Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Cannot log into certain web sites [Solved]

login internet web sites

  • This topic is locked This topic is locked

#61
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Yes I half expected that, not surprising after the unsuccessful removal last time.

 

Just continue with the OTC one. It should remove the ComboFix orphans. :)


  • 0

Advertisements


#62
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

If I may ask - The fact that I can't get to certain websites in IE - that doesn't sound like malware? Isn't it possible I acquired some infection after I ran your scans?

 

I appreciate all your help.


  • 0

#63
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Should I turn off Security Essentials real time protection during the cleanup?


  • 0

#64
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

The fact that I can't get to certain websites in IE - that doesn't sound like malware? Isn't it possible I acquired some infection after I ran your scans?


Anything is possible, and only you know which websites you have visited.

The reason I don't think it is malware related is because the symptoms are the same as before when we didn't find a malware cause. By the way, did you follow the suggestions at post #53 to repair reinstall Internet Explorer. It might be that a reinstall, which amongst other things will reset IE, will help things. After all, that seemed to help with Firefox.

 

We could continue with more scans for malware but I am reluctant to go down that road until you have checked the technical aspects. I am not a techie so am not the best person to help with those things. Running more scans may not find anything and just delay you getting your problems solved if they are not malware related.

 

Having said all that, if you really think your machine has picked up something new then tell me and we can have another look.
 

Should I turn off Security Essentials real time protection during the cleanup?


No, that isn't necessary.


  • 0

#65
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

I performed the cleanup.

 

I can't say for sure if I have an infection. I'll post something in the tech section. Can you leave this topic open until I'm done with the tech folks?


  • 0

#66
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

 

Can you leave this topic open until I'm done with the tech folks?

 

Certainly. :thumbsup:


  • 0

#67
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Thanks very much.


  • 0

#68
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

I have a friend who is a Windows techie as his profession. I spoke to him about the issues I'm having, and we tried a couple things - I am unable to do a system restore - they failed. I asked him whether I should go down the tech route or the infection route, and he thinks I should "make sure the PC is as clean as possible before going down the tech route, because we could just be spinning our wheels." So, if you would please, let's do scans again.

 

And I now have a new problem - I am unable to open the geeks Reply window in Firefox. I did so yesterday. Fortunately, I am able to do this in IE. If this should fail too, is there any other way we can communicate?

 

Thanks.


  • 0

#69
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

My PC also seems slower at times. Yesterday I tried to open a couple PNG files, and it just kept spinning. The problem went away.


  • 0

#70
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

OTL logfile created on: 9/9/2014 11:00:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\WAYNE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 54.49% Memory free
8.00 Gb Paging File | 5.95 Gb Available in Paging File | 74.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.63 Gb Total Space | 263.06 Gb Free Space | 45.07% Space Free | Partition Type: NTFS
Drive D: | 12.44 Gb Total Space | 1.53 Gb Free Space | 12.34% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 0.01 Gb Free Space | 0.00% Space Free | Partition Type: NTFS
 
Computer Name: WAYNE-HP | User Name: WAYNE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/09/09 11:00:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WAYNE\Desktop\OTL.exe
PRC - [2014/08/29 06:07:00 | 025,698,968 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
PRC - [2014/08/26 04:13:52 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014/06/27 14:27:12 | 001,056,976 | R--- | M] (Carbonite, Inc.) -- C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
PRC - [2014/06/17 17:56:02 | 000,242,216 | ---- | M] (Foxit Corporation) -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
PRC - [2014/06/05 04:19:38 | 000,093,040 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2014/06/05 04:19:36 | 000,248,176 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
PRC - [2014/05/21 09:32:02 | 001,721,416 | ---- | M] (Verizon) -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\VzDetectAgent.exe
PRC - [2014/01/14 15:46:38 | 003,140,608 | ---- | M] () -- C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
PRC - [2013/11/04 08:42:10 | 001,228,504 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psia.exe
PRC - [2013/11/04 08:42:08 | 000,660,184 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\sua.exe
PRC - [2013/11/04 08:42:08 | 000,565,464 | ---- | M] (Secunia) -- C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
PRC - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
PRC - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2012/09/06 21:11:30 | 001,327,104 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
PRC - [2012/09/06 21:06:14 | 000,393,216 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
PRC - [2012/06/06 15:31:56 | 003,076,096 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
PRC - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe
PRC - [2011/10/24 01:57:20 | 000,393,216 | ---- | M] (AMD) -- C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
PRC - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2010/09/23 16:46:16 | 003,154,432 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe
PRC - [2010/09/23 16:46:14 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) -- C:\Program Files (x86)\Cobian Backup 10\cbService.exe
PRC - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
PRC - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe
PRC - [2010/03/09 00:42:02 | 000,029,984 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
PRC - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
PRC - [2010/03/05 20:11:30 | 000,636,192 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe
PRC - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
PRC - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe
PRC - [2009/09/23 17:45:50 | 001,287,176 | ---- | M] (Panda Security) -- C:\Program Files (x86)\Panda USB Vaccine\USBVaccine.exe
PRC - [2008/11/20 14:47:28 | 000,062,768 | ---- | M] (Hewlett-Packard) -- C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
PRC - [2006/08/17 10:00:00 | 001,116,920 | ---- | M] (Roxio) -- C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/08/29 06:07:33 | 008,892,576 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
MOD - [2014/08/26 04:14:14 | 003,715,184 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014/07/03 08:08:11 | 000,316,584 | ---- | M] () -- C:\Program Files\Microsoft Office 15\root\office15\appvisvstream32.dll
MOD - [2014/01/20 14:17:04 | 000,073,544 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2014/01/20 14:16:38 | 001,044,808 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2014/01/14 15:46:38 | 003,140,608 | ---- | M] () -- C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MOD - [2010/01/18 14:21:08 | 000,568,888 | ---- | M] () -- C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
MOD - [2009/02/27 16:38:20 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
MOD - [2006/08/18 14:17:36 | 000,056,056 | ---- | M] () -- C:\Windows\SysWOW64\DLAAPI_W.DLL
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/08/01 00:12:28 | 002,369,720 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014/07/25 09:00:25 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/06/27 14:15:52 | 007,641,296 | R--- | M] (Carbonite, Inc. (www.carbonite.com)) [Auto | Running] -- C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe -- (CarboniteService)
SRV:64bit: - [2014/04/17 22:29:26 | 000,344,064 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2014/03/11 12:34:10 | 000,347,872 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- c:\Program Files\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV:64bit: - [2014/03/11 12:34:10 | 000,023,808 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Program Files\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/04/26 04:50:18 | 000,237,056 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2014/09/08 16:15:45 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/08/26 04:14:08 | 000,114,288 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/06/17 17:56:02 | 000,242,216 | ---- | M] (Foxit Corporation) [Auto | Running] -- C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe -- (FoxitCloudUpdateService)
SRV - [2014/06/05 04:19:38 | 000,093,040 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2014/05/21 09:32:04 | 000,358,984 | ---- | M] (Verizon) [Auto | Running] -- C:\Program Files (x86)\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2014/03/20 18:49:18 | 000,067,224 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2013/11/04 19:31:56 | 000,092,160 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe -- (HP Support Assistant Service)
SRV - [2013/11/04 08:42:10 | 001,228,504 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\psia.exe -- (Secunia PSI Agent)
SRV - [2013/11/04 08:42:08 | 000,660,184 | ---- | M] (Secunia) [Auto | Running] -- C:\Program Files (x86)\Secunia\PSI\sua.exe -- (Secunia Update Agent)
SRV - [2013/09/11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013/06/28 18:48:04 | 000,014,624 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)
SRV - [2013/06/26 19:21:50 | 000,207,528 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2013/06/26 19:21:46 | 000,523,944 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2012/06/05 15:56:28 | 000,266,240 | ---- | M] (Brother Industries, Ltd.) [On_Demand | Running] -- C:\Program Files (x86)\Browny02\BrYNSvc.exe -- (BrYNSvc)
SRV - [2011/02/28 18:44:14 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011/02/25 10:46:22 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2010/09/23 16:46:14 | 001,125,376 | ---- | M] (Luis Cobian, CobianSoft) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbService.exe -- (CobianBackup10)
SRV - [2010/09/23 09:49:08 | 000,067,584 | ---- | M] (CobianSoft, Luis Cobian) [Auto | Running] -- C:\Program Files (x86)\Cobian Backup 10\cbVSCService.exe -- (cbVSCService)
SRV - [2010/08/23 21:21:40 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe -- (IntuitUpdateService)
SRV - [2010/06/12 22:06:08 | 000,400,368 | ---- | M] (CinemaNow, Inc.) [Auto | Running] -- C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe -- (CinemaNow Service)
SRV - [2010/03/09 00:40:36 | 000,144,672 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe -- (PDFProFiltSrvPP)
SRV - [2009/10/14 19:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Auto | Running] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/08/17 11:18:04 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/03/11 09:52:30 | 000,133,928 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2014/02/11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.3)
DRV:64bit: - [2014/02/11 17:36:52 | 000,059,616 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys -- (AODDriver4.0)
DRV:64bit: - [2013/12/19 12:45:50 | 000,094,720 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2013/11/04 08:42:02 | 000,018,456 | ---- | M] (Secunia) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\psi_mf_amd64.sys -- (PSI)
DRV:64bit: - [2013/10/01 22:22:20 | 000,056,832 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/09 12:17:40 | 000,738,176 | ---- | M] (eMPIA Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emBDA64.sys -- (USB28xxBGA)
DRV:64bit: - [2013/08/09 12:16:54 | 001,475,072 | ---- | M] (eMPIA Technology Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\emOEM64.sys -- (USB28xxOEM)
DRV:64bit: - [2013/06/26 19:21:50 | 000,023,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2013/06/26 19:21:48 | 000,028,840 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2013/06/26 19:21:46 | 000,273,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2013/06/26 19:21:44 | 000,767,144 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2013/03/31 18:32:04 | 000,082,600 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2013/03/31 18:32:04 | 000,042,664 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012/08/23 10:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/31 07:56:58 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2012/06/21 21:59:36 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:64bit: - [2012/04/26 06:47:20 | 011,172,864 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012/04/26 03:32:46 | 000,339,456 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011/04/21 18:17:04 | 000,471,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/04/05 20:39:38 | 000,082,816 | ---- | M] (VSO Software) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\pcouffin.sys -- (pcouffin)
DRV:64bit: - [2010/11/20 09:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/04/07 19:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010/03/10 11:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010/02/18 09:18:24 | 000,046,136 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdiox64.sys -- (amdiox64)
DRV:64bit: - [2010/02/06 00:04:06 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/02/06 00:04:04 | 000,070,712 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2010/01/18 17:40:26 | 000,004,608 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rcmirror.sys -- (rcmirror)
DRV:64bit: - [2009/12/22 05:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/30 11:37:16 | 000,033,800 | ---- | M] (Panda Security, S.L.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pavboot64.sys -- (pavboot)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2006/08/18 14:18:10 | 000,010,360 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLADResE.SYS -- (DLADResE)
DRV:64bit: - [2006/08/18 14:18:00 | 000,136,952 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDFAE.SYS -- (DLAUDFAE)
DRV:64bit: - [2006/08/18 14:18:00 | 000,044,152 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABMFSE.SYS -- (DLABMFSE)
DRV:64bit: - [2006/08/18 14:17:58 | 000,143,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAUDF_E.SYS -- (DLAUDF_E)
DRV:64bit: - [2006/08/18 14:17:56 | 000,033,656 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAOPIOE.SYS -- (DLAOPIOE)
DRV:64bit: - [2006/08/18 14:17:54 | 000,041,976 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLABOIOE.SYS -- (DLABOIOE)
DRV:64bit: - [2006/08/18 14:17:54 | 000,018,040 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAPoolE.SYS -- (DLAPoolE)
DRV:64bit: - [2006/08/18 14:17:52 | 000,141,432 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\DLA\DLAIFS_E.SYS -- (DLAIFS_E)
DRV:64bit: - [2006/08/11 12:06:00 | 000,063,608 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\DRVEDDM.SYS -- (DRVEDDM)
DRV:64bit: - [2006/08/11 11:35:28 | 000,015,992 | ---- | M] (Roxio) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\DLACDBHE.SYS -- (DLACDBHE)
DRV:64bit: - [2006/08/11 11:35:26 | 000,039,288 | ---- | M] (Roxio) [File_System | System | Running] -- C:\Windows\SysNative\drivers\DLARTL_E.SYS -- (DLARTL_E)
DRV:64bit: - [2006/07/24 04:00:00 | 000,052,664 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2006/07/21 12:21:28 | 000,122,776 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\DRVECDB.SYS -- (DRVECDB)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{0D11E902-D1C8-47D3-A1B4-C5BB9C28A6CA}: "URL" = http://en.wikipedia....h={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = www.briansetzer.com
IE - HKCU\..\SearchScopes,DefaultScope = {012E1000-F331-11DB-8314-0800200C9A66}
IE - HKCU\..\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}: "URL" = http://www.google.co...q={searchTerms}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:32.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandasecurity.com/activescan: C:\Program Files (x86)\Panda Security\ActiveScan 2.0\npwrapper.dll (Panda Security, S.L.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101710.dll (Amazon.com, Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}: C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ [2011/01/21 04:02:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/07/24 09:00:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/07/24 09:00:57 | 000,000,000 | ---D | M]
 
[2014/07/30 17:52:19 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Extensions
[2014/09/05 17:09:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\WAYNE\AppData\Roaming\Mozilla\Firefox\Profiles\f831e5f3.default\extensions
[2014/09/05 16:59:16 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/09/05 16:59:16 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
O1 HOSTS File: ([2014/08/12 22:34:22 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll File not found
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O2 - BHO: (PlusIEEventHelper Class) - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\PlusIEContextMenu.dll (Zeon Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe ()
O4:64bit: - HKLM..\Run: [VDownloader] C:\Program Files\VDownloader\VDownloader.exe (Vitzo)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe (Carbonite, Inc.)
O4 - HKLM..\Run: [Cobian Backup 10 Interface] C:\Program Files (x86)\Cobian Backup 10\cbInterface.exe (Luis Cobian, CobianSoft)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [IndexSearch] C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [PDF5 Registry Controller] C:\Program Files (x86)\Nuance\PDF Viewer Plus\RegistryController.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PDFHook] C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfPro5Hook.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [PPort12reminder] C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RoxioDragToDisc] C:\Program Files (x86)\Roxio\Drag-to-Disc\DrgToDsc.exe (Roxio)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [Amazon Cloud Player] C:\Users\WAYNE\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe ()
O4 - HKCU..\Run: [HydraVisionDesktopManager] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe (AMD)
O4 - HKCU..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKCU..\Run: [TomTomHOME.exe] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe (TomTom)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8:64bit: - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE (Microsoft Corporation)
O8 - Extra context menu item: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\OCHelper.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} http://acs.pandasoft...s/as2stubie.cab (ActiveScan 2.0 Installer Class)
O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F07011C9-A074-4415-A7C9-4344A2CBEBD4}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/12/23 08:31:00 | 000,000,000 | R--D | M] - F:\autorun -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/09 10:59:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\WAYNE\Desktop\OTL.exe
[2014/09/08 16:15:16 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Local\Adobe
[2014/09/05 16:59:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2014/09/05 07:15:33 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Roaming\25419
[2014/09/04 19:33:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2014/09/04 19:33:30 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2014/09/03 20:54:28 | 002,347,384 | ---- | C] (ESET) -- C:\Users\WAYNE\Desktop\esetsmartinstaller_enu.exe
[2014/08/20 14:12:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/08/20 14:12:17 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2014/08/20 14:12:16 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2014/08/20 14:12:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2014/08/20 14:12:16 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/08/19 17:18:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9 US
[2014/08/19 17:18:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab 9 US
[2014/08/17 11:19:24 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Roaming\AVAST Software
[2014/08/17 11:06:35 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2014/08/14 12:02:26 | 000,000,000 | ---D | C] -- C:\Users\WAYNE\AppData\Local\HuluDesktop
[2014/08/14 08:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foolish IT
[2014/08/14 08:17:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Foolish IT
[2014/08/14 08:17:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Foolish IT
[2014/08/12 22:34:27 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN
[2014/08/12 22:00:04 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2011/04/05 20:39:38 | 000,082,816 | ---- | C] (VSO Software) -- C:\Users\WAYNE\AppData\Roaming\pcouffin.sys
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\WAYNE\Documents\*.tmp files -> C:\Users\WAYNE\Documents\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/09 11:00:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\WAYNE\Desktop\OTL.exe
[2014/09/09 10:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/09/09 09:56:45 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/09 09:56:45 | 000,018,736 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/09 09:48:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/09/09 09:48:37 | 3220,660,224 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/09 06:22:26 | 000,018,756 | ---- | M] () -- C:\Users\WAYNE\Desktop\Capture.PNG
[2014/09/08 23:05:38 | 000,113,066 | ---- | M] () -- C:\Users\WAYNE\Documents\Things to do.rtf
[2014/09/08 20:05:00 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/08 17:21:11 | 000,051,559 | ---- | M] () -- C:\Users\WAYNE\Documents\Assisted living.rtf
[2014/09/08 10:50:54 | 000,783,424 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/09/08 10:50:54 | 000,662,836 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/09/08 10:50:54 | 000,122,446 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/09/06 10:17:17 | 000,000,332 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForWAYNE.job
[2014/09/05 16:59:20 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/09/05 16:52:36 | 035,293,064 | ---- | M] () -- C:\Users\WAYNE\Desktop\Firefox Setup 32.0.exe
[2014/09/05 16:51:42 | 000,626,476 | ---- | M] () -- C:\Users\WAYNE\Desktop\bookmarks.html
[2014/09/04 19:34:19 | 000,001,945 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/09/04 19:26:24 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\config.nt
[2014/09/03 20:55:52 | 002,347,384 | ---- | M] (ESET) -- C:\Users\WAYNE\Desktop\esetsmartinstaller_enu.exe
[2014/08/28 03:00:20 | 000,446,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/08/20 14:12:58 | 000,001,745 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/19 17:18:30 | 000,001,090 | ---- | M] () -- C:\Users\Public\Desktop\DVDFab 9 US.lnk
[2014/08/17 11:18:04 | 000,029,208 | ---- | M] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/08/14 08:17:32 | 000,053,248 | ---- | M] () -- C:\Windows\SysWow64\zlib.dll
[2014/08/12 22:34:22 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Users\WAYNE\Documents\*.tmp files -> C:\Users\WAYNE\Documents\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/09 06:22:26 | 000,018,756 | ---- | C] () -- C:\Users\WAYNE\Desktop\Capture.PNG
[2014/09/05 16:59:20 | 000,001,125 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014/09/05 16:59:20 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014/09/05 16:52:29 | 035,293,064 | ---- | C] () -- C:\Users\WAYNE\Desktop\Firefox Setup 32.0.exe
[2014/09/05 16:51:41 | 000,626,476 | ---- | C] () -- C:\Users\WAYNE\Desktop\bookmarks.html
[2014/09/04 19:33:48 | 000,002,079 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2014/08/20 14:12:58 | 000,001,745 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/08/19 17:18:30 | 000,001,090 | ---- | C] () -- C:\Users\Public\Desktop\DVDFab 9 US.lnk
[2014/08/17 11:18:13 | 000,029,208 | ---- | C] () -- C:\Windows\SysNative\drivers\aswHwid.sys
[2014/08/14 08:17:32 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\zlib.dll
[2014/07/31 15:10:15 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe
[2014/05/03 03:18:37 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2014/04/17 22:28:30 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2014/04/17 22:22:56 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2014/04/17 22:22:56 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2014/04/17 21:25:52 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2014/04/17 21:25:50 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2014/01/02 20:32:23 | 000,444,283 | ---- | C] () -- C:\Program Files\Common Files\WinPcapNmap.exe
[2013/06/25 06:56:59 | 000,000,064 | ---- | C] () -- C:\Windows\brpcfx.ini
[2013/06/25 06:56:58 | 000,000,245 | ---- | C] () -- C:\Windows\Brpfx04a.ini
[2013/06/25 06:29:27 | 000,000,066 | ---- | C] () -- C:\Windows\Brfaxrx.ini
[2013/06/25 06:29:24 | 000,000,000 | ---- | C] () -- C:\Windows\brdfxspd.dat
[2013/06/25 06:29:17 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\BRTCPCON.DLL
[2013/06/25 06:29:15 | 000,000,114 | ---- | C] () -- C:\Windows\SysWow64\BRLMW03A.INI
[2013/05/20 13:42:13 | 000,003,729 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml
[2013/02/12 16:47:32 | 000,000,775 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2011/04/05 20:39:38 | 000,099,384 | ---- | C] () -- C:\Users\WAYNE\AppData\Roaming\inst.exe
[2011/04/05 20:39:38 | 000,007,859 | ---- | C] () -- C:\Users\WAYNE\AppData\Roaming\pcouffin.cat
[2011/04/05 20:39:38 | 000,001,167 | ---- | C] () -- C:\Users\WAYNE\AppData\Roaming\pcouffin.inf
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/06/24 22:05:42 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/06/24 21:41:30 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 08:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/09/05 07:15:33 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\25419
[2012/08/26 17:30:26 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Amazon
[2014/01/10 22:03:41 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\AnvSoft
[2013/04/20 00:11:54 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Audacity
[2014/09/04 19:26:52 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\AVAST Software
[2013/09/07 15:12:32 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\ControlCenter4
[2011/12/25 14:20:01 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\DVDFab
[2014/08/19 17:18:40 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\DVDFab9
[2013/11/14 19:21:51 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Foxit Scanner Images
[2014/03/04 09:15:52 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Foxit Software
[2014/07/18 18:16:48 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\library_dir
[2013/07/16 07:50:11 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Nuance
[2014/05/07 19:40:16 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Oracle
[2011/01/19 22:44:38 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\PictureMover
[2011/06/26 21:38:14 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\REAPER
[2011/02/12 10:24:19 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Roni Music
[2014/08/17 18:26:42 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\SoftGrid Client
[2011/03/10 17:21:05 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TeamViewer
[2012/04/23 14:45:41 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TechWizard
[2012/05/31 14:38:38 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TomTom
[2011/02/27 11:58:21 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TP
[2012/11/12 19:42:12 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\TuneUp Software
[2013/05/06 20:37:01 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\uTorrent
[2014/01/02 20:32:59 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\VDownloader
[2011/01/20 11:41:08 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\WinBatch
[2011/11/06 20:43:48 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Windows Live Writer
[2013/07/16 07:50:19 | 000,000,000 | ---D | M] -- C:\Users\WAYNE\AppData\Roaming\Zeon
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34

< End of report >

 


  • 0

Advertisements


#71
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

OTL Extras logfile created on: 9/9/2014 11:00:31 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\WAYNE\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
4.00 Gb Total Physical Memory | 2.18 Gb Available Physical Memory | 54.49% Memory free
8.00 Gb Paging File | 5.95 Gb Available in Paging File | 74.37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 583.63 Gb Total Space | 263.06 Gb Free Space | 45.07% Space Free | Partition Type: NTFS
Drive D: | 12.44 Gb Total Space | 1.53 Gb Free Space | 12.34% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 0.01 Gb Free Space | 0.00% Space Free | Partition Type: NTFS
 
Computer Name: WAYNE-HP | User Name: WAYNE | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = CryptoPreventCPL] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" %*
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
.pif [@ = CryptoPreventPIF] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" *"%1" %*
.scr [@ = CryptoPreventSCR] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = CryptoPreventCPL] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" %*
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.pif [@ = CryptoPreventPIF] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" *"%1" %*
.scr [@ = CryptoPreventSCR] -- "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DefaultOutboundAction" = 0
"DefaultInboundAction" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000B10B1-9481-4704-B8FA-846D51A186D2}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{012F47C2-F17C-4748-BDA2-7FC99C66FA9D}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |
"{203F77E6-7637-43E0-BE3A-7C7C067F64B5}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{3A00BBDD-B091-47C3-9B3D-452D7780CA41}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdateservice.exe |
"{7F10951C-ED22-4BAE-BFF3-25A1C2831814}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{99442E60-8621-44BF-AB8A-99180F2CD608}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |
"{B154E613-8AC0-42AF-9480-1A961B18FA84}" = lport=50000 | protocol=17 | dir=in | name=iha_messagecenter |
"{B95746BA-C1C5-492D-9141-F044C5725C44}" = lport=2869 | protocol=6 | dir=in | app=system |
"{BBDC9B63-4BA7-44C9-9BF4-2883A39BD742}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service\intuitupdater.exe |
"{BF8B1AD8-AE80-44AC-BD16-C2A136A43A17}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{C9BB52A0-2E4D-4134-8931-26B923BE82AE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{15AD9551-76A1-40F2-BEF4-80F1A5398027}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{160F4AE6-6B5A-4D91-97C4-3BD5C9E270D0}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartvideo.exe |
"{336FE86C-EB9A-4D72-83BF-246E3FF370AB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartphoto.exe |
"{361CF253-8990-40FD-84D0-691FAEA611ED}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{39D400B6-66E0-4C5D-ADBB-2278982F4448}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5085FF83-B086-4D38-8952-663F4DB8E1A4}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{67F7F85E-CC62-4C95-8D74-1D1AA6C9051E}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\photo\hpmediasmartphoto.exe |
"{6BB97294-8CC8-48E7-84D6-A6E930E9B231}" = protocol=17 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{6D360B3C-04FA-47D0-A750-59718E04C8D7}" = protocol=6 | dir=in | app=c:\program files (x86)\carbonite\carbonite backup\carboniteui.exe |
"{6DB600EC-3D74-483C-84C8-89463E5AFEC4}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{6E90E80A-4546-4EB9-B036-C21867CEB2F8}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{70C98E91-C8AE-4A1B-A022-CA72FCEAE28E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{72BD1BDC-DA9E-4157-BD2D-8608190FD0C6}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{73308006-0A55-4313-B1A9-39094A5DC029}" = protocol=6 | dir=in | app=c:\program files\carbonite\carbonite backup\carboniteservice.exe |
"{77830A32-BAC9-4339-8335-778B2BEC9AB1}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hpdvdsmart.exe |
"{77DC15B9-AB02-4A94-9549-95F54946859A}" = protocol=17 | dir=in | app=c:\program files\carbonite\carbonite backup\carboniteservice.exe |
"{7C4F56A3-4AA8-475F-BD46-E05B2FD0CAE2}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{7FCB2DEC-6E0D-4B3D-A3DD-9B42D3518917}" = dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\video\hpmediasmartvideo.exe |
"{932F6635-A91D-450B-896E-B6B0A72CBC2A}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{98440DB8-2495-4977-B40D-EE5E4B6FAD9C}" = protocol=6 | dir=in | app=c:\program files (x86)\cinemanow\cinemanow media manager\cinemanowshell.exe |
"{9B43DF44-111E-4CA7-B5E8-DE18AF89D260}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{9D74DCAC-7F67-4BB9-ACC1-DE04A6329CE3}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\hptouchsmartmusic.exe |
"{A517AA8E-4B35-4523-B796-8B721E6354C3}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{B01C7204-5A4C-4C9C-8465-682631F1000F}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{B465159D-8B1B-4C20-B93C-5B27F404382C}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\ucmapi.exe |
"{B4D1838B-2069-4B8A-B055-16C85AB52F9C}" = protocol=6 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{C2602CD6-DF88-40F2-8F6E-8B3E909DF17D}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\tsmagent.exe |
"{CA2BB193-E35A-4509-AD89-725D6C55A83E}" = protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\lync.exe |
"{CB294ACD-D0CF-4C64-9517-EAA1E8C82191}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{CED4F520-5A14-4887-BB4D-917470433B6A}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{D1574A07-9E09-4944-8DE0-DB54A01545CF}" = protocol=17 | dir=in | app=c:\program files (x86)\carbonite\carbonite backup\carboniteui.exe |
"{D63FE239-F915-4AA9-B2F2-0F8DD3039D76}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpwarrantychecker.exe |
"{E4C10304-B167-49A7-B8F9-EF0AEB8348AB}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\mediasmart\cinemanow\cinemanow.exe |
"{F400B9B3-2F3E-4462-B5EC-FB44A14053BA}" = dir=in | app=c:\program files (x86)\hewlett-packard\touchsmart\music\hptouchsmartmusic.exe |
"{F4E7C279-EA5A-4BCD-A4BF-E3005F905BBB}" = dir=in | app=c:\program files (x86)\hewlett-packard\media\dvd\kernel\clml\clmlsvc.exe |
"{FF7C857E-DE2E-40EC-A935-11E740192B54}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"TCP Query User{B34A4DF5-D5A0-43E5-8B96-19DCFEF80EB4}F:\techwizard.exe" = protocol=6 | dir=in | app=f:\techwizard.exe |
"UDP Query User{5FFCB1B7-05EA-4140-8D76-CBE5B4AAD1BF}F:\techwizard.exe" = protocol=17 | dir=in | app=f:\techwizard.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0A2E1907-D0DE-0D01-CA64-CB0AB0BFE539}" = AMD Wireless Display v3.0
"{149FBD36-6E9E-2035-42B0-59D91714138D}" = AMD Fuel
"{1664D45E-FA92-8C52-92E9-E8ADB04A18ED}" = AMD Drag and Drop Transcoding
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}" = Roxio Drag-to-Disc
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5B08AF35-B699-4A44-BB89-3E51E70611E8}" = HP MediaSmart SmartMenu
"{5F146AD2-9F9B-5284-CD9D-40C881E3ACEC}" = ATI Problem Report Wizard
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6119B3A6-3603-9695-0398-CDF2AF0A13F8}" = AMD Catalyst Install Manager
"{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}" = Apple Mobile Device Support
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}" = PaperPort Image Printer 64-bit
"{77DE5105-D05E-448C-96CB-7FA381903753}" = iTunes
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-006D-0409-1000-0000000FF1CE}" = Microsoft Office Click-to-Run 2010
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{A7E19604-93AF-4611-8C9F-CE509C2B286E}_is1" = VDownloader 3.9.1662
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ABD878B8-E7E3-2BC4-5A95-478133DCFFC3}" = AMD Accelerated Video Transcoding
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64
"{BFAE8D5B-F918-486F-B74E-90762DF11C5C}" = Microsoft Security Client
"{D3485211-6ACA-8BC3-1AAB-29FC5552C454}" = ccc-utility64
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"Microsoft Security Client" = Microsoft Security Essentials
"ProPlusRetail - en-us" = Microsoft Office Professional Plus 2013 - en-us
"REAPER" = REAPER (x64)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{031F80EB-1FE5-45EF-9DE2-E2F5AF01259F}" = CCC Help Spanish
"{0394CDC8-FABD-4ed8-B104-03393876DFDF}" = Roxio Creator Tools
"{05BDC796-3451-4F81-B91D-E98F7ADA76C2}" = TurboTax 2010 WinPerTaxSupport
"{068724F8-D8BE-4B43-8DDD-B9FE9E49FD76}" = Scansoft PDF Professional
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0A7DD94B-B746-4FB0-8688-8598C22793A0}" = TurboTax 2013 WinPerFedFormset
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B15A8C3-3B8A-F229-A880-82EA62908425}" = CCC Help Dutch
"{0D397393-9B50-4c52-84D5-77E344289F87}" = Roxio Creator Data
"{111EE7DF-FC45-40C7-98A7-753AC46B12FB}" = QuickTime 7
"{113AC946-0CEB-49C7-828A-230FF9EB1DBB}" = TurboTax 2010 wmdiper
"{120262A6-7A4B-4889-AE85-F5E5688D3683}" = Roxio CinemaNow 2.0
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A6752E1-966B-9D1F-F6B7-DDBCA6FC87ED}" = CCC Help Russian
"{1CAC7A41-583B-4483-9FA5-3E5465AFF8C2}" = Microsoft Default Manager
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Premium
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2058DA53-D5F2-D8D9-7325-39B0E367D1E1}" = CCC Help Swedish
"{2090B6D0-E025-5A67-9838-8F1D5768E643}" = CCC Help Chinese Standard
"{25A3B953-1423-3F15-640E-B620DD0F419A}" = Catalyst Control Center - Branding
"{264FE20A-757B-492a-B0C3-4009E2997D8A}" = PictureMover
"{2758691A-2CDE-4942-A4AC-0E8F61FE2067}" = USB2.0 VIDBOX NW03
"{28656860-4728-433C-8AD4-D1A930437BC8}" = Nuance PDF Viewer Plus
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2A4EEB5C-3BA6-4299-A87F-783861B567D9}" = TurboTax 2013 WinPerReleaseEngine
"{2AD4FF67-43E9-77AD-D90C-584F950E2D12}" = CCC Help French
"{2CE4119A-FF7F-3EE6-42A4-EB53C6057FFE}" = Zinio Reader 4
"{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{358C44FD-6943-4CDD-B947-7F7C4ADC8A8F}" = TurboTax 2013 WinPerTaxSupport
"{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}" = Sonic Activation Module
"{375DBB30-93A7-11DF-6DF1-00CE5F8B1649}" = LP Recorder
"{3782EC09-4000-475E-8A59-9CABD6F03B4C}" = TurboTax 2010 WinPerFedFormset
"{3A577334-7C90-55BC-1878-F5862FA268B2}" = CCC Help Korean
"{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}" = Brother MFL-Pro Suite MFC-7360N
"{3BF289E3-933B-F421-3B59-F6BB0D285B09}" = CCC Help Hungarian
"{3CB6BA0C-6BC5-E543-221A-AA4DEBB6F4B5}" = CCC Help Polish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}" = HP Advisor
"{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1" = Foxit Cloud
"{430E2D32-6EA9-E6E4-80A1-84047694A45B}" = CCC Help Czech
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{44FF002B-5AB3-4447-8F98-614387B63EE6}" = honestech VHS to DVD 5.0 Deluxe
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A6A8D33-09CD-FD44-4BF0-999E8A6E93C8}" = CCC Help Italian
"{4F2FCCCF-29F3-44B9-886F-6D16F8417522}" = TurboTax 2010 wrapper
"{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}" = IHA_MessageCenter
"{55A41219-9B22-4098-BAE7-AE289B3C569A}_is1" = Panda USB Vaccine 1.0.1.4
"{57642511-A663-44B7-9EEE-5BCEC1A44A8A}" = TurboTax 2013 wmdiper
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C5B24E7-4694-4049-A222-CCE7D3FAC63F}_is1" = CryptoPrevent
"{606EB5EB-AADF-4E21-B715-1CAD291181D6}" = TurboTax 2013 wrapper
"{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}" = Roxio Creator Copy
"{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}" = Bing Rewards Client Installer
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6C0A559F-8583-4B5A-8B50-20BEE15D8E64}" = Nuance PaperPort 12
"{6C122441-1861-4CD7-B1C5-A163A6984E12}" = CinemaNow Media Manager
"{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"{6EBDE2A2-0CFB-9134-A859-68A0002B3FA6}" = CCC Help Thai
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.2.3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72D90DB3-A16A-4545-B555-868471101833}" = HP Setup
"{769E98DC-2BB0-83A7-51C9-306F30232345}" = Catalyst Control Center Graphics Previews Common
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F8A71E-3515-4832-B8B2-2F1EDBD2E0F1}" = Bing Bar
"{78002155-F025-4070-85B3-7C0453561701}" = Apple Application Support
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}" = TomTom HOME
"{8181B50E-0E33-DE07-AAB2-E71BBBDBF288}" = CCC Help Portuguese
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{83FB054C-7DA5-1C76-BFB2-423426DC35BB}" = AMD Catalyst Control Center
"{83FFCFC7-88C6-41c6-8752-958A45325C82}" = Roxio Creator Audio
"{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}" = Windows Live Sync
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset
"{8A640069-9784-701E-AC8E-84F62C42D1A3}" = CCC Help English
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{9008D736-35CA-40DB-A2BE-5F32D954E5AA}" = HP MediaSmart CinemaNow 2.0
"{90140011-0066-0409-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - English
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0409-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{912CED74-88D3-4C5B-ACB0-13231864975D}" = PressReader
"{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"{91F7C67B-C1A2-F1DB-C286-7F56A07C6B49}" = HydraVision
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93098E43-2743-1551-447F-2699E9591E9C}" = CCC Help Danish
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A3703A3B-FDCF-4349-4B2E-A189A2B90B51}" = CCC Help Chinese Traditional
"{A525E00B-6609-442E-9DCD-64453C233E8D}" = TurboTax 2010 WinPerReleaseEngine
"{A619A488-A4BA-F2A0-72FA-4C484B93DC0F}" = CCC Help Greek
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{ABBE458D-C10D-4B36-8C95-92DE9D196B1B}" = TurboTax 2012 wmdiper
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B92C2C6C-F70E-497B-88A7-1FEF9888272B}" = Adobe AIR
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{BDDA1E1E-204E-4368-B0C2-737F16B76307}" = HP MediaSmart/TouchSmart Netflix
"{C4799AAA-CE52-D2F1-63C8-E6D5106C78E0}" = CCC Help Norwegian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C6182116-5F2D-9949-B42B-06073E86A98A}" = CCC Help German
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}" = Roxio Creator DE
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"{CC6C7F05-AF23-65BD-702D-705EAB723578}" = CCC Help Japanese
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5B7F1A3-2CA6-4C5C-EFB6-4AA5772F5310}" = CCC Help Turkish
"{DB51721D-9716-429C-B311-DCEC0ECA49D0}" = honestech VHS to DVD 5.0 Deluxe
"{DBA6B3EF-A8C0-4EB2-9554-3A7879838580}" = Catalyst Control Center Localization All
"{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}" = HP Support Assistant
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper
"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4A6308C-55E6-57DF-95BB-AEEF374B469A}" = CCC Help Finnish
"{F543B0F9-D1F9-25D1-993C-8430BEC9D889}" = Catalyst Control Center InstallProxy
"{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"ActiveScan 2.0" = Panda ActiveScan 2.0
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 14 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 14 Plugin
"Amazing Slow Downer" = Amazing Slow Downer (remove only)
"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17
"Any Video Converter Ultimate_is1" = Any Video Converter Ultimate 5.5.3
"Any Video Converter_is1" = Any Video Converter 5.0.5
"Audacity_is1" = Audacity 2.0
"Carbonite Backup" = Carbonite
"CD Wave_is1" = CD Wave Editor version 1.72
"CobBackup10" = Cobian Backup 10
"DVDFab 6_is1" = DVDFab 6.2.1.8 (31/12/2009)
"DVDFab 8 Qt_is1" = DVDFab 8.2.2.7 (06/02/2013) Qt
"DVDFab 8_is1" = DVDFab 8.0.8.5 (19/03/2011)
"DVDFab 9 US_is1" = DVDFab 9.1.6.3 (18/08/2014)
"DVDFab 9_is1" = DVDFab 9.1.3.6 (20/03/2014)
"FileHippo.com" = FileHippo.com Update Checker
"Foxit Reader_is1" = Foxit Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = CyberLink DVD Suite Premium
"InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}" = Movie Theme Pack for HP MediaSmart Video
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}" = HP MediaSmart Photo
"InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}" = HP MediaSmart Music
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = PowerDirector
"InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}" = HP MediaSmart Video
"InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}" = PhotoNow!
"InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}" = HP MediaSmart DVD
"InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}" = DVD Menu Pack for HP MediaSmart Video
"Kobo" = Kobo
"LP Ripper" = LP Ripper
"Malwarebytes Anti-Malware_is1" = Malwarebytes Anti-Malware version 2.0.2.1012
"Mozilla Firefox 32.0 (x86 en-US)" = Mozilla Firefox 32.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Click-to-Run 2010
"PDF Complete" = PDF Complete Special Edition
"Secunia PSI" = Secunia PSI (3.0.0.9015)
"TurboTax 2010" = TurboTax 2010
"TurboTax 2012" = TurboTax 2012
"TurboTax 2013" = TurboTax 2013
"VLC media player" = VLC media player 2.1.3
"VMidi" = vanBasco's Karaoke Player
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Amazon Amazon Cloud Player" = Amazon Cloud Player
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 9/9/2014 9:34:14 AM | Computer Name = WAYNE-HP | Source = MsiInstaller | ID = 11706
Description =
 
Error - 9/9/2014 9:51:15 AM | Computer Name = WAYNE-HP | Source = MsiInstaller | ID = 11706
Description =
 
Error - 9/9/2014 9:51:20 AM | Computer Name = WAYNE-HP | Source = MsiInstaller | ID = 11706
Description =
 
Error - 9/9/2014 9:56:03 AM | Computer Name = WAYNE-HP | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version:
 14.0.0.179, time stamp: 0x53dc28d1  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x5c3392cd  Faulting
 process id: 0x65c  Faulting application start time: 0x01cfcc35caec241e  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe  Faulting
 module path: unknown  Report Id: 092cf033-3829-11e4-9126-643150276611
 
Error - 9/9/2014 10:20:52 AM | Computer Name = WAYNE-HP | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version:
 14.0.0.179, time stamp: 0x53dc28d1  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x5cd992cd  Faulting
 process id: 0x15bc  Faulting application start time: 0x01cfcc394171264f  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe  Faulting
 module path: unknown  Report Id: 80c7c780-382c-11e4-9126-643150276611
 
Error - 9/9/2014 10:56:27 AM | Computer Name = WAYNE-HP | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version:
 14.0.0.179, time stamp: 0x53dc28d1  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x5cd992cd  Faulting
 process id: 0x9a4  Faulting application start time: 0x01cfcc3e3a55f50d  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe  Faulting
 module path: unknown  Report Id: 7922d0df-3831-11e4-9126-643150276611
 
Error - 9/9/2014 10:56:51 AM | Computer Name = WAYNE-HP | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version:
 14.0.0.179, time stamp: 0x53dc28d1  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x5cd992cd  Faulting
 process id: 0x1420  Faulting application start time: 0x01cfcc3e49b0ffac  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe  Faulting
 module path: unknown  Report Id: 876ae0d7-3831-11e4-9126-643150276611
 
Error - 9/9/2014 10:56:58 AM | Computer Name = WAYNE-HP | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version:
 14.0.0.179, time stamp: 0x53dc28d1  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x5cd992cd  Faulting
 process id: 0x16a0  Faulting application start time: 0x01cfcc3e4dec6f4a  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe  Faulting
 module path: unknown  Report Id: 8ba5db43-3831-11e4-9126-643150276611
 
Error - 9/9/2014 10:58:34 AM | Computer Name = WAYNE-HP | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version:
 14.0.0.179, time stamp: 0x53dc28d1  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x5cd992cd  Faulting
 process id: 0x17b0  Faulting application start time: 0x01cfcc3e87350ede  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe  Faulting
 module path: unknown  Report Id: c4f24360-3831-11e4-9126-643150276611
 
Error - 9/9/2014 10:58:51 AM | Computer Name = WAYNE-HP | Source = Application Error | ID = 1000
Description = Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version:
 14.0.0.179, time stamp: 0x53dc28d1  Faulting module name: unknown, version: 0.0.0.0,
 time stamp: 0x00000000  Exception code: 0xc0000005  Fault offset: 0x5cd992cd  Faulting
 process id: 0x1170  Faulting application start time: 0x01cfcc3e915c6d87  Faulting application
 path: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe  Faulting
 module path: unknown  Report Id: cf1740a8-3831-11e4-9126-643150276611
 
[ Hewlett-Packard Events ]
Error - 3/25/2012 8:11:38 AM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 4000
Description =
 
Error - 4/20/2012 7:24:05 AM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 4000
Description =
 
Error - 4/20/2012 9:10:39 AM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 4000
Description =
 
Error - 4/20/2012 10:21:33 AM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 4000
Description =
 
Error - 5/11/2012 6:17:31 PM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 4095  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 5/11/2012 6:17:32 PM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 4095  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 5/18/2012 5:07:27 PM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 4095  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 5/18/2012 5:07:28 PM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2147467262HPSF.exe   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Message: Unable to cast object
 of type 'System.DBNull' to type 'System.String'.  StackTrace:   at HP.SupportAssistant.Common.CustomerExperience.HPSFReporting.SaveSessionInfo(DataRow
 dr, Boolean bOnlyDetected, HPSASession SFSession)  Source: HP.SupportAssistant.Common

Name:
 HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP Support
 Framework\HPSF.exe  Format: en-US  RAM: 4095  Ram Utilization: 30  TargetSite: Void SaveSessionInfo(System.Data.DataRow,
 Boolean, HP.SupportAssistant.Common.CustomerExperience.HPSASession)  
 
Error - 5/20/2012 7:15:03 AM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 4000
Description =
 
Error - 5/20/2012 7:32:34 AM | Computer Name = WAYNE-HP | Source = HPSF.exe | ID = 4000
Description = HP Error ID: -2147467261HPSF.exe   at HP.SupportAssistant.UI.Pages.Maintain.TuneUpProgress.bgScan_RunWorkerCompleted(Object
 sender, RunWorkerCompletedEventArgs e)     at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerCompletedEventArgs
 e)     at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)

   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
 Object args, Boolean isSingleParameter)     at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
 source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Message:
 Object reference not set to an instance of an object.  StackTrace:   at HP.SupportAssistant.UI.Pages.Maintain.TuneUpProgress.bgScan_RunWorkerCompleted(Object
 sender, RunWorkerCompletedEventArgs e)     at System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(RunWorkerCompletedEventArgs
 e)     at System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(Object arg)

   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(Delegate callback,
 Object args, Boolean isSingleParameter)     at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(Object
 source, Delegate callback, Object args, Boolean isSingleParameter, Delegate catchHandler)
Source:
 HPSF    Name: HPSF.exe  Version: 06.00.01.01  Path: C:\Program Files (x86)\Hewlett-Packard\HP
 Support Framework\HPSF.exe  Format: en-US  RAM: 4095  Ram Utilization: 30  TargetSite:
Void bgScan_RunWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)

 
[ System Events ]
Error - 9/8/2014 9:53:59 PM | Computer Name = WAYNE-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 9/8/2014 10:19:13 PM | Computer Name = WAYNE-HP | Source = Application Popup | ID = 876
Description = Driver DLACDBHE.SYS has been blocked from loading.
 
Error - 9/8/2014 10:38:45 PM | Computer Name = WAYNE-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error - 9/9/2014 6:18:08 AM | Computer Name = WAYNE-HP | Source = Application Popup | ID = 876
Description = Driver DLACDBHE.SYS has been blocked from loading.
 
Error - 9/9/2014 9:33:27 AM | Computer Name = WAYNE-HP | Source = Application Popup | ID = 876
Description = Driver DLACDBHE.SYS has been blocked from loading.
 
Error - 9/9/2014 9:48:29 AM | Computer Name = WAYNE-HP | Source = Application Popup | ID = 876
Description = Driver DLACDBHE.SYS has been blocked from loading.
 
Error - 9/9/2014 10:00:51 AM | Computer Name = WAYNE-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error - 9/9/2014 10:00:51 AM | Computer Name = WAYNE-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error - 9/9/2014 10:00:52 AM | Computer Name = WAYNE-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
 
Error - 9/9/2014 10:00:52 AM | Computer Name = WAYNE-HP | Source = Disk | ID = 262155
Description = The driver detected a controller error on \Device\Harddisk2\DR2.
 
 
< End of report >
 


  • 0

#72
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Hello wayneman50,

There are some errors showing in your log. These are technical issues which I am not best suited to finding solutions for. Seeing your tech guy didn't seem to address them I will tell you what I think I see and do my best to find a solution but I say again I am not a techie, I may not get it right and anything you do as a result is at your risk.

Firstly I see an error which seems to relate to a usb stick see here. Maybe something there will help you.

Secondly - Driver DLACDBHM.sys has be blocked from loading. This appears to be a conflict thing, see here.

Thirdly - there are a number of errors related to HP support assistant. Your best option I think would be to talk to HP Support about possible solutions.

Fourthly - as we know you have been having problems with Adobe Flash. This is not uncommon and I have already told you as much as I know. Again a qualified techie would the best to ask.

On the malware side I have another suggestion though. Over 100 million Adobe users e-mail and other information was hacked a while back. Users were asked to change their passwords following the hack and you can go to the link below to check your e-mail to see whether you were one of the 150 million.

https://lastpass.com/adobe/

If you are on the list, all passwords should be changed including those used for banking, email, eBay, paypal and online forums.

Now

Please run OTL.exe
 

  • Under the Custom Scans/Fixes box at the bottom, copy and paste the content of the quote box below:

    :OTL
    [4 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
    [1 C:\Users\WAYNE\Documents\*.tmp files -> C:\Users\WAYNE\Documents\*.tmp -> ]
    [2011/04/05 20:39:38 | 000,099,384 | ---- | C] () -- C:\Users\WAYNE\AppData\Roaming\inst.exe

    :Files
    ipconfig /flushdns /c

    :Commands
    [resethosts]
    [emptytemp]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • It will produce a log for you on reboot, please post that log in your next reply.The log is saved in the same location as OTL.

After that

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it.

aswMBR1.pngClick the "Scan" button to start scan

aswMBR2.png

On completion of the scan click save log, save it to your desktop and post in your next reply

When you return please post


  • OTL.txt
  • asswMBR log

 


  • 0

#73
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

Ok, I've been trying to control things too much here. I hear you - you are not a techie; but you are in a better position to advise me than my friend (who is trying to help over the phone and isn't seeing anything on my PC) or me (who doesn't know enough). I appreciate your efforts to help me, and it sounds like I'd be better off going to the geeks' tech forum. Having said that, do you still want me to run those scans?

 

Fortunately, my email is not on the list of Adobe victims. What do the following do? They're for the internet, right? What if I uninstall them?

Flash Player 14 AIR

Flash Player 14 Active X

Flash Player 14 Plugin


  • 0

#74
wayneman50

wayneman50

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 430 posts

What I mean is I don't want to run those scans if that's also "at my risk".


  • 0

#75
emeraldnzl

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 19,991 posts

Those scans shouldn't cause you a problem it's really the tech stuff that I can't be sure of.

 

As far as aswMBR is concerned I don't think it's necessary unless something has come since we last scanned... up to you really.

 

I would do the OTL fix. It will clear up some bits and pieces and get rid of one file that while I think it is okay can also be a bad one.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP