Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

PC does not sleep when it should [Solved]


  • This topic is locked This topic is locked

#1
wayneman50

wayneman50

    Member

  • Member
  • PipPipPip
  • 587 posts

In Windows 7, in Power Options, I have selected Balanced (recommended) for when to put my computer to sleep. Sometimes it goes to sleep after the specified time, often it does not. Sometimes it wakes up in the middle of sleep without me touching anything. All of this is for no apparent reason. I have tried closing all applications I normally have open - Firefox, Word, Excel, etc. I have looked at Task Manager. I don't see anything unusual running. I have run scans with Security Essentials, AVG, Super Anti-Spyware and Malwarebytes. They didn't find anything.

 

Thank you.

 

 

OTL logfile created on: 7/26/2014 8:33:48 PM - Run 4
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\WAYNE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.29 Gb Available Physical Memory | 57.23% Memory free
8.00 Gb Paging File | 4.53 Gb Available in Paging File | 56.59% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.63 Gb Total Space | 247.91 Gb Free Space | 42.48% Space Free | Partition Type: NTFS
Drive D: | 12.44 Gb Total Space | 1.53 Gb Free Space | 12.34% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 31.41 Gb Free Space | 6.74% Space Free | Partition Type: NTFS
 
Computer Name: WAYNE-HP | User Name: WAYNE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/07/26 20:32:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WAYNE\Desktop\OTL.exe
PRC - [2014/07/24 09:01:31 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014/06/27 14:27:12 | 001,056,976 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2014/06/24 16:00:52 | 000,046,144 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr_im.exe
PRC - [2014/06/24 16:00:46 | 000,067,136 | ---- | M] (Raptr, Inc) -- C:\Program Files (x86)\Raptr\raptr.exe
PRC - [2014/06/22 13:55:59 | 000,159,768 | ---- | M] () -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe
PRC - [2014/06/17 17:56:02 | 000,242,216 | ---- | M] (Foxit Corporation) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014/06/17 16:18:02 | 005,179,408 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014/06/05 04:19:38 | 000,093,040 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2014/06/05 04:19:36 | 000,248,176 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2014/05/21 09:32:02 | 001,721,416 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
PRC - [2014/01/14 15:46:38 | 003,140,608 | ---- | M] () -- C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013/11/04 08:42:08 | 000,660,184 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013/11/04 08:42:08 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/09/06 21:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2012/09/06 21:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2012/06/06 15:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2011/10/24 01:57:20 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/09/23 16:46:16 | 003,154,432 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
PRC - [2010/09/23 16:46:14 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\cbService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/23 13:31:44 | 000,401,920 | ---- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
PRC - [2009/10/23 13:31:44 | 000,326,144 | ---- | M] (Amazon.com) -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
PRC - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2006/08/17 10:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe
PRC - [2004/07/27 17:50:04 | 000,503,808 | ---- | M] (InstallShield Software Corporation) -- C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
PRC - [2003/08/29 20:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
PRC - [2003/08/29 12:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/07/24 09:01:12 | 003,800,688 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/06/17 20:56:00 | 002,717,595 | ---- | M] () -- C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
MOD - [2014/05/20 06:11:16 | 008,892,072 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\grooveintlresource.dll
MOD - [2014/05/13 19:26:54 | 001,662,464 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
MOD - [2014/05/13 19:26:54 | 000,494,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
MOD - [2014/05/13 19:26:52 | 005,812,736 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
MOD - [2014/05/13 19:26:52 | 000,313,856 | ---- | M] () -- C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
MOD - [2014/05/13 19:26:40 | 000,067,584 | ---- | M] () -- C:\Program Files (x86)\Raptr\sip.pyd
MOD - [2014/03/21 05:20:02 | 001,603,608 | ---- | M] () -- C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/14 15:46:38 | 003,140,608 | ---- | M] () -- C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2013/11/20 20:05:26 | 000,256,000 | ---- | M] () -- C:\Program Files (x86)\Raptr\amd_ags.dll
MOD - [2013/05/09 19:52:58 | 001,183,699 | ---- | M] () -- C:\Program Files (x86)\Raptr\liboscar.dll
MOD - [2013/05/09 19:52:58 | 000,483,306 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libicq.dll
MOD - [2013/05/09 19:52:56 | 000,495,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libaim.dll
MOD - [2013/05/03 14:57:16 | 001,640,221 | ---- | M] () -- C:\Program Files (x86)\Raptr\libjabber.dll
MOD - [2013/05/03 14:57:14 | 001,053,730 | ---- | M] () -- C:\Program Files (x86)\Raptr\libymsg.dll
MOD - [2013/05/03 14:57:06 | 000,655,356 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libirc.dll
MOD - [2013/05/03 14:57:04 | 000,603,326 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
MOD - [2013/05/03 14:57:02 | 000,474,199 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\ssl.dll
MOD - [2013/05/03 14:57:00 | 000,497,782 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
MOD - [2013/05/03 14:56:50 | 001,306,387 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libmsn.dll
MOD - [2013/05/03 14:56:46 | 000,565,461 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
MOD - [2013/05/03 14:56:44 | 000,506,276 | ---- | M] () -- C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
MOD - [2012/02/06 16:28:48 | 000,011,264 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Util._counter.pyd
MOD - [2012/02/06 16:28:42 | 000,031,744 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Cipher.AES.pyd
MOD - [2012/02/06 16:28:34 | 000,010,752 | ---- | M] () -- C:\Program Files (x86)\Raptr\Crypto.Random.OSRNG.winrandom.pyd
MOD - [2011/05/10 15:01:42 | 000,030,208 | ---- | M] () -- C:\Program Files (x86)\Raptr\simplejson._speedups.pyd
MOD - [2011/02/15 14:17:28 | 001,213,633 | ---- | M] () -- C:\Program Files (x86)\Raptr\libxml2-2.dll
MOD - [2011/02/15 14:17:28 | 000,417,501 | ---- | M] () -- C:\Program Files (x86)\Raptr\sqlite3.dll
MOD - [2010/11/22 19:06:22 | 000,055,808 | ---- | M] () -- C:\Program Files (x86)\Raptr\zlib1.dll
MOD - [2010/11/22 18:57:34 | 000,167,936 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32gui.pyd
MOD - [2010/11/22 18:57:34 | 000,111,104 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32file.pyd
MOD - [2010/11/22 18:57:34 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32api.pyd
MOD - [2010/11/22 18:57:34 | 000,036,352 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32process.pyd
MOD - [2010/11/22 18:57:34 | 000,016,384 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32trace.pyd
MOD - [2010/11/22 18:57:18 | 000,141,312 | ---- | M] () -- C:\Program Files (x86)\Raptr\gobject._gobject.pyd
MOD - [2010/11/22 18:57:06 | 000,263,168 | ---- | M] () -- C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
MOD - [2010/11/22 18:56:56 | 000,354,304 | ---- | M] () -- C:\Program Files (x86)\Raptr\pythoncom26.dll
MOD - [2010/11/22 18:56:56 | 000,110,592 | ---- | M] () -- C:\Program Files (x86)\Raptr\pywintypes26.dll
MOD - [2010/11/22 18:56:26 | 000,324,608 | ---- | M] () -- C:\Program Files (x86)\Raptr\PIL._imaging.pyd
MOD - [2010/11/22 18:56:02 | 000,805,376 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ssl.pyd
MOD - [2010/11/22 18:56:02 | 000,583,680 | ---- | M] () -- C:\Program Files (x86)\Raptr\unicodedata.pyd
MOD - [2010/11/22 18:56:02 | 000,356,864 | ---- | M] () -- C:\Program Files (x86)\Raptr\_hashlib.pyd
MOD - [2010/11/22 18:56:02 | 000,127,488 | ---- | M] () -- C:\Program Files (x86)\Raptr\pyexpat.pyd
MOD - [2010/11/22 18:56:02 | 000,124,928 | ---- | M] () -- C:\Program Files (x86)\Raptr\_elementtree.pyd
MOD - [2010/11/22 18:56:02 | 000,087,040 | ---- | M] () -- C:\Program Files (x86)\Raptr\_ctypes.pyd
MOD - [2010/11/22 18:56:02 | 000,044,544 | ---- | M] () -- C:\Program Files (x86)\Raptr\_sqlite3.pyd
MOD - [2010/11/22 18:56:02 | 000,043,008 | ---- | M] () -- C:\Program Files (x86)\Raptr\_socket.pyd
MOD - [2010/11/22 18:56:02 | 000,010,240 | ---- | M] () -- C:\Program Files (x86)\Raptr\select.pyd
MOD - [2010/11/22 18:56:02 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\Raptr\winsound.pyd
MOD - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/10/23 13:31:44 | 000,038,912 | ---- | M] () -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2006/08/18 14:17:36 | 000,056,056 | ---- | M] () -- C:\Windows\SysWOW64\DLAAPI_W.DLL
MOD - [2003/08/29 20:05:35 | 000,360,448 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgmain.exe
MOD - [2003/08/29 12:14:56 | 000,233,472 | ---- | M] () -- C:\Program Files (x86)\SpywareGuard\sgbhp.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/06/27 14:15:52 | 007,641,296 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2014/06/19 03:56:34 | 002,356,408 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/06/18 20:24:12 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/17 22:29:26 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2014/04/17 21:29:24 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2010/06/29 13:49:27 | 000,128,752 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Program Files\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE)
SRV - [2014/07/24 09:01:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/07/09 10:17:36 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/27 15:20:18 | 003,241,488 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014/06/22 13:56:00 | 001,813,528 | ---- | M] (AVG Secure Search) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe -- (vToolbarUpdater18.1.7)
SRV - [2014/06/17 17:56:02 | 000,242,216 | ---- | M] (Foxit Corporation) [Auto | Running] -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2014/06/17 16:11:46 | 000,289,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014/06/05 04:19:38 | 000,093,040 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/11/04 08:42:10 | 001,228,504 | ---- | M] (Secunia) [Auto | Stopped] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013/11/04 08:42:08 | 000,660,184 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/09/23 16:46:14 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbService.exe -- (CobianBackup10)
SRV - [2010/09/23 09:49:08 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/06/01 19:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/10/23 13:31:44 | 000,401,920 | ---- | M] (Amazon.com) [Auto | Running] -- C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe -- (Amazon Download Agent)
SRV - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/06/22 13:56:01 | 000,050,464 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2014/06/17 16:21:34 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014/06/17 16:07:12 | 000,328,984 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014/06/17 16:06:58 | 000,269,080 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014/06/17 16:06:24 | 000,190,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014/06/17 16:06:22 | 000,242,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014/06/17 16:06:22 | 000,153,368 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014/06/17 16:06:20 | 000,123,672 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014/06/17 16:06:06 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2014/04/17 22:36:46 | 015,376,384 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2014/04/17 21:07:06 | 000,638,976 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/02/11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0)
DRV:64bit: - [2013/12/19 12:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/11/04 08:42:02 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013/08/09 12:17:40 | 000,738,176 | ---- | M] (eMPIA Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2013/08/09 12:16:54 | 001,475,072 | ---- | M] (eMPIA Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/31 07:56:58 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2012/06/21 21:59:36 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/04/05 20:39:38 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 07:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/04/07 19:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/03/04 10:43:00 | 000,346,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/17 14:23:05 | 000,014,920 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV)
DRV:64bit: - [2010/02/17 14:23:05 | 000,012,360 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/01/26 22:09:02 | 000,047,632 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (npf)
DRV:64bit: - [2010/01/18 17:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/30 11:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/08/18 14:18:10 | 000,010,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLADResE.SYS -- (DLADResE)
DRV:64bit: - [2006/08/18 14:18:00 | 000,136,952 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDFAE.SYS -- (DLAUDFAE)
DRV:64bit: - [2006/08/18 14:18:00 | 000,044,152 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABMFSE.SYS -- (DLABMFSE)
DRV:64bit: - [2006/08/18 14:17:58 | 000,143,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDF_E.SYS -- (DLAUDF_E)
DRV:64bit: - [2006/08/18 14:17:56 | 000,033,656 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAOPIOE.SYS -- (DLAOPIOE)
DRV:64bit: - [2006/08/18 14:17:54 | 000,041,976 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABOIOE.SYS -- (DLABOIOE)
DRV:64bit: - [2006/08/18 14:17:54 | 000,018,040 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAPoolE.SYS -- (DLAPoolE)
DRV:64bit: - [2006/08/18 14:17:52 | 000,141,432 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAIFS_E.SYS -- (DLAIFS_E)
DRV:64bit: - [2006/08/11 12:06:00 | 000,063,608 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DRVEDDM.SYS -- (DRVEDDM)
DRV:64bit: - [2006/08/11 11:35:28 | 000,015,992 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\DLACDBHE.SYS -- (DLACDBHE)
DRV:64bit: - [2006/08/11 11:35:26 | 000,039,288 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\SysNative\drivers\DLARTL_E.SYS -- (DLARTL_E)
DRV:64bit: - [2006/07/24 04:00:00 | 000,052,664 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/07/21 12:21:28 | 000,122,776 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DRVECDB.SYS -- (DRVECDB)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DDB1F257-B0C2-4E48-BCCF-F12EF5A84E23}
IE:64bit: - HKLM\..\SearchScopes\{017CF2D2-21BC-4A60-A065-1B3F391FF9B4}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE:64bit: - HKLM\..\SearchScopes\{0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA}: "URL" = http://en.wikipedia....h={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{314E9871-7C00-4D59-95AB-C37244672106}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE:64bit: - HKLM\..\SearchScopes\{DDB1F257-B0C2-4E48-BCCF-F12EF5A84E23}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {DDB1F257-B0C2-4E48-BCCF-F12EF5A84E23}
IE - HKLM\..\SearchScopes\{017CF2D2-21BC-4A60-A065-1B3F391FF9B4}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKLM\..\SearchScopes\{0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\..\SearchScopes\{314E9871-7C00-4D59-95AB-C37244672106}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKLM\..\SearchScopes\{DDB1F257-B0C2-4E48-BCCF-F12EF5A84E23}: "URL" = http://www.bing.com/...rc=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.briansetzer.com
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{017CF2D2-21BC-4A60-A065-1B3F391FF9B4}: "URL" = http://search.yahoo....psg&type=HPDTDF
IE - HKCU\..\SearchScopes\{0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKCU\..\SearchScopes\{314E9871-7C00-4D59-95AB-C37244672106}: "URL" = http://www.ask.com/w...}&l=dis&o=ushpd
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://isearch.avg.com/search?cid={67ADDD17-99FD-4A54-8B15-0D50209E487D}&mid=22e234fd632347d09319b57816c38fe2-f2d413af7c97d18f920d533820cea21b814744d0&lang=en&ds=AVG&pr=fr&d=2012-11-12 18:41:47&v=17.1.2.1&pid=avg&sg=84&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\70969D2B44164BC99BF5BE23316ECBAC: "URL" = http://isearch.avg.com/search?cid={67ADDD17-99FD-4A54-8B15-0D50209E487D}&mid=22e234fd632347d09319b57816c38fe2-f2d413af7c97d18f920d533820cea21b814744d0&lang=en&ds=AVG&pr=fr&d=2012-11-12 18:41:47&v=14.2.0.1&pid=avg&sg=&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\@hulu.com/Hulu Desktop: C:\Windows\..\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\npHDPlg.dll ()
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/01/21 04:02:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\avg@toolbar: C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.7.644 [2014/06/22 13:57:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/07/24 09:00:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/24 09:00:57 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/07/24 09:00:54 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 31.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/24 09:00:57 | 000,000,000 | ---D | M]
 
[2012/05/31 14:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Extensions
[2012/05/31 14:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/16 20:37:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060\extensions
[2014/04/21 20:25:20 | 000,011,571 | ---- | M] () (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060\extensions\[email protected]
[2014/07/24 09:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/07/24 09:00:55 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014/07/24 09:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/07/24 09:01:32 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (SpywareGuardDLBLOCK.CBrowserHelper) - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files (x86)\SpywareGuard\dlprotect.dll ()
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\18.1.7.644\AVG Secure Search_toolbar.dll (AVG Secure Search)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe (Vitzo)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe (Amazon.com)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files (x86)\AVG Secure Search\vprot.exe ()
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [Raptr] C:\Program Files (x86)\Raptr\raptrstub.exe (Raptr, Inc)
O4 - HKCU..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O4 - Startup: C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SpywareGuard.lnk = C:\Program Files (x86)\SpywareGuard\sgmain.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\onbttnielinkednotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h20364.www2....DataManager.CAB (Reg Error: Key error.)
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (OnlineScanner Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_13)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_17)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.55.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F07011C9-A074-4415-A7C9-4344A2CBEBD4}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll (Microsoft Corporation)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {81559C35-8464-49F7-BB0E-07A383BEF910} - C:\Program Files (x86)\SpywareGuard\spywareguard.dll ()
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/23 08:31:00 | 000,000,000 | RH-D | M] - F:\autorun -- [ NTFS ]
O32 - AutoRun File - [2002/10/16 22:56:50 | 000,000,036 | RH-- | M] () - F:\autorun.inf -- [ NTFS ]
O33 - MountPoints2\{fee04415-6944-11e1-a390-643150276611}\Shell - "" = AutoRun
O33 - MountPoints2\{fee04415-6944-11e1-a390-643150276611}\Shell\AutoRun\command - "" = G:\IronKey.exe
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\IronKey.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/07/26 20:32:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\WAYNE\Desktop\OTL.exe
[2014/07/24 09:00:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014/07/23 09:52:29 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Roaming\28046
[2014/07/21 13:52:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Carbonite
[2014/07/20 11:19:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
[2014/07/18 18:17:56 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014/07/18 18:17:13 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
[2014/07/18 18:16:48 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Roaming\library_dir
[2014/07/18 18:16:04 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Roaming\Raptr
[2014/07/18 18:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Raptr
[2014/07/18 18:15:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD AVT
[2014/07/18 18:15:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ATI Technologies
[2014/07/18 18:14:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
[2014/07/18 18:09:00 | 000,000,000 | ---D | C] -- C:\Program Files\AMD
[2014/07/18 18:08:33 | 000,000,000 | ---D | C] -- C:\Windows\LastGood
[2014/07/18 18:06:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ATI Technologies
[2014/07/18 18:05:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/07/18 18:03:55 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014/07/18 18:02:28 | 000,000,000 | ---D | C] -- C:\AMD
[2014/07/16 11:50:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/07/16 11:49:04 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/07/16 11:49:03 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/07/16 11:49:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/07/16 11:49:03 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/07/04 15:24:12 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\Documents\Custom Office Templates
[2014/07/03 08:11:30 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.1991-06.com.microsoft
[2014/07/03 08:09:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
[2014/07/03 08:08:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office 15
[2014/07/02 17:58:11 | 000,122,584 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/02 16:39:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/07/02 16:39:36 | 000,091,352 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/07/02 16:39:36 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/07/02 16:39:35 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/07/02 16:39:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2011/04/05 20:39:38 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\WAYNE\AppData\Roaming\pcouffin.sys
[5 C:\Users\WAYNE\Documents\*.tmp files -> C:\Users\WAYNE\Documents\*.tmp -> ]
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[24 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/07/26 20:32:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WAYNE\Desktop\OTL.exe
[2014/07/26 20:28:51 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/26 20:28:50 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/26 16:39:40 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/07/26 16:36:21 | 000,783,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/26 16:36:21 | 000,662,836 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/26 16:36:21 | 000,122,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/25 09:29:56 | 000,002,010 | ---- | M] () -- C:\Users\WAYNE\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2014/07/24 07:22:19 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/24 07:22:19 | 000,015,792 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/23 20:46:04 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWAYNE.job
[2014/07/23 05:57:42 | 000,102,146 | ---- | M] () -- C:\Users\WAYNE\Documents\Things to do.rtf
[2014/07/23 05:56:26 | 000,000,387 | ---- | M] () -- C:\Users\WAYNE\Documents\six pillars of self esteem.rtf
[2014/07/21 13:52:10 | 000,002,098 | ---- | M] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2014/07/18 13:55:43 | 001,999,196 | ---- | M] () -- C:\Users\WAYNE\Desktop\WayneKern_SystemInfo.nfo
[2014/07/17 08:59:19 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
[2014/07/17 08:59:19 | 000,000,350 | ---- | M] () -- C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job
[2014/07/17 08:52:38 | 3220,660,224 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/16 11:50:01 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/07/10 08:53:54 | 000,001,324 | ---- | M] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2014/07/10 03:32:33 | 000,456,880 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/07 09:43:13 | 000,000,162 | -H-- | M] () -- C:\Users\WAYNE\Documents\~$ings to do.rtf
[2014/07/03 09:34:15 | 000,000,927 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2014.lnk
[2014/07/02 16:39:55 | 000,001,068 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/01 14:13:39 | 001,551,774 | ---- | M] () -- C:\Users\WAYNE\Desktop\Wellness reimbursement.pdf
[5 C:\Users\WAYNE\Documents\*.tmp files -> C:\Users\WAYNE\Documents\*.tmp -> ]
[3 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
[24 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/07/23 05:56:25 | 000,000,387 | ---- | C] () -- C:\Users\WAYNE\Documents\six pillars of self esteem.rtf
[2014/07/21 13:52:10 | 000,002,098 | ---- | C] () -- C:\Users\Public\Desktop\Carbonite InfoCenter.lnk
[2014/07/18 13:55:43 | 001,999,196 | ---- | C] () -- C:\Users\WAYNE\Desktop\WayneKern_SystemInfo.nfo
[2014/07/16 11:50:01 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/07/10 08:53:54 | 000,001,324 | ---- | C] () -- C:\Users\Public\Desktop\Foxit Reader.lnk
[2014/07/07 09:43:13 | 000,000,162 | -H-- | C] () -- C:\Users\WAYNE\Documents\~$ings to do.rtf
[2014/07/02 16:39:55 | 000,001,068 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014/07/01 14:13:39 | 001,551,774 | ---- | C] () -- C:\Users\WAYNE\Desktop\Wellness reimbursement.pdf
[2014/05/03 03:18:37 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/04/17 22:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/04/17 22:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/04/17 21:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/04/17 21:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/01/02 20:32:23 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2013/06/25 06:56:59 | 000,000,064 | ---- | C] () -- C:\Windows\brpcfx.ini
[2013/06/25 06:56:58 | 000,000,245 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2013/06/25 06:29:27 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2013/06/25 06:29:24 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2013/06/25 06:29:17 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2013/06/25 06:29:15 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2013/05/20 13:42:13 | 000,003,729 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013/02/12 16:47:32 | 000,000,775 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/05/31 10:23:52 | 000,102,248 | ---- | C] () -- C:\Users\WAYNE\GoToAssistDownloadHelper.exe
[2011/04/05 20:39:38 | 000,099,384 | ---- | C] () -- C:\Users\WAYNE\AppData\Roaming\inst.exe
[2011/04/05 20:39:38 | 000,007,859 | ---- | C] () -- C:\Users\WAYNE\AppData\Roaming\pcouffin.cat
[2011/04/05 20:39:38 | 000,001,167 | ---- | C] () -- C:\Users\WAYNE\AppData\Roaming\pcouffin.inf
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/01/02 20:27:31 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\0H1F2WtF1L1G1R
[2013/12/08 12:49:49 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\11543
[2014/03/02 09:30:15 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\14213
[2014/01/09 09:02:24 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\17226
[2013/12/27 14:45:40 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\21065
[2014/03/08 08:39:44 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\26023
[2014/07/23 09:52:29 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\28046
[2014/04/25 10:54:38 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\29513
[2014/04/03 20:34:39 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\30793
[2012/08/26 17:30:26 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Amazon
[2014/01/10 22:03:41 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\AnvSoft
[2013/04/20 00:11:54 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Audacity
[2013/09/19 20:13:41 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\AVG2014
[2013/09/07 15:12:32 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\ControlCenter4
[2011/12/25 14:20:01 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\DVDFab
[2013/11/15 18:53:30 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\DVDFab9
[2013/11/14 19:21:51 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Foxit Scanner Images
[2014/03/04 09:15:52 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Foxit Software
[2014/07/18 18:16:48 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\library_dir
[2013/07/16 07:50:11 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Nuance
[2014/05/07 19:40:16 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Oracle
[2011/01/19 22:44:38 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\PictureMover
[2014/07/26 17:08:43 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Raptr
[2011/06/26 21:38:14 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\REAPER
[2011/02/12 10:24:19 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Roni Music
[2014/07/10 03:28:04 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\SoftGrid Client
[2011/03/10 17:21:05 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TeamViewer
[2012/04/23 14:45:41 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TechWizard
[2012/05/31 14:38:38 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TomTom
[2011/02/27 11:58:21 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TP
[2012/11/12 19:42:12 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TuneUp Software
[2013/05/06 20:37:01 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\uTorrent
[2014/01/02 20:32:59 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\VDownloader
[2011/04/05 20:40:11 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Vso
[2011/01/20 11:41:08 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\WinBatch
[2011/11/06 20:43:48 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Windows Live Writer
[2013/07/16 07:50:19 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Zeon
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >
 


  • 0

Advertisements


#2
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Sorry that you've had to wait. We've been quite busy lately.

 

However, I do have both time and desire to help you, so give me a few hours to review you logs and then I'll post some next steps.


  • 0

#3
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi wayneman50,

 

You said that your computer has trouble sleeping. Have you tried singing softly to it? Perhaps a lullaby? xlaugh.png.pagespeed.ic.SDkxrRteka.png
Ok, poor bit of humor, I know.

 

Seriously, here is a link to a bit more detail on the various Power Settings along with additional fine tuning that you can do if you desire.

Just to add a bit more color. A lot of the sleep settings occur, pending how other things on the computer are working. By way of example, if you have your computer set to Sleep afer 5 minutes of inactivity, it will sleep unless something vital to the system is not running. However, you can if you wish, make it sleep regardless of what it is doing. You just need the correct Power Setting.

Also, there a quite a few system processes that will both wake a sleeping computer and/or cause one not to go to sleep. Some of this can be quite complicated, but hopefully the link I provided above will add some clarity.

 

As for Malware, I don't see any on your computer. Obviously, good news! What I can offer is to sort of do a "spring cleaning" on the machine. Just follow the instructions below and I'll have you run some scanning tools and cleaning tools. When they are complete, each produces one or more log files. Just post those back for my reivew.

 

Last, before we get started. You have two Anti-VIrus programs on your machine. We advise only one as they tend to get in each others way and often miss things because of that. So, please pick one (you have Microsoft Security Essentials and AVG) and remove the other. Also, you are running SAS (Super Anti-Spyware). We have found little value in this product, but keep it if you wish. However, while we are cleaning your machine you will need to uninstall it so that it does not block our cleaning programs.

 

If you don't have the time right now or would rather not do the cleaning, let me know as that is fine as well. xsmile.png.pagespeed.ic.CwSpBGGvqN.png Also, feel free to ask questions at any point in this process.

 

The Cleaning starts here and proceeds down the page.

 

OTL Fix

  • Run OTL as you did before.
  • Copy the text in the quote box below (do not copy the word "quote") and paste in the in the box marked Custom Scans/Fixes as shown in the graphic below.

664x589xotlrunfix.jpg.pagespeed.ic.wT-vY

 

:Commands
[createrestorepoint]
 
:OTL
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
[2012/05/31 14:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Extensions
[2012/05/31 14:38:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Extensions\[email protected]
[2014/07/16 20:37:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060\extensions
[2014/04/21 20:25:20 | 000,011,571 | ---- | M] () (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060\extensions\[email protected]
[2014/07/24 09:00:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2014/07/24 09:00:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4 - HKLM..\Run: []  File not found
O15 - HKCU\..Trusted Domains: localhost ([]* in Local intranet)
O16 - DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} https://h20364.www2....DataManager.CAB (Reg Error: Key error.)
[2014/01/02 20:27:31 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\0H1F2WtF1L1G1R
[2013/12/08 12:49:49 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\11543
[2014/03/02 09:30:15 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\14213
[2014/01/09 09:02:24 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\17226
[2013/12/27 14:45:40 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\21065
[2014/03/08 08:39:44 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\26023
[2014/07/23 09:52:29 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\28046
[2014/04/25 10:54:38 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\29513
[2014/04/03 20:34:39 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\30793
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
 
:commands
[resethosts]
[emptytemp]
[reboot]

Then press the Run Fix button

Your computer will reboot. If it does not, please manually reboot.

 

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

Next, download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

  • 0

#4
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

Thanks for your response. I am unable to uninstall Super Anti Spyware. I tried to uninstall, and now the message states: Uninstall failed. Error reading uninstall data.


  • 0

#5
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

My concern was that I had a virus, so thank goodness that's not an issue. The benefits of the computer going to sleep are questionable these days anyway. I would think it would be better for me to have it stay awake instead of this constant sleep-wake cycle. Do you agree? It started doing this a few weeks ago. Does it matter what is causing this frequent sleep-wake?

As far as anti-virus software, I believe my current collection was a recommendation from somone from geekstogo a couple years ago. But I will take your advice. The June 2013 Consumer Reports listed Avast as the best free antivirus software. What do you think of Avast?

I got a message today that Raptr Desktop wanted to update software on my PC. And starting a couple days ago, every day another message wants to do an AMD Gaming Evolved App update. I think I have AMD video software. What's the scoop on those messages?

Thanks.


  • 0

#6
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

I am unable to uninstall Super Anti Spyware. I tried to uninstall, and now the message states: Uninstall failed. Error reading uninstall data.

 

Yes, I'm not surprised. That's among my complaints with this product. Another is it's fairly useless functionality. I can remove it with OTL after you run the other tools and scan (see above).

 

 

Does it matter what is causing this frequent sleep-wake?

 

Absent nefarious activities, no. I rarely concern myself with sleep-wake. However, there are some tip off's to unwanted behavior, such as lots of disk activity, etc. For the time being I think we can set aside concerns of that type.

 

 

What do you think of Avast?

 

I am a huge fan of Avast. Many of here are as well. I am also a fan of Microsoft Security Essentials or Windows Defender (depending on your version of Windows, you'd either want one of the other). Just be sure to only have one A/V.
 

 

I got a message today that Raptr Desktop wanted to update software on my PC. And starting a couple days ago, every day another message wants to do an AMD Gaming Evolved App update. I think I have AMD video software. What's the scoop on those messages?

 

Well, both are related to Gaming software. Frankly, I don't have any experience with gaming software. Sounds like it just wants do updates and that's fairly much expected.


  • 0

#7
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

I also have Malwarebytes Anti-Malware. Do you recommend I uninstall that one too?

 

What does your "cleaning" do? What does it clean?

 

AMD and Raptr - the odd thing is that I don't do gaming - never have. Why would it be on my pc?

 

Thanks.


  • 0

#8
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Responding via iPhone, we'll see how that goes:). Mbam I like as an on demand scanner, but not as a tool that is always on. Cleaning removes temp files. Adware, junkware. Can't speak to the game stuff.
  • 0

#9
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by WAYNE on Wed 07/30/2014 at 22:16:56.63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{0399FEB8-6EFE-407C-93E3-14CF8D07A897}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{06E2932A-CB7F-4360-9CF8-D2C1684B2AC6}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{0AEF2392-647F-49DB-9481-3A0DD3CF6852}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{0D07FD19-2FE5-4EB6-BB77-D9B9CB75D23A}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{0D788D9A-9F05-4539-9A0C-BB321A47E448}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{0FC84679-6C41-488B-BAD1-710B63986952}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{174EF6F4-665B-4977-8089-DDBBBC87B581}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{18582D38-F9B6-49FC-B486-A5D5CEE825CC}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{1DA59E0D-6E9F-4D70-9FE1-CF30DF359743}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{1F53810F-CC31-4531-BD9D-33CC3DF0532A}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{2231F291-AF07-4D33-B25C-526348D9755A}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{299A6AB8-545A-4838-8482-A1E0D9583159}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{2B8C0622-80BF-4A71-99CB-EF8347EA57D2}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{2BBCCCA0-7715-4E1A-A399-2FBE80D12330}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{2FAE56F0-A909-4E05-8AFD-FBA6E97FF99E}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{39777079-55BB-49C4-B7CA-E41EA10B9DBE}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{3A41B2F0-81AC-4181-A784-3E31E64BB4D2}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{45898BE4-8B7A-43F4-BD6B-44637A1AEAC6}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{47FC534E-EDF0-4F1F-BBE2-2D6CCB0B198D}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{49944915-C507-47EE-B71B-E5F89B5BAFDD}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{4AC924AD-AEE8-4488-BBDB-182FFBF0A2E3}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{4BCED59D-9094-4B6B-90B9-5FA8EB873DD7}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{50A4004A-A043-44C4-8D76-6D2EE2E5635C}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{50FC6C59-D3AA-4AB8-A1F3-D18C00308B9B}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{52423823-50D6-4653-9675-C8524941193E}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{52FC84B1-6D99-4CA9-9415-0D3E2674208F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{53836ACD-E038-4BA8-97EC-1D6F68AC595F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{560DAEF7-676D-4133-959E-60CFC42D2D66}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{59B5B034-8FE1-4A6B-84A7-F50392BEC080}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{59C9ADF0-DDDE-458A-9F8B-9141CBBB5D3A}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{610BBFCC-C900-4AFB-8AEF-C36C14695DC6}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{6146871E-1F71-464B-8A16-CA83A4E4C8EE}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{63E51A54-1FE2-4A7C-9362-9EBC0B628940}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{6A3E033F-8672-4FC5-86E4-939E6B36A571}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{719FB135-69EA-4CC8-80CA-42BE5F5040FF}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{75DB7786-FF18-4106-9659-35F158AEECEF}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{7846EE0E-B445-47FE-9B92-56F326BB5960}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{7BA94E8F-8934-4A33-A9DD-2D32DC01DDBE}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{7CD52C14-E6E7-4A03-BF9A-E4EDF581169F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{7E80FF4B-EA40-4D3C-AEE5-4D5D09353081}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{80B2CA7F-8CB5-41D4-B36E-8BFBB1D21F19}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{80DC7E0A-1412-4FFE-A565-2854F4007E25}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{825162D0-3735-4A6D-A4A6-D05A2CDFDC6F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{83FBF700-2BCE-41C0-B01B-8749E76E901A}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{885F6322-1159-486C-9A1A-3CEA36E8DA7F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{896BBD81-1354-4D27-8BC2-3B95E112AC1A}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{896FBFFA-9205-4F1C-ACD4-7862AB976FB2}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{8D449D7C-6627-48F4-9E89-DE1A4E594FB1}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{911E3A6A-B15E-4ABE-BF5E-C6F7383EE278}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{9171BCED-C385-4E6F-8947-3D4EFBE4D028}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{9232BAD8-70A8-4AB4-9472-9C995D1882B0}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{93CBC7CC-CC4C-47B9-B74F-CD3365FF8BE4}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{95818F51-8227-41BB-A093-B12986C2372A}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{9A3E621F-DCA3-4ED3-9245-CB34FEDF0597}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{9D833D56-26DD-4386-8BEA-EC0A852AB311}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{9F28D9A3-6811-4C3D-ABF5-D668F4AA999B}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{9F9136E7-F792-43DD-BE8C-5B4A660F4C38}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{9F9D3E0C-86D7-4D64-9B21-7BD3592FE79D}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{A1E3511A-8304-4E1C-9FE5-B5C63DA20442}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{A388A550-036E-49A1-8178-F2FF9FB0CC7F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{A710CDD0-CB9B-4BA0-8D9B-F091887EAD8C}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{A985EAE1-ACB5-4078-92AE-1E75F373EF45}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{ABE5DFC3-DD33-41CF-8DB7-388190CBE1D0}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{B0F90360-2A40-446F-854A-63A1B77EA8C7}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{B93CDFDF-B0EE-4569-B70D-38F70D9A3DA3}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{BAB212A8-20C0-4A8B-AA3F-F87D592E5CEF}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{BD625BDA-3AF2-4122-96FA-E126F796E038}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{BDAF8A3E-4DA5-43C3-95D4-70D0B511E88B}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{BF846543-AAAE-4D76-81D3-5F3CA7AB02CA}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{C5B7E7BB-D9CD-4C08-9AAD-2F1BDB6F4A6E}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{C5E8A522-65D0-4EC5-A7F8-A96F452300CB}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{CC8A825A-A114-49FF-AC7A-0A956DE5B6A2}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{CE253994-9C7D-4B73-B9EB-D7000C03E11F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{D4E69EE5-056F-4266-B232-F9B4FB2E383C}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{D83A895B-9D99-48F9-8364-A758D4008242}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{DAF950DE-F6FD-41AE-B833-42FC212E6233}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{DFF56547-3B6E-4494-A753-7F7900053A36}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E0E8F5DC-AA27-439C-8F69-3DB31DEFD2C7}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E193F8D7-37E5-42A4-8F96-42FBD257DCA4}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E2BE0049-5B5D-4FCB-B0BF-C87EFD653CB4}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E3047673-B7A0-4F17-8B23-BAC335834CA0}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E3B5CF55-2089-45A9-AF41-74E484BB8CF0}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E422209B-7DE7-4475-9952-8F8A21C0A092}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E665618D-AFBA-4A92-900E-E6020E510D91}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E6A55556-D466-490A-A84D-420AF77AD454}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E6A98AB4-03B9-428E-8292-7904C5E47E1F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{E9EC47B7-5788-47E6-949A-3A6B6F5A3727}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{EB31FEE2-5071-4727-9A9D-62088D60A1E8}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{F2B6C360-F45A-4236-984B-9EEDF0D533E4}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{F459706D-9B76-4A61-A7CC-D8C62B64E144}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{F986DE66-1728-41BE-95BB-A6E85F620695}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{FA5DBCD3-6A47-4855-A953-386A81301E64}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{FB77AC59-91B5-43E7-B175-91B060469E3F}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{FED7FEAB-1AD3-44E6-975B-2201A84717FA}
Successfully deleted: [Empty Folder] C:\Users\WAYNE\appdata\local\{FEE14BCB-D681-4454-9254-03389BD42712}



~~~ FireFox

Emptied folder: C:\Users\WAYNE\AppData\Roaming\mozilla\firefox\profiles\0xpjobj2.default-1398125402060\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/30/2014 at 22:23:45.01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


  • 0

#10
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

# AdwCleaner v3.302 - Report created 30/07/2014 at 18:15:07
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : WAYNE - WAYNE-HP
# Running from : C:\Users\WAYNE\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.7

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\SearchProtect
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\HP_Administrator\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\HP_Administrator\AppData\LocalLow\AVG Secure Search
Folder Deleted : C:\Users\WAYNE\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\WAYNE\AppData\LocalLow\AVG Secure Search
File Deleted : C:\END
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilJumpFlip_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilJumpFlip_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Jump Flip

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\HP_Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\e5lf66ja.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Deleted : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={67ADDD17-99FD-4A54-8B15-0D50209E487D}&mid=22e234fd632347d09319b57816c38fe2-f2d413af7c97d18f920d533820cea21b814744d0&lang=en&ds=AVG&pr=fr&d=[...]

[ File : C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060\prefs.js ]


*************************

AdwCleaner[R0].txt - [7974 octets] - [30/07/2014 17:57:33]
AdwCleaner[S0].txt - [7693 octets] - [30/07/2014 18:15:07]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7753 octets] ##########
 


  • 0

Advertisements


#11
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

# AdwCleaner v3.302 - Report created 30/07/2014 at 17:57:33
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : WAYNE - WAYNE-HP
# Running from : C:\Users\WAYNE\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

Service Found : vToolbarUpdater18.1.7

***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Folder Found : C:\Program Files (x86)\AVG Secure Search
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\Users\All Users\AVG Secure Search
Folder Found : C:\Users\HP_Administrator\AppData\Local\AVG Secure Search
Folder Found : C:\Users\HP_Administrator\AppData\LocalLow\AVG Secure Search
Folder Found : C:\Users\WAYNE\AppData\Local\AVG Secure Search
Folder Found : C:\Users\WAYNE\AppData\LocalLow\AVG Secure Search

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AVG Secure Search
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\AVG Secure Search
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : HKLM\Software\AVG Secure Search
Key Found : HKLM\Software\AVG Security Toolbar
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Found : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\S
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\updateJumpFlip_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilJumpFlip_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\utilJumpFlip_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Jump Flip
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\HP_Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\e5lf66ja.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Line Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
Line Found : user_pref("keyword.URL", "hxxp://isearch.avg.com/search?cid={67ADDD17-99FD-4A54-8B15-0D50209E487D}&mid=22e234fd632347d09319b57816c38fe2-f2d413af7c97d18f920d533820cea21b814744d0&lang=en&ds=AVG&pr=fr&d=[...]

[ File : C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060\prefs.js ]


*************************

AdwCleaner[R0].txt - [7790 octets] - [30/07/2014 17:57:33]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [7850 octets] ##########
 


  • 0

#12
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi Wayneman50,

 

I wanted to take a moment and compliment you on the questions you asked prior to running the previous scans. xsmile.png.pagespeed.ic.CwSpBGGvqN.png I am quite impressed that you want to know what the "cleaning process" consisted of, etc. Very smart of you! So, going forward I'll be more verbose on what we're doing and why we're doing it.

 

Although I don't expect you to understand every line of the logs that are produced, feel free to persue them. You can get an idea of what the scan or tool is doing or removing. If you have questions, please ask! xthumbsup.gif.pagespeed.ic.7aXFW0A4z_.pn That said, I have two more scans for you. ZOEK will perform cleaning much like adwCleaner and JRT did, but focuses on slightly different sets of files and registry items. I tend to use all three as that gives a pretty comprehensive cleaning to your computer. Additionally, ZOEK does more in that it provides a very complete system scan that I can review for anomalies. Then, System Check will scan your computer looking for out of date software. It specifically looks at some of the high risk areas suc as Adobe Reader, Flash, Java and your Windows Service Pack level. It doesn't fix anything, but will alert me to updates that are needed. Those needed updates will be flagged in red, but don't do updates right away. I have links for the updates (if needed) that will save you a lot of searching. Last, you'll rerun OTL. It will scan the system, much like ZOEK, and assure me that all the updates, cleaning, etc. worked as expected.

 

Ok, off we go...

 

Please download zoek.exe and save it to your desktop (Firefox users right click and Save Link As...).

  • Close any open browsers.
  • Temporarily disable your AntiVirus program. (If necessary)
  • Double click on zoek.exe to run.
  • Please wait while the tool starts. It will appear to be doing nothing and may take a few seconds to come up
  • Click Options button below the large panel and check the box:

    Auto Clean
  • Click on Run script button
  • Please wait patiently (it may take a few minutes) until a log report will open (this may be after reboot, if required)
  • Copy (Ctrl +C) and paste (Ctrl +V) the contents of the opened entire report back here.

Note: It will also create a log in the C:\ directory named "zoek-results.log"

 

Security Check

Download Security Check from here or here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

Last, rerun OTL as you did previously, but this time just press the Quick Scan button. When OTL completes you will find one log, OTL.TXT. Please post that with the the ZOEK log and the Security Log.


  • 0

#13
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

So do you play a Les Paul? I play guitar in a couple bands.

 

Here is the zoek log. Not sure I need to do Security Check as I run Secunia PSI monthly and it tells me what software needs updating.

 

Zoek.exe v5.0.0.0 Updated 31-07-2014
Tool run by WAYNE on Thu 07/31/2014 at 12:50:16.38.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\WAYNE\Desktop\zoek.exe [Scan all users]  [Checkboxes used]

==== System Restore Info ======================

7/31/2014 2:55:48 PM Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\SearchScopes\{017CF2D2-21BC-4A60-A065-1B3F391FF9B4} deleted successfully
HKEY_USERS\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\SearchScopes\{314E9871-7C00-4D59-95AB-C37244672106} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\HP_ADM~1\AppData\Roaming\Mozilla\Firefox\Profiles\e5lf66ja.default

user.js not found
---- Lines Search  modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_20140731_0306_.backup

ProfilePath: C:\Users\HP_ADM~1\AppData\Roaming\TomTom\HOME\Profiles\1n597o8a.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140731_0306_.backup

ProfilePath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060

user.js not found
---- Lines Search  modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}\":{\"descriptor\":\"C:\\\\
---- FireFox user.js and prefs.js backups ----

prefs_20140731_0306_.backup

ProfilePath: C:\Users\WAYNE\AppData\Roaming\TomTom\HOME\Profiles\2td2jy9v.default

user.js not found
---- FireFox user.js and prefs.js backups ----

prefs_20140731_0306_.backup

==== Deleting Files \ Folders ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\vanBasco's Karaoke Player deleted
C:\Users\WAYNE\Searches deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\WAYNE\Desktop\Continue Audio Converter Installation.lnk deleted
"C:\Users\WAYNE\AppData\Roaming\Vso" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension" [01/21/2011 04:02 AM]

==== Firefox Extensions ======================

ProfilePath: C:\Users\HP_ADM~1\AppData\Roaming\TomTom\HOME\Profiles\1n597o8a.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected]
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected]

ProfilePath: C:\Users\WAYNE\AppData\Roaming\TomTom\HOME\Profiles\2td2jy9v.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected]
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\[email protected]

==== Firefox Plugins ======================

Profilepath: C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060
4390CCD3790F8D9C427C0C29590C62D7    - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll -    Shockwave Flash
D6ED6EB98E759460AD8C66DE23070132    - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -    Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03    - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -    Microsoft Office 2013
6BBDF75F2CEC825523418547F7C32105    - C:\Users\Default\AppData\Local\HuluDesktop\instances\0.9.13.1\nphdplg.dll -    Hulu Desktop


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft..../?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.co...={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/...ox&FORM=IE8SRC"
{DDB1F257-B0C2-4E48-BCCF-F12EF5A84E23} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-3431438650-1370896122-3677072999-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DDB1F257-B0C2-4E48-BCCF-F12EF5A84E23} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\WAYNE\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\WAYNE\AppData\Local\Mozilla\Firefox\Profiles\0xpjobj2.default-1398125402060\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=57 folders=6 253747 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HP_Administrator\AppData\Local\Temp emptied successfully
C:\Users\WAYNE\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\WAYNE\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Thu 07/31/2014 at 16:01:53.17 ======================
 


  • 0

#14
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
Yes I do play an LP. Although these days I play more acoustic than electric.

Running security check won't take long. Also, I had asked for another otl log. See last two lines of my previous post. :)

How is the computer running?
  • 0

#15
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 587 posts

 Results of screen317's Security Check version 0.99.86  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:`````````
 SpywareBlaster 5.0    
 SpywareGuard v2.2    
 Secunia PSI (3.0.0.9015)   
 Java 7 Update 65  
 Adobe Flash Player 14.0.0.145  
 Mozilla Firefox (31.0)
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Symantec Norton Online Backup NOBuAgent.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP