1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

In Progress Laptop is working quite slow

Discussion in 'Virus & Other Malware Removal' started by Pooja26, Oct 22, 2015.

Thread Status:
Not open for further replies.
Advertisement
  1. Pooja26

    Pooja26 Thread Starter

    Joined:
    Oct 22, 2015
    Messages:
    4
    I am using a laptop which is around 3 years old.hp G56.
    The laptop did work quite well in the past but now I am facing great problems.
    Even I formatted the laptop but still it would work slow.that is even the files would not open quickly.
    Can you suggest me please some ways.
     
  2. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
    Hi Pooja26,
    Note at the top of this forum page:
    Everyone MUST read this BEFORE posting for help in this forum
    Please follow the instructions there : http://forums.techguy.org/virus-other-malware-removal/943214-everyone-must-read-before-posting.html
    Post the required log from TSG SysInfo, and it will enable someone to help. Providing help may not be feasible otherwise.

    -----------------------------------------------------------
    Download and Run the Farbar Scan Tool
    • If your system is 32-bit:
      Download FRST and save to your Desktop.
    • If your system is 64-bit:
      Download FRST64 and save to your Desktop.
    • Double click FRST.exe or FRST64.exe to launch it.
      • When the tool opens click Yes to disclaimer.
      • Press the Scan button.
      • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
      • Please post them in your next reply.
    If you lose track of them, they will be saved in the same location as FRST.exe (or FRST64.exe).
    Feel free to use separate replies if it's more convenient.

    askey27
     
  3. Pooja26

    Pooja26 Thread Starter

    Joined:
    Oct 22, 2015
    Messages:
    4
    Can you please find the attachment here.
     

    Attached Files:

  4. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
    Pooja26,
    The file FRST.txt is not complete.

    Please be sure to copy the entire file, and then paste it in a reply here.
    You don't need to attach it, and it's a bit easier for us if you don't.

    If you can get it posted, I will be able to respond promptly.
    askey127
     
  5. Pooja26

    Pooja26 Thread Starter

    Joined:
    Oct 22, 2015
    Messages:
    4
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-11-2015
    Ran by hp (administrator) on HP-HP (29-11-2015 09:24:54)
    Running from C:\Users\hp\Downloads
    Loaded Profiles: hp (Available Profiles: hp)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 8 (Default browser: Chrome)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
    () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
    (Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
    (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Recovery\RecoveryMgr.exe
    (Hewlett-Packard Development Company L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe
    (CyberLink) C:\Program Files (x86)\Hewlett-Packard\Recovery\Install_AP.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
    (Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Microsoft Corporation) C:\Windows\System32\msiexec.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\wusa.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2097960 2010-04-23] (Synaptics Incorporated)
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6245408 2010-05-26] (Realtek Semiconductor)
    HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-19] (Hewlett-Packard Company)
    HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-06-17] (Advanced Micro Devices, Inc.)
    HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [602168 2010-06-30] (Hewlett-Packard Company)
    HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1136552 2015-11-12] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-30] (AVG Technologies CZ, s.r.o.)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-2783028775-3592108905-3496048044-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-17] (Piriform Ltd)
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-10-12] (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{0D04A0FC-3742-4DD7-99AD-8C633B5A0934}: [DhcpNameServer] 40.1.1.100
    Tcpip\..\Interfaces\{D6E9C09A-C81C-4111-B005-1A60D701AA78}: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{F84738CA-7055-4C4E-88AF-5A3D2678B459}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT/1
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.msn.com/HPNOT/1
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
    HKU\S-1-5-21-2783028775-3592108905-3496048044-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.msn.com/HPNOT/1
    SearchScopes: HKLM -> DefaultScope {90C1526A-EECD-4A97-8A93-2965F32D0573} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {06640C17-A912-4197-800B-BDC0049C803E} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKLM -> {90C1526A-EECD-4A97-8A93-2965F32D0573} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM -> {942D1D08-4FAE-4200-9738-348D36D27352} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKLM -> {C03E0E33-13CC-4C88-B651-9FE1E64CBF3C} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKLM-x32 -> DefaultScope {90C1526A-EECD-4A97-8A93-2965F32D0573} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {06640C17-A912-4197-800B-BDC0049C803E} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKLM-x32 -> {90C1526A-EECD-4A97-8A93-2965F32D0573} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKLM-x32 -> {942D1D08-4FAE-4200-9738-348D36D27352} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKLM-x32 -> {C03E0E33-13CC-4C88-B651-9FE1E64CBF3C} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    SearchScopes: HKU\S-1-5-21-2783028775-3592108905-3496048044-1000 -> DefaultScope {90C1526A-EECD-4A97-8A93-2965F32D0573} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-2783028775-3592108905-3496048044-1000 -> {06640C17-A912-4197-800B-BDC0049C803E} URL = hxxp://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
    SearchScopes: HKU\S-1-5-21-2783028775-3592108905-3496048044-1000 -> {90C1526A-EECD-4A97-8A93-2965F32D0573} URL = hxxp://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox
    SearchScopes: HKU\S-1-5-21-2783028775-3592108905-3496048044-1000 -> {942D1D08-4FAE-4200-9738-348D36D27352} URL = hxxp://www.ask.com/web?q={searchterms}&l=dis&o=ushpl
    SearchScopes: HKU\S-1-5-21-2783028775-3592108905-3496048044-1000 -> {C03E0E33-13CC-4C88-B651-9FE1E64CBF3C} URL = hxxp://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-19] (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-11] (Sun Microsystems, Inc.)
    BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-19] (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-07-11] (Sun Microsystems, Inc.)
    Toolbar: HKU\S-1-5-21-2783028775-3592108905-3496048044-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
    Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)
    Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
    Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
    Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
    Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

    FireFox:
    ========
    FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2010-05-06] (Adobe Systems, Inc.)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll [2010-04-01] ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-10] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-10-10] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)

    Chrome:
    =======
    CHR Profile: C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-10]
    CHR Extension: (Google Docs) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-10]
    CHR Extension: (Google Drive) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
    CHR Extension: (YouTube) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-10]
    CHR Extension: (Google Search) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
    CHR Extension: (Google Sheets) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-10]
    CHR Extension: (Google Docs Offline) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
    CHR Extension: (Chrome Web Store Payments) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-10]
    CHR Extension: (Gmail) - C:\Users\hp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-10]

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-30] (AVG Technologies CZ, s.r.o.)
    R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1569416 2015-10-30] (AVG Technologies CZ, s.r.o.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-30] (AVG Technologies CZ, s.r.o.)
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-11-12] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-30] (AVG Technologies CZ, s.r.o.)
    R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [25800 2015-09-28] (Hewlett-Packard Company)
    R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [27192 2010-06-30] ()
    R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
    R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
    R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-04-20] (Realtek Semiconductor Corp.) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.)
    R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
    S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
    R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
    R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-11-29 09:23 - 2015-11-29 09:23 - 00000000 ____D C:\Users\hp\Downloads\FRST-OlderVersion
    2015-11-29 09:19 - 2015-11-29 09:19 - 00000000 ___HD C:\$Windows.~WS
    2015-11-29 09:15 - 2015-11-29 09:24 - 00000000 ____D C:\FRST
    2015-11-29 09:13 - 2015-11-29 09:13 - 07635472 _____ (Microsoft Corporation) C:\Users\hp\Downloads\GetWindows10-Web_Default_Attr (2).exe
    2015-11-29 08:47 - 2015-11-29 08:49 - 00985600 _____ C:\Users\hp\Downloads\MicrosoftFixit50123.msi
    2015-11-29 08:33 - 2015-11-29 08:33 - 00000000 __RSH C:\Windows\SysWOW64\Drivers\103C_HP_5335KV G N L CON B HP S G42_G42 Notebook PC_Y5335KV G N L CON B HP S G42_0U_QCNF0466BV6_E618010-001_4A_I1425_SHP_V54.57_F.37_T110407_WU3-1_L409_M1910_J250_7Intel_8655_92.27_#101105_N10EC8136;14E44727.MRK
    2015-11-29 08:33 - 2015-11-29 08:33 - 00000000 __RSH C:\Windows\system32\Drivers\103C_HP_5335KV G N L CON B HP S G42_G42 Notebook PC_Y5335KV G N L CON B HP S G42_0U_QCNF0466BV6_E618010-001_4A_I1425_SHP_V54.57_F.37_T110407_WU3-1_L409_M1910_J250_7Intel_8655_92.27_#101105_N10EC8136;14E44727.MRK
    2015-11-29 08:33 - 2015-11-29 08:33 - 00000000 ___HT C:\Windows\wusa.lock
    2015-11-29 08:33 - 2015-11-29 08:33 - 00000000 ____D C:\1e8ebab6000fb2213b7d253465cfb3
    2015-11-28 16:24 - 2015-11-28 16:24 - 00025869 _____ C:\Users\hp\Desktop\39967bos29614.pdf
    2015-11-28 16:14 - 2015-11-28 16:17 - 00000000 ____D C:\Users\hp\Desktop\cost
    2015-11-28 16:06 - 2015-11-28 16:06 - 00000000 ____D C:\Temp
    2015-11-28 16:06 - 2015-11-28 16:06 - 00000000 ____D C:\ProgramData\HTC
    2015-11-28 11:29 - 2015-11-28 11:29 - 07635472 _____ (Microsoft Corporation) C:\Users\hp\Downloads\GetWindows10-Web_Default_Attr (1).exe
    2015-11-27 21:04 - 2015-11-27 21:23 - 07635472 _____ (Microsoft Corporation) C:\Users\hp\Downloads\GetWindows10-sds_____________.exe
    2015-11-27 20:51 - 2015-11-27 20:53 - 07635472 _____ (Microsoft Corporation) C:\Users\hp\Downloads\GetWindows10-Web_Default_Attr.exe
    2015-11-22 16:42 - 2015-11-22 16:42 - 00068418 _____ C:\Users\hp\Documents\cc_20151122_164212.reg
    2015-11-22 16:32 - 2015-11-23 22:18 - 00000000 ____D C:\Users\hp\Downloads\HP Downloads
    2015-11-22 16:31 - 2015-11-22 16:42 - 01911936 _____ (Hewlett-Packard Company ) C:\Users\hp\Downloads\sp67743.exe
    2015-11-22 16:12 - 2015-11-22 16:12 - 00000000 ____D C:\$WINDOWS.~BT
    2015-11-20 21:08 - 2015-11-20 21:08 - 00000000 ____D C:\Users\Default\AppData\Roaming\TuneUp Software
    2015-11-20 21:08 - 2015-11-20 21:08 - 00000000 ____D C:\Users\Default User\AppData\Roaming\TuneUp Software
    2015-11-06 12:13 - 2015-11-19 13:19 - 00016718 _____ C:\Users\hp\Desktop\Satpreet - Sep, Oct..xlsx
    2015-11-06 11:09 - 2015-11-19 12:58 - 00016634 _____ C:\Users\hp\Desktop\Kirti Chandani - Sep, Oct..xlsx
    2015-11-06 11:09 - 2015-11-06 12:48 - 00019545 _____ C:\Users\hp\Desktop\satpreet jun ,jul & aug.xlsx
    2015-11-01 19:26 - 2015-11-01 19:26 - 00002231 _____ C:\Users\hp\Desktop\HP Support Assistant.lnk
    2015-11-01 19:26 - 2015-11-01 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
    2015-11-01 16:32 - 2015-11-01 16:32 - 00770556 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-11-01 15:28 - 2015-11-01 15:39 - 03774136 _____ (Oleg N. Scherbakov) C:\Users\hp\Downloads\HPSupportSolutionsFramework-12.0.30.81.exe
    2015-11-01 14:38 - 2015-11-01 14:38 - 00000000 ____D C:\Users\hp\AppData\Roaming\AVG
    2015-11-01 14:34 - 2015-11-20 21:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2015-11-01 14:34 - 2015-11-01 14:45 - 00000000 ____D C:\Users\hp\AppData\Local\CrashDumps
    2015-11-01 14:34 - 2015-11-01 14:34 - 00000000 ____D C:\Users\hp\AppData\Roaming\TuneUp Software
    2015-11-01 14:29 - 2015-11-01 14:29 - 00000000 ___HD C:\$AVG
    2015-11-01 14:03 - 2015-11-01 14:30 - 132417465 _____ C:\Users\hp\Downloads\win64_152824.zip
    2015-11-01 09:50 - 2015-11-01 09:55 - 00000000 _____ C:\Users\hp\AppData\Local\{B9996831-9E7E-47CB-9D00-0F6C49EA97DF}

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-11-29 09:24 - 2015-10-23 20:08 - 00017124 _____ C:\Users\hp\Downloads\FRST.txt
    2015-11-29 09:23 - 2015-10-23 20:05 - 02349056 _____ (Farbar) C:\Users\hp\Downloads\FRST64.exe
    2015-11-29 09:17 - 2009-07-14 08:50 - 00000000 ____D C:\Windows
    2015-11-29 09:09 - 2015-10-10 11:02 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-11-29 08:36 - 2009-07-14 10:15 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-11-29 08:36 - 2009-07-14 10:15 - 00023024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-11-29 08:33 - 2010-07-11 07:06 - 00000000 ____D C:\Program Files (x86)\Hewlett-Packard
    2015-11-29 08:29 - 2015-10-23 20:23 - 00000000 ____D C:\ProgramData\MFAData
    2015-11-29 08:26 - 2015-10-10 11:02 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-11-29 08:26 - 2015-07-20 16:20 - 00000000 ____D C:\Users\hp
    2015-11-29 08:26 - 2009-07-14 10:38 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-11-29 08:24 - 2010-07-11 08:48 - 00000000 ____D C:\ProgramData\CyberLink
    2015-11-29 08:24 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\rescache
    2015-11-29 08:24 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\registration
    2015-11-29 08:24 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\inf
    2015-11-28 15:44 - 2015-10-25 22:57 - 00000000 ____D C:\Users\hp\AppData\Local\ElevatedDiagnostics
    2015-11-28 15:14 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\system32\NDF
    2015-11-28 15:02 - 2009-09-07 07:27 - 00000000 ____D C:\Windows\Panther
    2015-11-22 16:32 - 2015-07-20 16:41 - 00000000 ____D C:\Users\hp\AppData\Local\Hewlett-Packard
    2015-11-21 20:00 - 2009-07-14 10:43 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-11-20 21:13 - 2015-10-23 20:19 - 00000896 _____ C:\Users\Public\Desktop\AVG.lnk
    2015-11-20 21:13 - 2015-10-23 20:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
    2015-11-20 21:06 - 2015-10-23 19:32 - 00000000 ____D C:\Users\hp\AppData\Local\Avg
    2015-11-19 11:38 - 2015-10-10 11:04 - 00002183 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-11-01 19:34 - 2015-07-20 16:35 - 00000000 ____D C:\Users\hp\AppData\Roaming\Hewlett-Packard
    2015-11-01 19:26 - 2010-07-11 07:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2015-11-01 19:25 - 2009-07-14 08:50 - 00000000 ____D C:\Windows\Help
    2015-11-01 19:22 - 2010-07-11 08:06 - 00000000 ____D C:\ProgramData\Hewlett-Packard
    2015-11-01 19:21 - 2015-07-20 16:46 - 00000000 ____D C:\Users\hp\AppData\Roaming\hpqLog
    2015-11-01 19:19 - 2010-07-11 09:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
    2015-11-01 17:00 - 2009-07-14 10:15 - 00430408 _____ C:\Windows\system32\FNTCACHE.DAT
    2015-11-01 15:45 - 2015-07-20 16:41 - 00116768 _____ C:\Users\hp\AppData\Local\GDIPFONTCACHEV1.DAT
    2015-11-01 15:14 - 2015-10-15 20:46 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
    2015-11-01 14:36 - 2015-10-18 12:13 - 00000000 ____D C:\Program Files\Common Files\AV
    2015-11-01 14:29 - 2015-10-23 19:48 - 00000000 ____D C:\ProgramData\Avg
    2015-11-01 14:27 - 2015-10-23 19:48 - 00000000 ____D C:\Program Files (x86)\AVG
    2015-11-01 14:14 - 2015-10-23 19:32 - 00000000 ____D C:\Users\hp\AppData\Local\AvgSetupLog

    ==================== Files in the root of some directories =======

    2015-10-23 11:05 - 2015-10-23 11:05 - 0000024 _____ () C:\Users\hp\AppData\Roaming\MyPhrases.dta
    2015-07-26 11:15 - 2015-07-26 11:15 - 0004096 ____H () C:\Users\hp\AppData\Local\keyfile3.drm
    2015-11-01 09:50 - 2015-11-01 09:55 - 0000000 _____ () C:\Users\hp\AppData\Local\{B9996831-9E7E-47CB-9D00-0F6C49EA97DF}
    2010-11-05 14:30 - 2010-11-05 14:30 - 0000032 _____ () C:\ProgramData\{051B9612-4D82-42AC-8C63-CD2DCEDC1CB3}.log
    2010-07-11 08:55 - 2010-07-11 08:55 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
    2010-11-05 14:29 - 2010-11-05 14:29 - 0000032 _____ () C:\ProgramData\{23F3DA62-2D9E-4A69-B8D5-BE8E9E148092}.log
    2010-07-11 08:49 - 2010-07-11 08:50 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
    2010-11-05 14:29 - 2010-11-05 14:29 - 0000032 _____ () C:\ProgramData\{4FC670EB-5F02-4B07-90DB-022B86BFEFD0}.log
    2010-11-05 14:30 - 2010-11-05 14:30 - 0000032 _____ () C:\ProgramData\{9867824A-C86D-4A83-8F3C-E7A86BE0AFD3}.log
    2010-07-11 08:48 - 2010-07-11 08:49 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
    2010-07-11 08:50 - 2010-07-11 08:55 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
    2010-11-05 14:30 - 2010-11-05 14:30 - 0000105 _____ () C:\ProgramData\{d36dd326-7280-11d8-97c8-000129760cbe}.log

    Some files in TEMP:
    ====================
    C:\Users\hp\AppData\Local\Temp\avguirn_081638203986.exe
    C:\Users\hp\AppData\Local\Temp\NetFramework45.exe
    C:\Users\hp\AppData\Local\Temp\UninstallHPTCA.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-11-22 19:13

    ==================== End of FRST.txt ============================
     
  6. Pooja26

    Pooja26 Thread Starter

    Joined:
    Oct 22, 2015
    Messages:
    4
    Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-10-2015 01
    Ran by hp (2015-10-23 21:19:41)
    Running from C:\Users\hp\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) (2015-07-20 10:50:28)
    Boot Mode: Normal
    ==========================================================


    ==================== Accounts: =============================

    Administrator (S-1-5-21-2783028775-3592108905-3496048044-500 - Administrator - Disabled)
    Guest (S-1-5-21-2783028775-3592108905-3496048044-501 - Limited - Disabled)
    hp (S-1-5-21-2783028775-3592108905-3496048044-1000 - Administrator - Enabled) => C:\Users\hp

    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

    ==================== Installed Programs ======================

    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
    ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
    Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.53.64 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.13) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
    Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
    ATI Catalyst Install Manager (HKLM\...\{ECD0D4B5-FFA9-6E1B-A08D-58E82EA5EEB9}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
    AVG (HKLM\...\AvgZen) (Version: 1.13.1.26255 - AVG Technologies)
    AVG Zen (Version: 1.13.1 - AVG Technologies) Hidden
    BB FlashBack Express 5 (HKLM-x32\...\BB FlashBack Express 5) (Version: 5.10.0.3715 - Blueberry)
    Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
    Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Camersoft Webcam Capture 2.2.32 (HKLM-x32\...\Camersoft Webcam Capture_is1) (Version: - Camersoft Studio)
    ccc-core-static (x32 Version: 2010.0617.855.14122 - ATI) Hidden
    CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
    CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1616 - CyberLink Corp.)
    CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
    CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.0.2511 - CyberLink Corp.)
    Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
    Escape Rosecliff Island (x32 Version: 2.2.0.95 - WildTangent) Hidden
    ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
    FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Final Drive Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
    FMW 1 (Version: 1.22.2 - AVG Technologies) Hidden
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.71 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
    Heroes of Hellas 2 - Olympia (x32 Version: 2.2.0.95 - WildTangent) Hidden
    HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
    HP Documentation (HKLM-x32\...\{7C36414C-DC87-4943-A525-BC1717BA17C9}) (Version: 1.1.1.0 - Hewlett-Packard)
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
    HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
    HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
    HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
    HP Quick Launch (HKLM-x32\...\{E342D296-DB9D-4FC7-ACB0-39926C0BFA16}) (Version: 2.1.5 - Hewlett-Packard Company)
    HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
    HP Software Framework (HKLM-x32\...\{E05DB9F9-C8E7-45F2-BE9E-76D4C447CE9B}) (Version: 4.0.39.1 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{CF1A69F1-4335-4322-A137-235E3AE36BB0}) (Version: 5.0.13.2 - Hewlett-Packard Company)
    HP Wireless Assistant (HKLM\...\{B5FC1E1B-E70D-45F1-8E40-A3C30698B323}) (Version: 4.0.9.0 - Hewlett-Packard Company)
    HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
    Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
    Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
    Jewel Quest 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
    LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
    LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
    Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
    PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
    Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
    Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
    PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
    PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.18.322.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6122 - Realtek Semiconductor Corp.)
    Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
    RtVOsd (HKLM\...\{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
    Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.18.0 - Synaptics Incorporated)
    Virtual Families (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    Wheel of Fortune 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
    Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
    Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

    ==================== Custom CLSID (Whitelisted): ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


    ==================== Restore Points =========================

    12-10-2015 22:40:41 Windows 7 Service Pack 1
    15-10-2015 20:50:20 Windows Update
    15-10-2015 21:46:46 Windows Update
    22-10-2015 11:01:30 Удалено: Oxford English Explanatory Dictionary
    22-10-2015 11:45:55 Удалено: Oxford English Explanatory Dictionary
    23-10-2015 11:00:59 Removed Norton Online Backup
    23-10-2015 11:05:02 Removed Tally9.1 Full
    23-10-2015 11:43:36 Removed CinemaNow Media Manager.

    ==================== Hosts content: ===============================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-14 08:04 - 2009-06-11 02:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


    ==================== Scheduled Tasks (Whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {0229F0D3-3ABF-4D21-8585-D536B48918B3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-06-22] (Hewlett-Packard Company)
    Task: {029CEC7A-EFFF-433B-81F4-7E4CE51B5E14} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-17] (Piriform Ltd)
    Task: {0CC5C618-861D-483E-924B-17A3536F40B3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
    Task: {24ECB538-49A2-4FFA-A6B1-9ED0F94E8EAC} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.)
    Task: {277F4525-8B59-4D3D-A6AD-3424B0A4BB17} - System32\Tasks\{9CD9A97A-2136-4982-8333-136DA0590D7A} => Chrome.exe hxxp://ui.skype.com/ui/0/7.13.0.101/en/abandoninstall?source=lightinstaller&page=tsInstall
    Task: {2BE188F5-9782-4605-959C-D1F33C326BAD} - System32\Tasks\{35576147-8B70-4C3D-BC0A-6262D3602741} => Chrome.exe hxxp://ui.skype.com/ui/0/7.13.0.101/en/abandoninstall?source=lightinstaller&page=tsInstall
    Task: {2EB39338-F511-43B7-BAE3-54FBD2D28846} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
    Task: {305884B6-C2FD-4093-8A6E-10D5152F908C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2010-06-22] (Hewlett-Packard Company)
    Task: {3F0B9A68-519F-471A-9810-D37B2232054E} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-08-06] (Symantec Corporation)
    Task: {80FA5BAF-F8DA-4500-BB28-30388E959AF5} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-25] ()
    Task: {B3261A0D-96C0-4EFA-9BA4-417BFC8EB276} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-10] (Google Inc.)
    Task: {C56FB7EF-7590-4136-A562-C0543F0F5FC6} - System32\Tasks\{10827B1D-07E8-4B7A-8BA1-5C41D2457DAE} => Chrome.exe hxxp://ui.skype.com/ui/0/7.13.64.101/en/abandoninstall?page=tsMain

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (Whitelisted) ==============

    2010-06-30 07:30 - 2010-06-30 07:30 - 00027192 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
    2010-06-11 05:12 - 2010-06-11 05:12 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
    2010-06-19 04:56 - 2010-06-19 04:56 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
    2010-06-19 04:56 - 2010-06-19 04:56 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
    2010-06-19 04:56 - 2010-06-19 04:56 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
    2010-02-10 07:28 - 2010-02-10 07:28 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
    2015-10-23 19:49 - 2015-10-23 19:46 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
    2015-07-20 16:03 - 2015-07-20 16:03 - 01605632 _____ () C:\Program Files (x86)\Blueberry Software\BB FlashBack Express 5\XECompat.bpl

    ==================== Alternate Data Streams (Whitelisted) =========

    (If an entry is included in the fixlist, only the ADS will be removed.)


    ==================== Safe Mode (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (Whitelisted) ===============

    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)


    ==================== Internet Explorer trusted/restricted ===============

    (If an entry is included in the fixlist, it will be removed from the registry.)


    ==================== Other Areas ============================

    (Currently there is no automatic fix for this section.)

    HKU\S-1-5-21-2783028775-3592108905-3496048044-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\hp\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.

    ==================== MSCONFIG/TASK MANAGER disabled items ==

    (Currently there is no automatic fix for this section.)


    ==================== FirewallRules (Whitelisted) ===============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    FirewallRules: [{10E64BF6-71FE-4B92-BFF4-128D348F8903}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe
    FirewallRules: [{09804204-2350-455E-86DC-2FAA82565AA0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
    FirewallRules: [{0405261C-D4F2-4233-A20F-F78842AEB7BA}] => (Allow) svchost.exe
    FirewallRules: [{E6534443-29CF-4DAE-8DAC-94CF5F16A975}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
    FirewallRules: [{36566958-5B85-4E0F-A545-EDD7D13D7B36}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE
    FirewallRules: [{0E1FD39C-7C2C-47F5-8E2C-BF8971636C63}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
    FirewallRules: [{5659C1E0-EDBF-4230-9FE2-A00469082148}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\MediaSmart\CinemaNow\CinemaNow.exe
    FirewallRules: [{2AAAB5E1-B354-4725-9832-2F354CA0E5A3}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
    FirewallRules: [{0B69D9E9-22F5-45F9-B234-074B11883D2D}] => (Allow) C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowShell.exe
    FirewallRules: [{D042F636-E242-4079-AE1D-BFF5239B9089}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
    FirewallRules: [{F3BFA414-108C-4939-8255-B0379A2D7B4B}] => (Allow) C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{274D65A7-A49E-444C-8D1B-F68FD89D416A}] => (Allow) C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{F54BBF83-7718-45E2-95CB-CC5C9673DA76}] => (Allow) C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{C3CE602A-DA96-4C9C-BA20-E6386930782C}] => (Allow) C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{2C4185BB-2742-4D6B-8E38-E9C0FBE157BD}] => (Allow) C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{8140685A-CFE6-4457-ABD6-69C3CBC5244B}] => (Allow) C:\Users\hp\AppData\Roaming\uTorrent\uTorrent.exe
    FirewallRules: [{4321747C-0457-4C4D-96F4-0932C85CE378}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{C512EE74-E5C0-4A53-96E0-62A299EEC9F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

    ==================== Faulty Device Manager Devices =============

    Name: Intel(R) HD Graphics
    Description: Intel(R) HD Graphics
    Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
    Manufacturer: Intel Corporation
    Service: igfx
    Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12)
    Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table).
    You can use Device Manager to determine where the conflict is and disable the conflicting device.
    On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

    Name: PCI Simple Communications Controller
    Description: PCI Simple Communications Controller
    Class Guid:
    Manufacturer:
    Service:
    Problem: : The drivers for this device are not installed. (Code 28)
    Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (10/23/2015 09:14:27 PM) (Source: LogSys.Server) (EventID: 2) (User: )
    Description: Failed using protocol sequence: ncalrpc. Error 1740 (The endpoint is a duplicate.). PID=1172C:\Program Files (x86)\Blueberry Software\BB FlashBack Express 5\LogSysServer.exe

    Error: (10/23/2015 07:17:45 PM) (Source: ATIeRecord) (EventID: 16388) (User: )
    Description: ATI EEU Client event error

    Error: (10/23/2015 03:43:36 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Faulting application name: HPWMISVC.exe, version: 2.0.14.0, time stamp: 0x4c175e63
    Faulting module name: OLEAUT32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b972
    Exception code: 0xc0000005
    Fault offset: 0x00004660
    Faulting process id: 0x72c
    Faulting application start time: 0xHPWMISVC.exe0
    Faulting application path: HPWMISVC.exe1
    Faulting module path: HPWMISVC.exe2
    Report Id: HPWMISVC.exe3

    Error: (10/23/2015 03:43:16 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (10/23/2015 03:43:16 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.

    Context: Windows Application

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (10/23/2015 03:43:16 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: The gatherer object cannot be initialized.

    Context: Windows Application, SystemIndex Catalog

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (10/23/2015 03:43:16 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog

    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)

    Error: (10/23/2015 03:43:13 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.JetPropStore> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (10/23/2015 03:43:13 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: The Windows Search Service cannot load the property store information.

    Context: Windows Application, SystemIndex Catalog

    Details:
    The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

    Error: (10/23/2015 03:43:13 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


    System errors:
    =============
    Error: (10/23/2015 03:43:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: The HPWMISVC service terminated unexpectedly. It has done this 1 time(s).

    Error: (10/23/2015 03:43:42 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.

    Error: (10/23/2015 03:43:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Search service failed to start due to the following error:
    %%1053

    Error: (10/23/2015 03:43:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

    Error: (10/23/2015 03:43:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Search service failed to start due to the following error:
    %%1053

    Error: (10/23/2015 03:43:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

    Error: (10/23/2015 03:43:36 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

    Error: (10/23/2015 03:43:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Windows Search service failed to start due to the following error:
    %%1053

    Error: (10/23/2015 03:43:17 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

    Error: (10/23/2015 03:43:17 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1053WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
    Percentage of memory in use: 46%
    Total physical RAM: 1909.86 MB
    Available physical RAM: 1031.06 MB
    Total Virtual: 3819.72 MB
    Available Virtual: 1291.32 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:117.71 GB) (Free:81.66 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive d: (RECOVERY) (Fixed) (Total:17.22 GB) (Free:2.49 GB) NTFS ==>[system with boot components (obtained from drive)]
    Drive g: (New Volume) (Fixed) (Total:97.66 GB) (Free:64.53 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (Size: 232.9 GB) (Disk ID: 4BE9BCC0)
    Partition 1: (Active) - (Size=199 MB) - (Type=42)
    Partition 2: (Not Active) - (Size=117.7 GB) - (Type=42)
    Partition 3: (Not Active) - (Size=17.2 GB) - (Type=42)
    Partition 4: (Not Active) - (Size=103 MB) - (Type=42)

    ==================== End of Addition.txt ============================
     
  7. askey127

    askey127 Malware Specialist

    Joined:
    Dec 22, 2006
    Messages:
    3,720
    pooja26,
    --------------------------------------------------------
    First, download Internet Explorer 11 using the instruction here, and install it.
    https://www.microsoft.com/en-us/download/internet-explorer-11-for-windows-7-details.aspx
    ------------------------------------------------
    Remove Programs Using Control Panel
    From Start, Control Panel, click on Programs and Features
    Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

    AVG
    Java(TM) 6 Update 20 (64-bit)
    Java(TM) 6 Update 20

    Take extra care in answering questions posed by any Uninstaller.
    -----------------------------------------------------------
    REBOOT (RESTART) Your Machine
    -----------------------------------------------------------
    Download the Microsoft Security Essentials Installer
    The download is here: http://www.microsoft.com/security_essentials/
    Choose "Save As" and Save it to your desktop. Make sure you can find it.
    Install Microsoft Security Essentials

    Double Click the icon for the Microsoft Security Essentials installer.
    Let it install, update itself, run a scan and delete anything it finds.
    --------------------------------------------------------
    Run A Fix With FRST
    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
    (Both on the Desktop is OK, or both in the same folder elsewhere)

    Run FRST64 and press the FIX button just once, and wait. DO NOT PRESS THE SCAN BUTTON.
    If for some reason the tool needs a restart, please make sure you let the system restart normally.
    The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
    When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

    askey127
     

    Attached Files:

  8. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1158486

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice