe [276336 2015-03-07] (Symantec Corporation)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) []
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-05-14] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-03] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-03] (Microsoft Corporation)
R2 ZoomText Helper Service; C:\Program Files (x86)\ZoomText 10.1\ZoomTextHelperService.exe [17024 2014-07-01] (Ai Squared )
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20150519.001\BHDrvx64.sys [1639128 2015-05-01] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1507000.00B\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows ® Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows ® Win 7 DDK provider)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-12-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2015-01-14] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20150521.003\IDSvia64.sys [671448 2015-03-27] (Symantec Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20150522.003\ENG64.SYS [129752 2015-05-05] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20150522.003\EX64.SYS [2137304 2015-05-05] (Symantec Corporation)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [31416 2013-04-11] ()
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1507000.00B\SRTSP64.SYS [876248 2014-08-25] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1507000.00B\SRTSPX64.SYS [37592 2014-08-25] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMDS64.SYS [493656 2013-07-31] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1507000.00B\SYMEFA64.SYS [1148120 2014-07-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1507000.00B\SymELAM.sys [23568 2013-07-31] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-08-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1507000.00B\SYMNETS.SYS [593112 2014-07-23] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-03] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-22 23:01 - 2015-05-22 23:02 - 00020447 _____ () C:\Users\Larry\Downloads\FRST.txt
2015-05-22 22:56 - 2015-05-22 23:01 - 00000000 ____D () C:\FRST
2015-05-22 22:42 - 2015-05-22 22:43 - 02108416 _____ (Farbar) C:\Users\Larry\Downloads\FRST64.exe
2015-05-16 07:32 - 2015-05-16 07:48 - 00000362 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLarry.job
2015-05-16 07:32 - 2015-05-16 07:32 - 00003176 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForLarry
2015-05-13 13:18 - 2015-04-30 15:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:18 - 2015-04-30 15:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:55 - 2015-04-09 19:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-13 11:55 - 2015-04-09 19:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-13 11:55 - 2015-03-17 12:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-13 11:55 - 2015-03-08 21:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-13 11:54 - 2015-04-30 18:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-13 11:54 - 2015-04-30 17:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-13 11:54 - 2015-04-13 17:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-13 11:54 - 2015-04-09 20:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-13 11:54 - 2015-04-09 19:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-13 11:54 - 2015-04-09 19:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-13 11:54 - 2015-04-02 19:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-13 11:54 - 2015-04-02 19:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-13 11:54 - 2015-04-01 17:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-13 11:54 - 2015-04-01 17:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-13 11:54 - 2015-03-31 22:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-13 11:54 - 2015-03-31 21:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-13 11:54 - 2015-03-19 20:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-13 11:54 - 2015-03-12 21:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-13 11:54 - 2015-03-12 20:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-13 11:54 - 2015-03-12 19:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-13 11:54 - 2015-03-03 20:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-13 11:54 - 2015-03-03 20:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-13 11:54 - 2015-01-29 19:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-13 11:54 - 2014-11-14 01:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-13 11:53 - 2015-04-24 16:32 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-05-13 11:53 - 2015-04-21 12:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-13 11:53 - 2015-04-21 11:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-13 11:53 - 2015-04-21 10:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-13 11:53 - 2015-04-21 10:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-13 11:53 - 2015-04-08 17:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-13 11:53 - 2015-03-30 00:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-13 11:53 - 2015-03-26 22:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-13 11:53 - 2015-03-26 21:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-13 11:53 - 2015-03-26 21:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-13 11:53 - 2015-03-12 23:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-13 11:53 - 2015-03-12 23:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-13 11:53 - 2015-03-10 20:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-13 11:53 - 2015-03-10 20:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-13 11:53 - 2015-03-05 22:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-13 11:53 - 2015-03-05 21:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-13 11:53 - 2015-03-05 21:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-13 11:53 - 2015-03-04 18:09 - 01429504 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-05-13 11:53 - 2015-02-17 18:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-13 11:52 - 2015-04-21 11:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-13 11:52 - 2015-04-21 11:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-13 11:52 - 2015-04-21 11:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-13 11:52 - 2015-04-21 11:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-13 11:52 - 2015-04-21 11:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-13 11:52 - 2015-04-21 11:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-13 11:52 - 2015-04-21 11:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-13 11:52 - 2015-04-21 11:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-13 11:52 - 2015-04-21 11:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-13 11:52 - 2015-04-21 11:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-13 11:52 - 2015-04-21 11:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-13 11:52 - 2015-04-21 11:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-13 11:52 - 2015-04-21 11:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-13 11:52 - 2015-04-21 10:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-13 11:52 - 2015-04-21 10:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-13 11:52 - 2015-04-21 10:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-13 11:52 - 2015-04-21 10:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-13 11:52 - 2015-04-21 10:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-13 11:52 - 2015-04-21 10:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-13 11:52 - 2015-04-21 10:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-13 11:52 - 2015-04-21 10:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-13 11:52 - 2015-04-21 10:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-13 11:52 - 2015-04-21 10:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-13 11:52 - 2015-04-21 10:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-13 11:52 - 2015-04-21 10:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-13 11:52 - 2015-04-21 10:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-13 11:52 - 2015-04-21 10:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-13 11:52 - 2015-04-21 10:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-13 11:52 - 2015-04-21 10:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-13 11:52 - 2015-04-21 10:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-13 11:52 - 2015-04-21 10:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-13 11:52 - 2015-04-21 10:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-13 11:52 - 2015-04-21 10:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-13 11:52 - 2015-04-21 09:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-13 11:52 - 2015-04-21 09:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-13 11:52 - 2015-03-12 19:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-22 22:03 - 2014-06-23 19:33 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-22 14:01 - 2014-04-24 20:21 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{6BE8AF0A-68EE-4362-B97D-F12158849659}
2015-05-22 12:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-22 07:04 - 2014-05-14 19:04 - 00000000 ___RD () C:\Users\Larry\OneDrive
2015-05-19 11:59 - 2014-04-25 07:50 - 00000000 ____D () C:\Users\Larry\Documents\Youcam
2015-05-19 09:08 - 2014-04-24 20:26 - 00000936 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-19 08:52 - 2014-05-14 15:13 - 02087566 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-18 14:58 - 2014-06-06 08:58 - 00003228 _____ () C:\WINDOWS\System32\Tasks\HPCeeScheduleForLARRYSCOMPUTER$
2015-05-18 14:58 - 2014-06-06 08:58 - 00000392 _____ () C:\WINDOWS\Tasks\HPCeeScheduleForLARRYSCOMPUTER$.job
2015-05-18 07:16 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-16 22:36 - 2014-05-14 14:56 - 00000000 ____D () C:\Users\Larry
2015-05-16 13:03 - 2014-04-24 20:26 - 00003908 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 13:03 - 2014-04-24 20:26 - 00003672 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 13:03 - 2014-04-24 20:26 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-16 10:45 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-16 09:49 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-16 09:44 - 2015-04-04 09:29 - 00000000 ___SD () C:\WINDOWS\SysWOW64\GWX
2015-05-16 09:44 - 2015-04-04 09:29 - 00000000 ___SD () C:\WINDOWS\system32\GWX
2015-05-16 09:38 - 2014-04-24 20:29 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2690978493-790239216-3970457346-1001
2015-05-16 09:11 - 2014-06-23 19:33 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-16 09:11 - 2014-06-23 19:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-16 09:11 - 2014-06-23 19:33 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-16 07:51 - 2012-08-31 23:56 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2015-05-16 07:48 - 2014-08-01 14:21 - 00009729 _____ () C:\WINDOWS\error.log
2015-05-16 07:48 - 2013-08-22 09:46 - 00302799 _____ () C:\WINDOWS\setupact.log
2015-05-16 07:48 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-16 07:47 - 2014-08-01 14:21 - 00012444 _____ () C:\WINDOWS\errord.log
2015-05-16 07:17 - 2014-05-10 07:55 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2015-05-14 07:44 - 2014-04-24 20:27 - 00002122 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-14 07:11 - 2013-08-22 09:44 - 00364800 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-13 22:13 - 2013-08-22 08:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-13 22:10 - 2013-08-22 10:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-13 22:10 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-13 13:14 - 2014-04-27 13:03 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-13 13:03 - 2014-04-27 13:03 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-13 12:48 - 2014-03-18 04:45 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 07:04 - 2014-03-18 04:54 - 00617654 _____ () C:\WINDOWS\PFRO.log
2015-05-12 11:58 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-06 14:00 - 2014-08-01 14:53 - 00000000 ____D () C:\Program Files (x86)\ZoomText Keyboard
2015-05-05 12:59 - 2014-12-11 09:06 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 12:59 - 2014-12-11 09:06 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Files in the root of some directories =======
 
2014-05-05 21:43 - 2014-05-21 13:23 - 0001130 _____ () C:\ProgramData\hpzinstall.log
2012-09-01 01:08 - 2012-09-01 01:08 - 0000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-05-16 09:38
 
==================== End of log ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015
Ran by Larry at 2015-05-22 23:03:34
Running from C:\Users\Larry\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2690978493-790239216-3970457346-500 - Administrator - Disabled)
Guest (S-1-5-21-2690978493-790239216-3970457346-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-2690978493-790239216-3970457346-1005 - Limited - Enabled)
Larry (S-1-5-21-2690978493-790239216-3970457346-1001 - Administrator - Enabled) => C:\Users\Larry
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Norton Internet Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Norton Internet Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton Internet Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Ai Squared Visual C++ MFC Runtime (x32 Version: 10.1.0.0 - Ai Squared) Hidden
Ai Squared Visual C++ Runtime (x32 Version: 1.0.0.0 - Ai Squared) Hidden
AMD Catalyst Install Manager (HKLM\...\{5F769CF4-5263-4C7B-AEB2-C06A73AE4428}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{3611CA6C-5FCA-4900-A329-6A118123CCFC}) (Version: 7.1.355.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
C4400 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CleanUp! (HKLM-x32\...\CleanUp!) (Version:  - )
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5510 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.1.3109 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1902 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.1.1925 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.1.4407 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Elevated Installer (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FastStone Image Viewer 5.1 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.1 - FastStone Soft)
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Garmin Express (HKLM-x32\...\{50755d67-ae60-4e47-b3d6-ce44d01b5a95}) (Version: 4.0.15.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 4.0.15.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-2690978493-790239216-3970457346-1001\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1202 - Hewlett-Packard)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP MyRoom (HKLM-x32\...\{F86E4094-7341-4990-BFF8-3B95A9729467}) (Version: 9.6.0235 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Photosmart C4400 All-In-One Driver Software 14.0 Rel. 6 (HKLM\...\{886E586A-9121-4515-9C18-2C04202614B2}) (Version: 14.0 - HP)
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
IBM ViaVoice TTS Runtime v6.610 -  UK English (HKLM-x32\...\{3972C18C-688F-4312-BE9A-3E065204C33D}) (Version:  - )
IBM ViaVoice TTS Runtime v6.610 -  US English (HKLM-x32\...\{C1A6B23C-438E-4D08-B508-4E830CA8F335}) (Version:  - )
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM-x32\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.7.0.11 - Symantec Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
PS_AIO_03_C4400_Software_Min (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\QuickTime) (Version:  - )
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.0.0 - Ralink)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6675 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5530 - CyberLink Corp.) Hidden
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TED Notepad (HKLM-x32\...\TED Notepad) (Version: 5.4.2 - Medvedik, Juraj Simlovic)
The Weather Channel App (HKLM-x32\...\{167158CE-1637-4167-8A1C-C2549EEA966A}) (Version: 1.00.0000 - The Weather Channel)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)
ZoomText 10.1 (HKLM-x32\...\{F7F20305-1476-4421-B909-BB5B90D1F222}) (Version: 10.1 - Ai Squared)
ZoomText 10.1 (Version: 10.10.6.28824 - AiSquared) Hidden
ZoomText 10.1 Speech Engine (Kate) (HKLM-x32\...\{915F5CEC-D8E5-4830-8C05-3C012F47BDD1}) (Version: 1.1.0.0 - Voiceware)
ZoomText 10.1 Speech Engine (Paul) (HKLM-x32\...\{1C211817-350B-488C-8142-555341F5C717}) (Version: 1.1.0.0 - Voiceware)
ZoomText Keyboard (HKLM-x32\...\{8194FEA4-99B6-4CC9-8880-8888FBAB7EA6}) (Version: 1.5 - Ai Squared)
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== Restore Points =========================
 
15-04-2015 09:54:00 Windows Update
08-05-2015 16:16:52 Scheduled Checkpoint
13-05-2015 12:47:08 Windows Update
21-05-2015 17:07:09 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {07AFCCB7-A626-4EA4-8FEC-9125932C6B5E} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-06] (Microsoft Corporation)
Task: {14256DB8-6DF9-45AB-B671-C15AC254AE9E} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe
Task: {14B872C9-ED54-4ACC-A2E9-1A45CAD02CCE} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {17332202-CD6C-4C39-9ACB-7E3E6D63C4D2} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2CF4D1C2-3F01-494D-B212-32C9F9A527F7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {35BD1B41-2CF1-476E-A627-38F937332B24} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {516AC3B6-0DCD-47CD-AB5C-87AAF110A1E4} - System32\Tasks\HPCeeScheduleForLARRYSCOMPUTER$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {6519257F-A5E3-4454-8D9C-A505A16B5290} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {774AB791-E17E-47D6-A410-621C5149CA0C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {9F339102-6155-40F9-9F83-2EE56474C421} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-24] (Google Inc.)
Task: {A9270BFA-0430-4EFE-86CD-216D88B05CEB} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe [2015-03-07] (Symantec Corporation)
Task: {B99AF2BC-F4A3-4044-B5F1-B557B4D683C6} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-06] (Microsoft Corporation)
Task: {BE17ECC9-7136-4E8E-AE28-7DD4089CFD24} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {BF8EDD85-A41A-461A-A79C-5680A7B5E539} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-24] (Google Inc.)
Task: {D0D6485D-8685-4CB7-9E09-6178673A5933} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {D0E54D91-97B3-44CC-BA02-CBF4E760D9E6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-13] (Microsoft Corporation)
Task: {DEBF2C1B-DEE2-43CA-AAAC-BABB3C9F7EA3} - System32\Tasks\HPCeeScheduleForLarry => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLarry.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForLARRYSCOMPUTER$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2012-07-19 20:06 - 2012-07-19 20:06 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-07-19 20:06 - 2012-07-19 20:06 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-07-19 20:07 - 2012-07-19 20:07 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2012-05-04 18:42 - 2012-05-04 18:42 - 00098304 _____ () c:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingNet4.dll
2012-09-01 00:18 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 13:34 - 2012-06-08 13:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-05-14 07:44 - 2015-05-04 23:06 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libglesv2.dll
2015-05-14 07:44 - 2015-05-04 23:06 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.152\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Users\Larry\OneDrive:ms-properties
AlternateDataStreams: C:\Users\Larry\Downloads\saved_message.eml:OECustomProperty
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-2690978493-790239216-3970457346-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Larry\AppData\Roaming\FastStone\FSIV\FSViewerWallPaper.bmp
HKU\S-1-5-21-2690978493-790239216-3970457346-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 24.220.0.10 - 24.220.0.11
 
==================== MSCONFIG/TASK MANAGER Error getting ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{B0D01BD5-082E-485B-82CA-97532D5A64C0}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1706CB02-59C4-4C0E-A906-FD3549DB8A1C}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{CC47CEBB-8377-415C-A518-C060FF21C18B}] => (Allow) LPort=1900
FirewallRules: [{5267F18F-B9AB-4DE1-A484-1368134C8989}] => (Allow) LPort=2869
FirewallRules: [{BAAE566E-E36C-44BD-AED5-FABB314CE211}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{1FDB8827-A4DD-4007-9843-6FD619E51ACD}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{D312DC56-56A0-4099-B93F-960118796F3B}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B64E49E5-94BF-449F-9A42-47B2E2169AEC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{139C8C47-8536-4B53-B90E-9A0B55EC7D02}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1C863A37-F92E-4E25-9BA2-FAC1BDE875FF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6AF60E05-21F4-4695-A0C0-A6E5A76FF70C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D68B816F-231E-4215-8EC4-0C67EF1C8D3E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C1BCE2CA-2F04-4386-B0B3-0A9382731BE3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{921C181B-CC3D-481D-949C-3D6833414E56}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{E08B8C18-E679-4F4D-B7A6-1A88A3C4DC4B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{1C3275E2-A756-4F69-B7EC-BD7508B12615}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{76C50D55-AA06-48A8-BEE9-840C4DD5D212}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{D62D9730-2AA3-44C5-B7A3-74EC7D503643}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BF93B5E1-3A20-470B-987B-730E62722C6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{D774F875-CB1A-43C9-BE70-4C715F2E3136}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{688A56E5-9AFF-4342-9573-4296F505FD85}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{483A1361-AD28-4303-90F4-5201986CBBAA}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{0FCFA85F-63DA-4B70-BA50-E68A48AF7C7C}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{58098E04-57EA-4EE5-A277-00DAE4A5D945}] => (Allow) C:\Program Files (x86)\ZoomText 10.1\Zt.exe
FirewallRules: [{79C42D97-E4DA-4604-B519-115C131E6877}] => (Allow) C:\Program Files (x86)\ZoomText 10.1\Zt.exe
FirewallRules: [{F40FE164-93A0-44C6-9CCF-6DC575EA26C5}] => (Allow) C:\Program Files (x86)\ZoomText 10.1\Zt.exe
FirewallRules: [{650FA4A0-2209-4EFC-A8F5-3095E470DCA4}] => (Allow) C:\Program Files (x86)\ZoomText 10.1\Zt.exe
FirewallRules: [{2516AE50-18F2-411F-868A-00EBD91349A0}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{29F778E6-9852-4E54-837B-A9933B4551AE}] => (Allow) LPort=53000
FirewallRules: [{4076EAEC-5BC5-44A2-992F-D9C0D53AB6D0}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPDeviceDetection3.exe
FirewallRules: [{6071DE37-B51E-4CEA-98F6-8D21EADBEF77}] => (Allow) LPort=52000
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/22/2015 10:57:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17667 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 77c
 
Start Time: 01d095043df14bd2
 
Termination Time: 0
 
Application Path: C:\WINDOWS\Explorer.EXE
 
Report Id: 8d827351-00ff-11e5-bee6-089e013b084a
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (05/22/2015 06:01:00 PM) (Source: Application) (EventID: 0) (User: )
Description: Object reference not set to an instance of an object.
 
Error: (05/22/2015 06:00:59 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 06:00:59 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 05:52:38 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 05:22:38 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 04:52:38 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 04:22:37 PM) (Source: Application) (EventID: 0) (User: )
Description: Object reference not set to an instance of an object.
 
Error: (05/22/2015 04:22:36 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 04:22:36 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
 
System errors:
=============
Error: (05/22/2015 11:03:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Experience service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 11:00:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Group Policy Client service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 10:57:36 PM) (Source: DCOM) (EventID: 10010) (User: LARRYSCOMPUTER)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (05/22/2015 10:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 10:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 10:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 10:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 10:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 10:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (05/22/2015 10:56:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
 
Microsoft Office:
=========================
Error: (05/22/2015 10:57:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.1766777c01d095043df14bd20C:\WINDOWS\Explorer.EXE8d827351-00ff-11e5-bee6-089e013b084a
 
Error: (05/22/2015 06:01:00 PM) (Source: Application) (EventID: 0) (User: )
Description: Object reference not set to an instance of an object.
 
Error: (05/22/2015 06:00:59 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 06:00:59 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 05:52:38 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 05:22:38 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 04:52:38 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 04:22:37 PM) (Source: Application) (EventID: 0) (User: )
Description: Object reference not set to an instance of an object.
 
Error: (05/22/2015 04:22:36 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
Error: (05/22/2015 04:22:36 PM) (Source: Application) (EventID: 0) (User: )
Description: Value cannot be null.
Parameter name: key
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-08-04 17:25:48.491
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-04 17:25:48.201
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-04 16:41:41.993
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-04 16:41:41.527
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-03 20:38:40.604
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
  Date: 2014-08-03 20:38:39.758
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 
 
==================== Memory info =========================== 
 
Processor: AMD E1-1200 APU with Radeon™ HD Graphics
Percentage of memory in use: 42%
Total physical RAM: 3660.03 MB
Available physical RAM: 2108.59 MB
Total Pagefile: 4937.42 MB
Available Pagefile: 2908.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:444.06 GB) (Free:394.37 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:19.78 GB) (Free:2.47 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: D370BA94)
 
Partition: GPT Partition Type.
 
==================== End of log ============================
 

  • 0

Advertisements


#2
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello and Welcome! :welcome:

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  The Staff at Geeks To Go are ALL volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.  PLEASE be patient. ;)

I am currently in training, so there will be another person reviewing my work.  This may cause a bit of a delay in my responses, but on the positive side, you will have two sets of eyes reviewing your logs instead of one... :cool:
 

  • Please note that you should have Administrator rights to perform any fixes.
     
  • Before we proceed, you may wish to print instructions for easy reference during the fix.  Please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
     
  • Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  
     
  • Please do not make any system or program changes, or run any tools unless I specifically ask you to.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.    If you get stuck or have questions, please stop and ask so I can help you.
     
  • Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.
     
  • When posting logs, please Copy & Paste the log file contents into a reply.  Use multiple posts if necessary, but please do not attach them or post them on a file hosting site.

I'm sorry for the delay you have had in waiting for a response, and I do thank you for your patience. 

 

OK, let's get this sorted out...

Now

I have some questions for you:

 

  • When did the issues first start happening?
  • If you close out Chrome, do you see the same slow downs using Internet Explorer?
  • Are you a paid Malwarebytes Anti-Malware user?

 

Second

Check on the Norton Security Toolbar Extension in Google Chrome

 

  • Open Chrome
  • At the top right, click the "Customize and control Google Chrome" menu button (3 horizontal gray stripes).
  • Select Settings
  • In the left column, select Extensions
  • Scroll down in the list to look for Norton Security Toolbar
  • If you find it, let me know what version is shown next to it.
  • If you find it, let me know if it is enabled or not.
  • If it is enabled, you can try unchecking the box to see if that helps.  Close the Extensions tab and try browsing again.

 

Third

Scan with Security Check

Please download Security Check by Screen317 and save it to your Desktop.

  • Right-click on the downloaded program and select Run as Administrator to start the tool.
  • Follow onscreen instructions inside the black box. This scan shouldn't take very long.
  • Soon a notepad document called checkup.txt will open automatically.

 

Please include the contents of that document in your next reply, along with the answers to my questions above. :)


  • 0

#3
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Please also repeat the Second step with Norton Identity Safe Chrome extension, and let me know the same things about it under Chrome > Settings > Extensions:)


  • 0

#4
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

ok, He said its been real bad for a couple of weeks.  We never use Internet Explorer and I think we deleted it off this machine.  The Malwarebytes is the free version also.  

 

 

Norton Security Toolbar 2014.7.12.12

 

 

 Results of screen317's Security Check version 1.002  

   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.152) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 
 
This is what came up, but I DID have to disable Norton to ru it.  Norton thought it was harmful and blocked it.
 
 
 
Thanks in advance for your help :)

  • 0

#5
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

I can assure you that any tools we here ask you to run are tested and safe to use.  Security programs like Norton will sometimes try to block them because they can access and/or make system level changes.  In particular, I find Norton to be among the most finicky.  :)

 

OK, your log shows you have Internet Explorer 11 installed, yet I don't see it in your Installed Programs.  It's the same in my Virtual Machine (not listed in FRST), so there's a good chance you actually do have it.  :)

 

Please try to run Internet Explorer using the following steps:

  1. Press the Windows + S keys to open the Search dialog.
  2. In the box, type Internet Explorer
  3. You should see it in the list that appears.  If you do, just hit Enter to open it.
  4. See if your browsing is super slow like with Chrome.

 

If you do not see Internet Explorer in the Search results, you can install it from here to test: Get Internet Explorer.

 

 

Questions:

  1. What do you mean by "deleted Internet Explorer"?  Was it properly uninstalled through Control Panel > Programs and Features, or maybe it was the shortcut that was deleted?
     
  2. Did you find/try disabling the Norton Security Toolbar and/or Norton Identity Safe Chrome extensions like I asked?  What results can you tell me about this?

  • 0

#6
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Internet Explorer is slow also.  I bet just the shortcut was deleted so Chrome would be the only one my dad could use.  ( I have the exact set up and IE was horrible to use on this).  Norton toolbar was not enabled and I disabled the Norton Identity Safe just now.

 

 

Everything still runs super slow so no change as of yet.

 

Thanks

 

Kirk


  • 0

#7
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

I am still reviewing/discussing your case here and will be back soon with further steps.

 

Thanks for your patience.  :)


  • 0

#8
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello demozast,

 

I'd like you to perform what is called "Clean Boot Troubleshooting" for me.

 

Please follow the instructions carefully at this page:  Troubleshoot Problem with Clean Boot in Windows 8

 

If you have any questions, please stop and ask.  :geek:


  • 0

#9
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

I do understand that this can be a lengthy process.  What I'm most interested in right now is if the computer runs better when you complete only the steps in Part One of the instructions at the link I gave you in my last post.

 

If the computer is running better after completing only Part One, then please do complete Part Two and leave the offending entry (entries) unchecked for now, and let me know.

 

If the computer is not running better after completing only Part One, please let me know this as well.


  • 0

#10
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello demozast,

 

Just checking in as it has been a couple of days since my last post and I haven't heard back from you.

 

Do you still need help, or have any questions that I can answer for you?

 

Please advise me of your status with this help thread.  Thanks.

 

-Dan


  • 0

Advertisements


#11
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

ok.  I just got done with the clean boot troubleshooting page.  Once it is restarted it seems to be working like normal again.  I left everything disabled yet though.  Was I supposed to do something else after this?

 

Thanks for your help and patience with me :)


  • 0

#12
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

No problem, and thank you for letting me know.  I'm glad you're still with me here.

 

Please describe as best as you can the steps you have taken and where you are in the Troubleshoot Problem with Clean Boot in Windows 8 process that I linked to.

 

Did you just disable all non-Microsoft services, and disable all Start-Up items like it says in Part One?   Or did you proceed through Part Two to isolate the offending items, re-checking half at a time and rebooting to test? 

 

We don't want to leave the system running with everything unchecked.  This can keep Anti-Virus and other protection disabled!   I do realize that Part Two can take some time to work through.  Unfortunately, this is one of those things that I can't do for you remotely or through a scripted process.  I need you to help me to help you:D

 

Please take your time and do the best you can...


  • 0

#13
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

If you need some help with this, please let me know. 

 

The process really just involves unchecking all non-Microsoft services, which it sounds like you've done.  If the problem is gone, then enable half of the unchecked non-Microsoft services, reboot and test if the issue is there.  If the issue comes back, uncheck half of the ones you checked before rebooting, and reboot again.

 

If the issue is not there, just enable half of the rest of the non-Microsoft services and reboot.  Repeat until you isolate the service which is causing the problem.  This could be as many as 20-25 reboots.

 

Important: 

 

If you disable all non-Microsoft services, you are likely disabling any Anti-Virus/Anti-Spyware protection too, so this is for troubleshooting only and not for daily running of the computer.

 

It would be best to disconnect from the Internet while doing this to be best protected from threats.


  • 0

#14
demozast

demozast

    Member

  • Topic Starter
  • Member
  • PipPip
  • 74 posts

Just letting you know Im still working on it.  I have very limited time to get on this computer, but so far what ive done is all of step one and am about halfway done with step 2.  Norton enabled itself, but I only have 8 or so to enable again till im done.

 

Thanks

 

Kirk


  • 0

#15
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Just letting you know Im still working on it.  I have very limited time to get on this computer, but so far what ive done is all of step one and am about halfway done with step 2.  Norton enabled itself, but I only have 8 or so to enable again till im done.

 

Thanks

 

Kirk

Awesome news, Kirk!  Thanks for the feedback, and I'm really glad you're working on it. :D

 

The Norton thing is actually good, as it's protecting the machine.  Based on your Step One results, I see no reason why we wouldn't be able to entirely resolve this.

 

Just post back here when you are ready.  :thumbsup:


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP