Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Computer will not shut down on its own

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Computer will not shut down on its own

Unread postby martin6976 » July 25th, 2014, 5:44 pm

Good Afternoon!

I am experience a couple of symptoms:

1. When I select "Shut Down" from start menu my laptop will begin process of shutting down, the words "please wait while system shuts down" comes up and that is about all that happens. I have left it overnight and it never actually shuts down just hangs right there. I have to hold power button down for a few seconds to "hard" shut down. system also seems really slow.

2. If I leave computer on for a couple of hours screen goes blank but computer is still on. (almost like it is in hybernate mode) again it will not actually shut off. I have to hold power button down for a few seconds to "hard" shut down.

3. System seems really slow

I tried running Download DDS above and get following message:

Not Found

The requested URL /tutorials/dds.scr was not found on this server.

Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request.
Apache/2.2.27 (Unix) mod_ssl/2.2.27 OpenSSL/1.0.1e-fips mod_bwlimited/1.4 Server at www.malwareremoval.com Port 80

so I am attaching Hijack this logs

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:32:34 PM, on 7/25/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17207)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
C:\Users\MartinM\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\MartinM\Documents\Malware_Tools_2013\HJ\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q=

{searchTerms}&FORM=AVASDF&PC=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q=

{searchTerms}&FORM=AVASDF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - (no file)
O2 - BHO: AMD SteadyVideo BHO - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd

\SteadyVideo\SteadyVideo.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software

\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files

(x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google

\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files

(x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
O2 - BHO: PrivDogExtension - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:\Program Files (x86)\AdTrustMedia

\PrivDog\2.2.0.14\trustedads.dll
O3 - Toolbar: (no name) - {98889811-442D-49dd-99D7-DC866BE87DBC} - (no file)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google

Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"

MSRun
O4 - HKLM\..\Run: [TSleepSrv] %ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Toshiba\Toshiba Online Backup

\Activation\TOBuActivation.exe" UNATTENDED
O4 - HKLM\..\Run: [ToshibaServiceStation] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station

\ToshibaServiceStation.exe" /hide:60
O4 - HKLM\..\Run: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support

\APSDaemon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [ComodoFSChrome] "C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe" /c
O4 - HKLM\..\Run: [PrivDogService] "C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [EPSON083F53 (Epson Stylus NX330)] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE

/FU "C:\Users\MartinM\AppData\Local\Temp\E_SBBB2.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\MartinM\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c

/nocrashserver
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\MartinM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [MusicManager] "C:\Users\MartinM\AppData\Local\Programs\Google\MusicManager

\MusicManager.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [EPSON NX330 Series] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users

\MartinM\AppData\Local\Temp\E_S447E.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON NX330 Series (Bedroom)] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU

"C:\Users\MartinM\AppData\Local\Temp\E_SBAF7.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON NX330 Series (Copy 2)] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU

"C:\Users\MartinM\AppData\Local\Temp\E_SBA4B.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [EPSON NX330 Series (Copy 1)] C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU

"C:\Users\MartinM\AppData\Local\Temp\E_SB9BF.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_8E98ACD4EA69A82FD0AC450A10EE78BC] "C:\Program Files (x86)\Google

\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL

SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK

SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:

\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 -

{219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer

\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-

1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer

\WriterBrowserExtension.dll
O9 - Extra button: PrivDog - {2F5C139F-79BD-4C84-A95A-E7140525BC55} - C:\Program Files (x86)\AdTrustMedia

\PrivDog\2.2.0.14\trustedads.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:

\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live

\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live

\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo

Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo

\VideoMIMEFilter.dll
O18 - Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo

\VideoMIMEFilter.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program

Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated -

C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file

missing)
O23 - Service: AllShare Framework DMS - Samsung - C:\Program Files\Samsung\AllShare Framework DMS

\1.3.06\AllShareFrameworkManagerDMS.exe
O23 - Service: AllShare Play Service - Copyright 2013 SAMSUNG - C:\Program Files\Samsung\AllShare Play

\AllShare Play Service.exe
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device

Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO

Internet Security\cmdagent.exe
O23 - Service: COMODO Virtual Service Manager (cmdvirth) - COMODO - C:\Program Files\COMODO\COMODO Internet

Security\cmdvirth.exe
O23 - Service: Bentley Dgn Index Service (DgnIndexingService) - Bentley Systems Inc. - C:\Program Files

(x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe

(file missing)
O23 - Service: EpsonCustomerParticipation - SEIKO EPSON CORPORATION - C:\Program Files\EPSON

\EpsonCustomerParticipation\EPCP.exe
O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common

Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common

Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows

\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Flexera Software, Inc. - C:\Program Files (x86)\Common Files

\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App

\GamesAppService.exe
O23 - Service: GFNEX Service (GFNEXSrv) - Unknown owner - C:\Windows\System32\GFNEXSrv.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google

\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google

Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner -

C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files

(x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows

\system32\lsass.exe (file missing)
O23 - Service: Toshiba Laptop Checkup Application Launcher (Norton PC Checkup Application Launcher) -

Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
O23 - Service: Common Client Job Manager Service (PCCUJobMgr) - Symantec Corporation - C:\Program Files

(x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows

\system32\lsass.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files

(x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows

\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe

(file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files

(x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files

(x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program

Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater

\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows

\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows

\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows

\system32\sppsvc.exe (file missing)
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station

\TMachInfo.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - Unknown owner - C:\windows

\system32\TODDSrv.exe (file missing)
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver

\TosCoSrv.exe
O23 - Service: TOSHIBA eco Utility Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TECO

\TecoService.exe
O23 - Service: TOSHIBA HDD SSD Alert Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA HDD

SSD Alert\TosSmartSrv.exe
O23 - Service: TPCH Service (TPCHSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows

\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows

\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file

missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe

(file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows

\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows

\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows

\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:

\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15559 bytes


StartupList report, 7/25/2014, 4:35:17 PM
StartupList version: 1.52.2
Started from : C:\Users\MartinM\Documents\Malware_Tools_2013\HJ\HijackThis.EXE
Detected: Windows 7 SP1 (WinNT 6.00.3505)
Detected: Internet Explorer v11.0 (11.00.9600.17207)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================

Running processes:

C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
C:\Users\MartinM\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Users\MartinM\Documents\Malware_Tools_2013\HJ\HijackThis.exe
C:\windows\SysWOW64\NOTEPAD.EXE

--------------------------------------------------

Listing of startup folders:

Shell folders Startup:
[C:\Users\MartinM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
*No files*

Shell folders AltStartup:
*Folder not found*

User shell folders Startup:
*Folder not found*

User shell folders AltStartup:
*Folder not found*

Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
*No files*

Shell folders Common AltStartup:
*Folder not found*

User shell folders Common Startup:
*Folder not found*

User shell folders Alternate Common Startup:
*Folder not found*

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe

[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*

[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
NortonOnlineBackupReminder = "C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
ToshibaServiceStation = "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
EEventManager = "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
Adobe ARM = "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
APSDaemon = "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
AvastUI.exe = "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
SDTray = "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
ComodoFSChrome = "C:\Program Files (x86)\AdTrustMedia\PrivDog\FinalizeSetup.exe" /c
PrivDogService = "C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe"
QuickTime Task = "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
iTunesHelper = "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

swg = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
EPSON083F53 (Epson Stylus NX330) = C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users\MartinM\AppData\Local\Temp\E_SBBB2.tmp" /EF "HKCU"
Facebook Update = "C:\Users\MartinM\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
Google Update = "C:\Users\MartinM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MusicManager = "C:\Users\MartinM\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
DAEMON Tools Lite = "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
EPSON NX330 Series = C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users\MartinM\AppData\Local\Temp\E_S447E.tmp" /EF "HKCU"
EPSON NX330 Series (Bedroom) = C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users\MartinM\AppData\Local\Temp\E_SBAF7.tmp" /EF "HKCU"
EPSON NX330 Series (Copy 2) = C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users\MartinM\AppData\Local\Temp\E_SBA4B.tmp" /EF "HKCU"
EPSON NX330 Series (Copy 1) = C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE /FU "C:\Users\MartinM\AppData\Local\Temp\E_SB9BF.tmp" /EF "HKCU"
GoogleChromeAutoLaunch_8E98ACD4EA69A82FD0AC450A10EE78BC = "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce

*No values found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run

*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*

--------------------------------------------------

File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command

(Default) = "%1" %*

--------------------------------------------------

File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command

(Default) = "%1" /S

--------------------------------------------------

File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command

(Default) = C:\Windows\SysWOW64\mshta.exe "%1" %*

--------------------------------------------------

File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command

(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1

--------------------------------------------------

Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)

[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = %SystemRoot%\system32\unregmp2.exe /ShowWMP

[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

[{2D46B6DC-2207-486B-B523-A557E6D54B47}] *
StubPath = C:\windows\system32\cmd.exe /D /C start C:\windows\system32\ie4uinit.exe -ClearIconCache

[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI

[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll

[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

[{8A69D345-D564-463c-AFF1-A69D9E530F96}]
StubPath = "C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

--------------------------------------------------

Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps

*Registry key not found*

--------------------------------------------------

Load/Run keys from C:\windows\WIN.INI:

load=*INI section not found*
run=*INI section not found*

Load/Run keys from Registry:

HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=

--------------------------------------------------

Shell & screensaver key from C:\windows\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=explorer.exe
SCRNSAVE.EXE=C:\windows\system32\Bubbles.scr
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------

Checking for EXPLORER.EXE instances:

C:\windows\Explorer.exe: PRESENT!

C:\Explorer.exe: not present
C:\windows\Explorer\Explorer.exe: not present
C:\windows\System\Explorer.exe: not present
C:\windows\System32\Explorer.exe: not present
C:\windows\Command\Explorer.exe: not present
C:\windows\Fonts\Explorer.exe: not present

--------------------------------------------------

Checking for superhidden extensions:

.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: *Registry key not found*
.shb: *Registry key not found*
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden

--------------------------------------------------

Verifying REGEDIT.EXE integrity:

- Regedit.exe found in C:\windows
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename NOT OK: 'REGEDIT.EXE.MUI'
- File description: 'Registry Editor'

Registry check failed!

--------------------------------------------------

Enumerating Browser Helper Objects:

Babylon toolbar helper - (no file) - {2EECD738-5844-4a99-B4B6-146BF802613B}
AMD SteadyVideo BHO - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928}
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06}
(no name) - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
(no name) - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll - {F3C88694-EFFA-4d78-B409-54B7B2535B14}
PrivDogExtension - C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll - {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC}

--------------------------------------------------

Enumerating Task Scheduler jobs:

Adobe Flash Player Updater.job
FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core.job
FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core.job
GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA.job

--------------------------------------------------

Enumerating Download Program Files:

[{8AD9C840-044E-11D1-B3E9-00805F499D93}]
CODEBASE = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab

[{CAFEEFAC-0017-0000-0051-ABCDEFFEDCBA}]
CODEBASE = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab

[{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}]
CODEBASE = http://java.sun.com/update/1.7.0/jinsta ... s-i586.cab

--------------------------------------------------

Enumerating Winsock LSP files:

NameSpace #1: C:\windows\system32\NLAapi.dll
NameSpace #2: C:\windows\system32\napinsp.dll
NameSpace #3: C:\windows\system32\pnrpnsp.dll
NameSpace #4: C:\windows\system32\pnrpnsp.dll
NameSpace #5: C:\windows\System32\mswsock.dll
NameSpace #6: C:\windows\System32\winrnr.dll
NameSpace #7: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #8: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #9: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Protocol #1: C:\windows\system32\mswsock.dll
Protocol #2: C:\windows\system32\mswsock.dll
Protocol #3: C:\windows\system32\mswsock.dll
Protocol #4: C:\windows\system32\mswsock.dll
Protocol #5: C:\windows\system32\mswsock.dll
Protocol #6: C:\windows\system32\mswsock.dll
Protocol #7: C:\windows\system32\mswsock.dll
Protocol #8: C:\windows\system32\mswsock.dll
Protocol #9: C:\windows\system32\mswsock.dll
Protocol #10: C:\windows\system32\mswsock.dll

--------------------------------------------------

Enumerating Windows NT/2000/XP services

1394 OHCI Compliant Host Controller: \SystemRoot\system32\drivers\1394ohci.sys (manual start)
Microsoft ACPI Driver: system32\drivers\ACPI.sys (system)
ACPI Power Meter Driver: \SystemRoot\system32\drivers\acpipmi.sys (manual start)
Adobe Acrobat Update Service: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" (autostart)
Adobe Flash Player Update Service: C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (manual start)
adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (manual start)
adpahci: \SystemRoot\system32\drivers\adpahci.sys (manual start)
adpu320: \SystemRoot\system32\drivers\adpu320.sys (manual start)
@%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\drivers\afd.sys,-1000: \SystemRoot\system32\drivers\afd.sys (system)
Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start)
@%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start)
aliide: \SystemRoot\system32\drivers\aliide.sys (manual start)
AllShare Framework DMS: C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe (autostart)
AllShare Play Service: "C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe" (autostart)
AMD External Events Utility: %SystemRoot%\system32\atiesrxx.exe (autostart)
AMD USB 3.0 Hub Driver: system32\DRIVERS\amdhub30.sys (manual start)
amdide: \SystemRoot\system32\drivers\amdide.sys (manual start)
AMD K8 Processor Driver: \SystemRoot\system32\drivers\amdk8.sys (manual start)
amdkmdag: system32\DRIVERS\atikmdag.sys (manual start)
amdkmdap: system32\DRIVERS\atikmpag.sys (manual start)
AMD PCI Root Bus Lower Filter: system32\DRIVERS\amdkmpfd.sys (system)
AMD Processor Driver: system32\DRIVERS\amdppm.sys (manual start)
amdsata: \SystemRoot\system32\drivers\amdsata.sys (manual start)
amdsbs: \SystemRoot\system32\drivers\amdsbs.sys (manual start)
amdxata: system32\drivers\amdxata.sys (system)
AMD USB 3.0 Host Controller Driver: system32\DRIVERS\amdxhc.sys (manual start)
@%systemroot%\system32\appidsvc.dll,-102: \SystemRoot\system32\drivers\appid.sys (manual start)
@%systemroot%\system32\appidsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Apple Mobile Device: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" (autostart)
arc: \SystemRoot\system32\drivers\arc.sys (manual start)
arcsas: \SystemRoot\system32\drivers\arcsas.sys (manual start)
ASP.NET State Service: %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (manual start)
avast! HardwareID: \SystemRoot\system32\drivers\aswHwid.sys (autostart)
aswMonFlt: \SystemRoot\system32\drivers\aswMonFlt.sys (autostart)
aswRdr: \SystemRoot\system32\drivers\aswRdr2.sys (system)
aswSnx: \SystemRoot\system32\drivers\aswSnx.sys (system)
aswSP: \SystemRoot\system32\drivers\aswSP.sys (system)
aswStm: \SystemRoot\system32\drivers\aswStm.sys (autostart)
@%systemroot%\system32\rascfg.dll,-32000: system32\DRIVERS\asyncmac.sys (manual start)
IDE Channel: system32\drivers\atapi.sys (system)
AMD Function Driver for HD Audio Service: system32\drivers\AtihdW76.sys (manual start)
@%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
avast! Antivirus: "C:\Program Files\AVAST Software\Avast\AvastSvc.exe" (autostart)
@%SystemRoot%\system32\AxInstSV.dll,-103: %SystemRoot%\system32\svchost.exe -k AxInstSVGroup (manual start)
Broadcom NetXtreme II VBD: \SystemRoot\system32\drivers\bxvbda.sys (manual start)
Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0: system32\DRIVERS\b57nd60a.sys (manual start)
@%SystemRoot%\system32\bdesvc.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
blbdrive: system32\DRIVERS\blbdrive.sys (system)
Bonjour Service: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart)
@%systemroot%\system32\browser.dll,-102: system32\DRIVERS\bowser.sys (manual start)
Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\drivers\BrFiltLo.sys (manual start)
Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\drivers\BrFiltUp.sys (manual start)
@%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\System32\Drivers\Brserid.sys (manual start)
Brother WDM Serial driver: \SystemRoot\System32\Drivers\BrSerWdm.sys (manual start)
Brother MFC USB Fax Only Modem: \SystemRoot\System32\Drivers\BrUsbMdm.sys (manual start)
Brother MFC USB Serial WDM Driver: \SystemRoot\System32\Drivers\BrUsbSer.sys (manual start)
Bluetooth Serial Communications Driver: \SystemRoot\system32\drivers\bthmodem.sys (manual start)
@%SystemRoot%\System32\bthserv.dll,-101: %SystemRoot%\system32\svchost.exe -k bthsvcs (manual start)
CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled)
CD-ROM Driver: system32\DRIVERS\cdrom.sys (system)
@%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
CFRMD: system32\DRIVERS\CFRMD.sys (system)
Consumer IR Devices: \SystemRoot\system32\drivers\circlass.sys (manual start)
@%SystemRoot%\system32\clfs.sys,-100: System32\CLFS.sys (system)
Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (disabled)
Microsoft .NET Framework NGEN v2.0.50727_X64: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (disabled)
Microsoft .NET Framework NGEN v4.0.30319_X86: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (autostart)
Microsoft .NET Framework NGEN v4.0.30319_X64: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (autostart)
Microsoft ACPI Control Method Battery Driver: system32\DRIVERS\CmBatt.sys (manual start)
COMODO Internet Security Helper Service: "C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe" (autostart)
COMODO Internet Security Sandbox Driver: System32\DRIVERS\cmdguard.sys (system)
COMODO Internet Security Helper Driver: System32\DRIVERS\cmdhlp.sys (system)
cmdide: \SystemRoot\system32\drivers\cmdide.sys (manual start)
COMODO Virtual Service Manager: "C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe" (manual start)
: System32\Drivers\cng.sys (system)
Microsoft Composite Battery Driver: system32\drivers\compbatt.sys (system)
Composite Bus Enumerator Driver: system32\DRIVERS\CompositeBus.sys (manual start)
@comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Crcdisk Filter Driver: \SystemRoot\system32\drivers\crcdisk.sys (disabled)
@%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%SystemRoot%\system32\defragsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k defragsvc (manual start)
@%systemroot%\system32\drivers\dfsc.sys,-101: System32\Drivers\dfsc.sys (system)
Bentley Dgn Index Service: "C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe" (manual start)
@%SystemRoot%\system32\dhcpcore.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%systemroot%\system32\drivers\discache.sys,-102: System32\drivers\discache.sys (system)
Disk Driver: system32\drivers\disk.sys (system)
@%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart)
Microsoft Trusted Audio Drivers: \SystemRoot\system32\drivers\drmkaud.sys (manual start)
LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start)
@%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Broadcom NetXtreme II 10 GigE VBD: \SystemRoot\system32\drivers\evbda.sys (manual start)
@%SystemRoot%\system32\efssvc.dll,-100: %SystemRoot%\System32\lsass.exe (autostart)
@%SystemRoot%\ehome\ehrecvr.exe,-101: %systemroot%\ehome\ehRecvr.exe (manual start)
@%SystemRoot%\ehome\ehsched.exe,-101: %systemroot%\ehome\ehsched.exe (manual start)
elxstor: \SystemRoot\system32\drivers\elxstor.sys (manual start)
EpsonCustomerParticipation: "C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe" (autostart)
EPSON V5 Service4(04): C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE (autostart)
EPSON V3 Service4(04): C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE (autostart)
Microsoft Hardware Error Device Driver: \SystemRoot\system32\drivers\errdev.sys (manual start)
@%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%systemroot%\system32\fxsresm.dll,-118: %systemroot%\system32\fxssvc.exe (manual start)
Floppy Disk Controller Driver: \SystemRoot\system32\drivers\fdc.sys (manual start)
@%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\drivers\fileinfo.sys,-100: system32\drivers\fileinfo.sys (system)
@%SystemRoot%\system32\drivers\filetrace.sys,-10001: system32\drivers\filetrace.sys (manual start)
FLEXnet Licensing Service: "C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe" (manual start)
Floppy Disk Driver: \SystemRoot\system32\drivers\flpydisk.sys (manual start)
@%SystemRoot%\system32\drivers\fltmgr.sys,-10001: system32\drivers\fltmgr.sys (system)
@%systemroot%\system32\FntCache.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\PresentationHost.exe,-3309: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (manual start)
@%SystemRoot%\system32\drivers\fsdepends.sys,-10001: System32\drivers\FsDepends.sys (manual start)
FsUsbExDisk: \??\C:\windows\SysWOW64\FsUsbExDisk.SYS (manual start)
@%SystemRoot%\system32\drivers\fvevol.sys,-100: System32\DRIVERS\fvevol.sys (system)
Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\drivers\gagp30kx.sys (manual start)
GamesAppService: "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" (manual start)
GEAR ASPI Filter Driver: system32\DRIVERS\GEARAspiWDM.sys (manual start)
GFNEX Service: C:\Windows\System32\GFNEXSrv.exe (autostart)
@gpapi.dll,-112: %windir%\system32\svchost.exe -k GPSvcGroup (autostart)
Google Update Service (gupdate): "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (autostart)
Google Update Service (gupdatem): "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (manual start)
Google Software Updater: "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" (manual start)
Hauppauge Consumer Infrared Receiver: \SystemRoot\system32\drivers\hcw85cir.sys (manual start)
Microsoft 1.1 UAA Function Driver for High Definition Audio Service: system32\drivers\HdAudio.sys (manual start)
Microsoft UAA Bus Driver for High Definition Audio: system32\DRIVERS\HDAudBus.sys (manual start)
HID UPS Battery Driver: \SystemRoot\system32\drivers\HidBatt.sys (manual start)
Microsoft Bluetooth HID Miniport: \SystemRoot\system32\drivers\hidbth.sys (manual start)
Microsoft Infrared HID Driver: \SystemRoot\system32\drivers\hidir.sys (manual start)
@%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
Microsoft HID Class Driver: \SystemRoot\system32\drivers\hidusb.sys (manual start)
@%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\ListSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\System32\provsvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
HpSAMD: \SystemRoot\system32\drivers\HpSAMD.sys (manual start)
@%SystemRoot%\system32\drivers\http.sys,-1: system32\drivers\HTTP.sys (manual start)
@%systemroot%\system32\drivers\hwpolicy.sys,-101: System32\drivers\hwpolicy.sys (system)
i8042 Keyboard and PS/2 Mouse Port Driver: system32\DRIVERS\i8042prt.sys (manual start)
iaStorV: \SystemRoot\system32\drivers\iaStorV.sys (manual start)
@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
@%SystemRoot%\system32\ieetwcollectorres.dll,-1000: %SystemRoot%\system32\IEEtwCollector.exe /V (manual start)
iirsp: \SystemRoot\system32\drivers\iirsp.sys (manual start)
@%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
COMODO Internet Security Firewall Driver: system32\DRIVERS\inspect.sys (system)
Service for Realtek HD Audio (WDM): system32\drivers\RTKVHD64.sys (manual start)
intelide: \SystemRoot\system32\drivers\intelide.sys (manual start)
Intel Processor Driver: \SystemRoot\system32\drivers\intelppm.sys (manual start)
@%systemroot%\system32\IPBusEnum.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%systemroot%\system32\rascfg.dll,-32013: system32\DRIVERS\ipfltdrv.sys (manual start)
@%SystemRoot%\system32\iphlpsvc.dll,-500: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart)
IPMIDRV: \SystemRoot\system32\drivers\IPMIDrv.sys (manual start)
IP Network Address Translator: System32\drivers\ipnat.sys (manual start)
iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
@%SystemRoot%\system32\drivers\irenum.sys,-100: system32\drivers\irenum.sys (manual start)
isapnp: \SystemRoot\system32\drivers\isapnp.sys (manual start)
iScsiPort Driver: \SystemRoot\system32\drivers\msiscsi.sys (manual start)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (manual start)
Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (manual start)
@keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start)
: System32\Drivers\ksecdd.sys (system)
: System32\Drivers\ksecpkg.sys (system)
Kernel Streaming Thunks: \SystemRoot\system32\drivers\ksthunk.sys (manual start)
@comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation (manual start)
@%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart)
@%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
LogMeIn Kernel Information Provider: \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys (autostart)
lmimirr: system32\DRIVERS\lmimirr.sys (manual start)
LogMeIn Remote File System Driver: \??\C:\windows\system32\drivers\LMIRfsDriver.sys (autostart)
LSI_FC: \SystemRoot\system32\drivers\lsi_fc.sys (manual start)
LSI_SAS: \SystemRoot\system32\drivers\lsi_sas.sys (manual start)
LSI_SAS2: \SystemRoot\system32\drivers\lsi_sas2.sys (manual start)
LSI_SCSI: \SystemRoot\system32\drivers\lsi_scsi.sys (manual start)
@%systemroot%\system32\drivers\luafv.sys,-100: \SystemRoot\system32\drivers\luafv.sys (autostart)
@%SystemRoot%\ehome\ehres.dll,-15501: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (disabled)
megasas: \SystemRoot\system32\drivers\megasas.sys (manual start)
MegaSR: \SystemRoot\system32\drivers\MegaSR.sys (manual start)
@%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
: system32\drivers\modem.sys (manual start)
Microsoft Monitor Class Function Driver Service: system32\DRIVERS\monitor.sys (manual start)
Mouse Class Driver: system32\DRIVERS\mouclass.sys (manual start)
Mouse HID Driver: system32\DRIVERS\mouhid.sys (manual start)
@%SystemRoot%\system32\drivers\mountmgr.sys,-100: System32\drivers\mountmgr.sys (system)
Mozilla Maintenance Service: "C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe" (manual start)
mpio: \SystemRoot\system32\drivers\mpio.sys (manual start)
@%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start)
@%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%systemroot%\system32\webclnt.dll,-104: \SystemRoot\system32\drivers\mrxdav.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1002: system32\DRIVERS\mrxsmb.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1004: system32\DRIVERS\mrxsmb10.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1006: system32\DRIVERS\mrxsmb20.sys (manual start)
msahci: system32\drivers\msahci.sys (system)
msdsm: \SystemRoot\system32\drivers\msdsm.sys (manual start)
@comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start)
@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100: \SystemRoot\System32\drivers\mshidkmdf.sys (manual start)
msisadrv: system32\drivers\msisadrv.sys (system)
@%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: system32\DRIVERS\mssmbios.sys (system)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
Microsoft Input Configuration Driver: \SystemRoot\system32\drivers\MTConfig.sys (manual start)
@%systemroot%\system32\drivers\mup.sys,-101: System32\Drivers\mup.sys (system)
@%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
NativeWiFi Filter: system32\DRIVERS\nwifi.sys (manual start)
@%SystemRoot%\system32\drivers\ndis.sys,-200: system32\drivers\ndis.sys (system)
NDIS Capture LightWeight Filter: system32\DRIVERS\ndiscap.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32001: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32002: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
@%SystemRoot%\system32\drivers\netbt.sys,-2: System32\DRIVERS\netbt.sys (system)
@%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start)
@%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator (disabled)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (disabled)
@%SystemRoot%\system32\netprofm.dll,-202: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (disabled)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8201: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (disabled)
nfrd960: \SystemRoot\system32\drivers\nfrd960.sys (manual start)
@%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Toshiba Laptop Checkup Application Launcher: C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe /s (autostart)
@%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\drivers\nsiproxy.sys,-2: system32\drivers\nsiproxy.sys (system)
nvraid: \SystemRoot\system32\drivers\nvraid.sys (manual start)
nvstor: \SystemRoot\system32\drivers\nvstor.sys (manual start)
NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\drivers\nv_agp.sys (manual start)
Microsoft Office Diagnostics Service: "C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE" (manual start)
1394 OHCI Compliant Host Controller (Legacy): \SystemRoot\system32\drivers\ohci1394.sys (manual start)
Office Source Engine: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
@%SystemRoot%\system32\pnrpsvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
Parallel port driver: \SystemRoot\system32\drivers\parport.sys (manual start)
@%SystemRoot%\system32\drivers\partmgr.sys,-100: System32\drivers\partmgr.sys (system)
@%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Common Client Job Manager Service: "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe" /s "PCCUJobMgr" /m "C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\diMaster.dll" /prefetch:1 (autostart)
PCI Bus Driver: system32\drivers\pci.sys (system)
pciide: system32\drivers\pciide.sys (system)
pcmcia: \SystemRoot\system32\drivers\pcmcia.sys (manual start)
Performance Counters for Windows Driver: System32\drivers\pcw.sys (system)
PEAUTH: system32\drivers\peauth.sys (autostart)
@%systemroot%\sysWow64\perfhost.exe,-2: %SystemRoot%\SysWow64\perfhost.exe (manual start)
Pangu effect driver: system32\DRIVERS\pgeffect.sys (manual start)
@%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start)
@%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%SystemRoot%\system32\pnrpauto.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
@%SystemRoot%\system32\pnrpsvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
@%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\umpo.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%systemroot%\system32\rascfg.dll,-32006: system32\DRIVERS\raspptp.sys (manual start)
Processor Driver: \SystemRoot\system32\drivers\processr.sys (manual start)
@%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start)
@%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system)
ql2300: \SystemRoot\system32\drivers\ql2300.sys (manual start)
ql40xx: \SystemRoot\system32\drivers\ql40xx.sys (manual start)
@%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (manual start)
WAN Miniport (IKEv2): system32\DRIVERS\AgileVpn.sys (manual start)
@%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\rascfg.dll,-32005: system32\DRIVERS\rasl2tp.sys (manual start)
@%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\rascfg.dll,-32007: system32\DRIVERS\raspppoe.sys (manual start)
@%systemroot%\system32\sstpsvc.dll,-202: system32\DRIVERS\rassstp.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1000: system32\DRIVERS\rdbss.sys (system)
Remote Desktop Device Redirector Bus Driver: \SystemRoot\system32\drivers\rdpbus.sys (manual start)
@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100: System32\DRIVERS\RDPCDD.sys (system)
@%systemroot%\system32\drivers\RDPENCDD.sys,-101: system32\drivers\rdpencdd.sys (system)
@%systemroot%\system32\drivers\RdpRefMp.sys,-101: system32\drivers\rdprefmp.sys (system)
Remote Desktop Video Miniport Driver: System32\drivers\rdpvideominiport.sys (manual start)
ReadyBoost: System32\drivers\rdyboost.sys (system)
@%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
@regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start)
Cyberlink RichVideo Service(CRVS): "C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe" (autostart)
@%windir%\system32\RpcEpMap.dll,-1001: %SystemRoot%\system32\svchost.exe -k RPCSS (autostart)
@%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start)
@oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart)
RtsUStor.Sys Realtek USB Card Reader: System32\Drivers\RtsUStor.sys (manual start)
Realtek 8167 NT Driver: system32\DRIVERS\Rt64win7.sys (manual start)
Realtek Wireless LAN 802.11n PCI-E NIC Driver: system32\DRIVERS\rtl8192Ce.sys (manual start)
@%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart)
sbp2port: \SystemRoot\system32\drivers\sbp2port.sys (manual start)
@%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\System32\drivers\scfilter.sys,-11: System32\DRIVERS\scfilter.sys (manual start)
@%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start)
Spybot-S&D 2 Scanner Service: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" (autostart)
Spybot-S&D 2 Updating Service: "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" (autostart)
Spybot-S&D 2 Security Center Service: C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (autostart)
@%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\sensrsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
Serenum Filter Driver: \SystemRoot\system32\drivers\serenum.sys (manual start)
Serial: \SystemRoot\system32\drivers\serial.sys (manual start)
Serial Mouse Driver: \SystemRoot\system32\drivers\sermouse.sys (manual start)
@%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
SFF Storage Class Driver: \SystemRoot\system32\drivers\sffdisk.sys (manual start)
SFF Storage Protocol Driver for MMC: \SystemRoot\system32\drivers\sffp_mmc.sys (manual start)
SFF Storage Protocol Driver for SDBus: \SystemRoot\system32\drivers\sffp_sd.sys (manual start)
High-Capacity Floppy Disk Drive: \SystemRoot\system32\drivers\sfloppy.sys (manual start)
@%SystemRoot%\system32\ipnathlp.dll,-106: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SiSRaid2: \SystemRoot\system32\drivers\SiSRaid2.sys (manual start)
SiSRaid4: \SystemRoot\system32\drivers\sisraid4.sys (manual start)
Skype Updater: "C:\Program Files (x86)\Skype\Updater\Updater.exe" (autostart)
@%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (manual start)
@%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start)
@%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart)
@%SystemRoot%\system32\sppsvc.exe,-101: %SystemRoot%\system32\sppsvc.exe (autostart)
@%SystemRoot%\system32\sppuinotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
sptd: \SystemRoot\System32\Drivers\sptd.sys (system)
@%systemroot%\system32\srvsvc.dll,-102: System32\DRIVERS\srv.sys (manual start)
@%systemroot%\system32\srvsvc.dll,-104: System32\DRIVERS\srv2.sys (manual start)
: System32\DRIVERS\srvnet.sys (manual start)
@%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\sstpsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
stexstor: \SystemRoot\system32\drivers\stexstor.sys (manual start)
@%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
Software Bus Driver: system32\DRIVERS\swenum.sys (manual start)
@%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start)
Synaptics TouchPad Driver: system32\DRIVERS\SynTP.sys (manual start)
@%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\TabSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\system32\tapisrv.dll,-10100: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system)
Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start)
TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart)
TOSHIBA Writing Engine Filter Driver: system32\DRIVERS\tdcmdpst.sys (manual start)
TDEIO: \??\C:\Windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys (manual start)
TDPIPE: system32\drivers\tdpipe.sys (manual start)
TDTCP: system32\drivers\tdtcp.sys (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system)
Terminal Device Driver: system32\DRIVERS\termdd.sys (system)
@%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\themeservice.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
TMachInfo: C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (manual start)
TOSHIBA Optical Disc Drive Service: C:\windows\system32\TODDSrv.exe (autostart)
TOSHIBA Power Saver: "C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe" (autostart)
TOSHIBA eco Utility Service: "C:\Program Files\TOSHIBA\TECO\TecoService.exe" (autostart)
TOSHIBA HDD SSD Alert Service: "C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe" (manual start)
TPCH Service: "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" (manual start)
@%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start)
@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101: System32\DRIVERS\tssecsrv.sys (manual start)
: system32\drivers\tsusbflt.sys (manual start)
Remote Desktop Generic USB Device: \SystemRoot\system32\drivers\TsUsbGD.sys (manual start)
Microsoft Tunnel Miniport Adapter Driver: system32\DRIVERS\tunnel.sys (manual start)
TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver: system32\DRIVERS\TVALZ_O.SYS (system)
TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver: system32\DRIVERS\TVALZFL.sys (autostart)
Microsoft AGPv3.5 Filter: \SystemRoot\system32\drivers\uagp35.sys (manual start)
udfs: system32\DRIVERS\udfs.sys (disabled)
@%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start)
Uli AGP Bus Filter: \SystemRoot\system32\drivers\uliagpkx.sys (manual start)
UMBus Enumerator Driver: system32\DRIVERS\umbus.sys (manual start)
Microsoft UMPass Driver: \SystemRoot\system32\drivers\umpass.sys (manual start)
@%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
Apple Mobile USB Driver: System32\Drivers\usbaapl64.sys (manual start)
Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
eHome Infrared Receiver (USBCIR): \SystemRoot\system32\drivers\usbcir.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
AMD USB Filter Driver: system32\DRIVERS\usbfilter.sys (manual start)
Microsoft USB Standard Hub Driver: system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER Class: \SystemRoot\system32\drivers\usbprint.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: \SystemRoot\system32\drivers\usbuhci.sys (manual start)
USB Video Device (WDM): \SystemRoot\System32\Drivers\usbvideo.sys (manual start)
@%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\vaultsvc.dll,-1003: %SystemRoot%\system32\lsass.exe (manual start)
Microsoft Virtual Drive Enumerator Driver: system32\drivers\vdrvroot.sys (system)
@%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start)
vga: system32\DRIVERS\vgapnp.sys (manual start)
: \SystemRoot\System32\drivers\vga.sys (system)
vhdmp: \SystemRoot\system32\drivers\vhdmp.sys (manual start)
viaide: \SystemRoot\system32\drivers\viaide.sys (manual start)
Volume Manager Driver: system32\drivers\volmgr.sys (system)
@%SystemRoot%\system32\drivers\volmgrx.sys,-100: System32\drivers\volmgrx.sys (system)
Storage volumes: system32\drivers\volsnap.sys (system)
vsmraid: \SystemRoot\system32\drivers\vsmraid.sys (manual start)
@%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start)
Virtual WiFi Bus Driver: system32\DRIVERS\vwifibus.sys (manual start)
Virtual WiFi Filter Driver: system32\DRIVERS\vwififlt.sys (system)
Microsoft Virtual WiFi Miniport Service: system32\DRIVERS\vwifimp.sys (manual start)
@%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Wacom Serial Pen HID Driver: \SystemRoot\system32\drivers\wacompen.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32011: system32\DRIVERS\wanarp.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32012: system32\DRIVERS\wanarp.sys (system)
@%SystemRoot%\system32\Wat\WatUX.exe,-601: %SystemRoot%\system32\Wat\WatAdminSvc.exe (manual start)
@%systemroot%\system32\wbengine.exe,-104: "%systemroot%\system32\wbengine.exe" (manual start)
@%systemroot%\system32\wbiosrvc.dll,-100: %SystemRoot%\system32\svchost.exe -k WbioSvcGroup (manual start)
@%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start)
Microsoft Watchdog Timer Driver: system32\drivers\wd.sys (system)
@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000: system32\drivers\Wdf01000.sys (system)
@%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (manual start)
WFP Lightweight Filter: system32\DRIVERS\wfplwf.sys (system)
WIMMount: system32\drivers\wimmount.sys (manual start)
@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (autostart)
@%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
WinUsb: system32\DRIVERS\WinUsb.sys (manual start)
@%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Windows Live Mesh remote connections service: "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" (disabled)
Windows Live ID Sign-in Assistant: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" (autostart)
Microsoft Windows Management Interface for ACPI: system32\DRIVERS\wmiacpi.sys (manual start)
@%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start)
@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101: "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" (autostart)
@%SystemRoot%\system32\wpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\System32\drivers\ws2ifsl.sys,-1000: \SystemRoot\system32\drivers\ws2ifsl.sys (disabled)
@%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
WSD Print Support via UMB: system32\DRIVERS\WSDPrint.sys (manual start)
WSD Scan Support via UMB: \SystemRoot\system32\drivers\WSDScan.sys (manual start)
@%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
@%systemroot%\system32\wuaueng.dll,-105: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000: system32\drivers\WudfPf.sys (manual start)
WUDFRd: system32\DRIVERS\WUDFRd.sys (manual start)
@%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\System32\wwansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (manual start)


--------------------------------------------------

Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*

Windows NT checkdisk command:
BootExecute = autocheck autochk *

Windows NT 'Wininit.ini':
PendingFileRenameOperations: *Registry value not found*

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

WebCheck: *Registry key not found*

--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run

*Registry key not found*

--------------------------------------------------

End of report, 59,719 bytes
Report generated in 0.530 seconds

Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK
Advertisement
Register to Remove

Re: Computer will not shut down on its own

Unread postby Gary R » July 26th, 2014, 2:59 pm

HJT is not compatible with 64 bit systems which is what you have, so I need you to run something else for me ...

  • Download FRST64 to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.

Before you post them, please check you don't have Wordwrap on in Notepad, you did when you posted your HJT logs, and it made them pretty much unreadable.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer will not shut down on its own

Unread postby martin6976 » July 26th, 2014, 7:06 pm

Thanks Gary R.

I have attached requested file FRST.txt the Addition.txt was blank nothing to copy and paste.

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by MartinM (administrator) on MARTINM-PC on 26-07-2014 17:47:07
Running from C:\Users\MartinM\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Windows\System32\GFNEXSrv.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkDMS.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoService.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\Teco.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TECO\TecoHook.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
(Samsung Electronics) C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\AllShare Play\AllShare Play.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Google Inc.) C:\Users\MartinM\AppData\Local\Programs\Google\MusicManager\MusicManager.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(AdTrustMedia) C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-22] (Realtek Semiconductor)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2866960 2011-12-19] (Synaptics Incorporated)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-23] (TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [989056 2012-02-13] (TOSHIBA Corporation)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-09] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [712096 2011-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2012-02-24] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597936 2011-07-27] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38824 2011-06-28] (TOSHIBA Corporation)
HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe [1275608 2014-03-25] (COMODO)
HKLM\...\Run: [AllShare Play] => C:\Program Files\Samsung\AllShare Play\utils\AllShare Play Launcher.exe [407384 2013-01-24] (Samsung Electronics)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [630912 2012-02-13] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [253312 2011-11-21] (TOSHIBA)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218864 2011-06-22] (Toshiba)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1298816 2011-07-11] (TOSHIBA Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-13] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101584 2014-04-25] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [PrivDogService] => C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedadssvc.exe [662184 2014-06-17] (AdTrustMedia)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [97280 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-07-04] (Google Inc.)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [EPSON083F53 (Epson Stylus NX330)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [Facebook Update] => C:\Users\MartinM\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-24] (Facebook Inc.)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [Google Update] => C:\Users\MartinM\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-11-04] (Google Inc.)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [MusicManager] => C:\Users\MartinM\AppData\Local\Programs\Google\MusicManager\MusicManager.exe [7631872 2014-05-15] (Google Inc.)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [EPSON NX330 Series] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [EPSON NX330 Series (Bedroom)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [EPSON NX330 Series (Copy 2)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [EPSON NX330 Series (Copy 1)] => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIHAA.EXE [232448 2011-01-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-469878408-117990764-4033472088-1000\...\Run: [GoogleChromeAutoLaunch_8E98ACD4EA69A82FD0AC450A10EE78BC] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=110795 ... 72b950d9e7
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
SearchScopes: HKLM - DefaultScope {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKCU - DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=110795&tt=bandext_3312_5&babsrc=SP_ss&mntrId=00ffbd6d0000000000004c72b950d9e7
SearchScopes: HKCU - {2892C08D-EAF8-4E8E-BA9D-3BD6671278C6} URL = http://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKCU - {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKCU - {68F2F0BB-8D8B-4FB1-8F16-2D61C7F29734} URL = http://search.findwide.com/serp?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&action=default_search&serpv=22&k={searchTerms}
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.search.yahoo.com/search?p={searchTerms}&fr=chr-comodo
SearchScopes: HKCU - {B6FE0864-638F-4AF0-9149-EDA8F57A52D3} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10741
SearchScopes: HKCU - {{67A2568C-7A0A-4EED-AECC-B5405DE63B64}} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
BHO-x32: PrivDog Extension -> {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} -> C:\Program Files (x86)\AdTrustMedia\PrivDog\2.2.0.14\trustedads.dll (AdTrustMedia)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {ACF628D7-0CE2-4C96-993F-C1C0ABB7BB4F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - No Name - {ACF628D7-0CE2-4C96-993F-C1C0ABB7BB4F} - No File
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - No File
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - No File
Handler-x32: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - C:\Program Files (x86)\Libronix DLS\System\FileProt.dll (Libronix Corporation)
Handler-x32: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - C:\Program Files (x86)\Libronix DLS\System\ResProt.dll (Libronix Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Hosts: 127.0.0.1 www.libronix.net # Block Libronix update.
Tcpip\Parameters: [DhcpNameServer] 192.168.15.126 192.168.15.127

FireFox:
========
FF ProfilePath: C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default
FF NewTab: user_pref("browser.newtab.url", "");
FF DefaultSearchEngine: FindWide
FF SearchEngineOrder.1: Search the web (Babylon)
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\MartinM\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\MartinM\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\MartinM\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: samsung.com/AllSharePlayPCPlugin - C:\Program Files\Samsung\AllShare Play\utils\npAllSharePlayPCPlugin.dll (Samsung)
FF user.js: detected! => C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\user.js
FF Extension: DownloadHelper - C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-29]
FF Extension: PrivDog - C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\Extensions\PrivDog@AdTrustMedia.com.xpi [2014-07-13]
FF Extension: Adblock Plus - C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-16]
FF Extension: DownThemAll! - C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2013-03-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-08-17]
FF HKCU\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF HKCU\...\Firefox\Extensions: [PrivDog@AdTrustMedia.com] - C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\extensions

Chrome:
=======
CHR HomePage: hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22
CHR StartupUrls: "hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22", "hxxp://search.babylon.com/?affID=110795&tt=bandext_3312_5&babsrc=HP_ss&mntrId=00ffbd6d0000000000004c72b950d9e7", "hxxp://www.msn.com/?pc=AV01"
CHR DefaultSearchKeyword: bing1.com
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Babylon ToolBar) - C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.250.6) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U25) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (Google Cast) - C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-03-18]
CHR Extension: (PrivDog) - C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja [2014-07-13]
CHR Extension: (avast! Online Security) - C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-13]
CHR Extension: (Google Wallet) - C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-12-22]
CHR HKLM-x32\...\Chrome\Extension: [cmaiofennmphjldldcpphcechfnnohja] - C:\Program Files (x86)\AdTrustMedia\PrivDog\PrivDog_chrome.crx [2014-07-13]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-13]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.06\AllShareFrameworkManagerDMS.exe [408184 2012-10-23] (Samsung)
R2 AllShare Play Service; C:\Program Files\Samsung\AllShare Play\AllShare Play Service.exe [662600 2013-01-24] (Copyright 2013 SAMSUNG)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-13] (AVAST Software)
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [6817544 2014-04-16] (COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2264280 2014-03-25] (COMODO)
S3 DgnIndexingService; C:\Program Files (x86)\Common Files\Bentley Shared\Dgn Index Service\DgnIndexServer.exe [137728 2012-02-29] (Bentley Systems Inc.) [File not signed]
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] ()
R2 Norton PC Checkup Application Launcher; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\SymcPCCULaunchSvc.exe [123320 2012-08-16] (Symantec Corporation)
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.17.38\ccSvcHst.exe [126392 2011-11-30] (Symantec Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738200 2014-04-25] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2081752 2014-04-25] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 TosCoSrv; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [580608 2012-02-02] (TOSHIBA Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [31872 2012-02-01] (Advanced Micro Devices, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-13] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-13] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-07-13] ()
S1 CFRMD; C:\Windows\SysWOW64\DRIVERS\CFRMD.sys [37976 2012-09-03] (Windows (R) Win 7 DDK provider) [File not signed]
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [738472 2014-04-16] (COMODO)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [48360 2014-04-16] (COMODO)
S3 FsUsbExDisk; C:\windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-10-29] () [File not signed]
R1 inspect; C:\Windows\System32\DRIVERS\inspect.sys [105552 2014-04-16] (COMODO)
S4 LMIRfsClientNP; No ImagePath
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2012-11-21] (Duplex Secure Ltd.)
U3 apwltkeu; C:\Windows\System32\Drivers\apwltkeu.sys [0 ] (Advanced Micro Devices)
S2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [X]
S3 TDEIO; \??\C:\Windows\SysWOW64\sysprep\BOOTPRIO\tdeio64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 17:47 - 2014-07-26 17:52 - 00031530 _____ () C:\Users\MartinM\Desktop\FRST.txt
2014-07-26 17:41 - 2014-07-26 17:52 - 00000000 ____D () C:\FRST
2014-07-26 17:36 - 2014-07-26 17:36 - 02093568 _____ (Farbar) C:\Users\MartinM\Desktop\FRST64.exe
2014-07-26 17:21 - 2014-07-26 17:21 - 00000056 _____ () C:\windows\setupact.log
2014-07-26 17:21 - 2014-07-26 17:21 - 00000000 _____ () C:\windows\setuperr.log
2014-07-20 21:19 - 2014-07-20 21:19 - 00000000 ____D () C:\Users\MartinM\Documents\Toastmaster
2014-07-20 20:37 - 2014-07-20 20:37 - 00150528 _____ () C:\Users\MartinM\Downloads\2014 Budget(5).xls
2014-07-19 14:20 - 2014-07-19 14:21 - 00000000 ____D () C:\Users\MartinM\Documents\TAB2 GT-P3113
2014-07-19 11:32 - 2014-07-19 11:32 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-19 11:32 - 2014-07-19 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-19 11:30 - 2014-07-19 11:32 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-19 11:30 - 2014-07-19 11:32 - 00000000 ____D () C:\Program Files\iTunes
2014-07-19 11:30 - 2014-07-19 11:32 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-19 11:30 - 2014-07-19 11:30 - 00000000 ____D () C:\Program Files\iPod
2014-07-14 21:28 - 2014-07-14 21:28 - 00001856 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-14 21:28 - 2014-07-14 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-14 21:27 - 2014-07-14 21:28 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-14 18:06 - 2014-07-14 18:06 - 00000000 ____D () C:\b91e903b2d24cc5813a7
2014-07-14 17:55 - 2014-07-14 18:04 - 00000000 ____D () C:\WORK
2014-07-14 16:42 - 2014-07-14 16:42 - 00000000 __SHD () C:\Users\MartinM\AppData\Local\EmieUserList
2014-07-14 16:42 - 2014-07-14 16:42 - 00000000 __SHD () C:\Users\MartinM\AppData\Local\EmieSiteList
2014-07-13 21:55 - 2014-07-13 21:55 - 00000000 ____D () C:\Users\MartinM\AppData\Local\AdTrustMedia
2014-07-13 21:54 - 2014-07-13 21:54 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-07-13 21:54 - 2014-07-13 21:54 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-07-13 21:54 - 2014-07-13 21:54 - 00000000 ____D () C:\Program Files (x86)\AdTrustMedia
2014-07-13 21:20 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-13 21:20 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-13 21:20 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-13 21:19 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-13 21:19 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-13 21:19 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-13 21:19 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2014-07-13 21:19 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2014-07-13 21:19 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-13 21:19 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2014-07-13 21:19 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2014-07-13 21:19 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2014-07-13 21:19 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2014-07-13 21:19 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2014-07-13 21:19 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2014-07-13 21:19 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2014-07-13 21:19 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2014-07-13 21:19 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2014-07-13 21:19 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2014-07-13 21:19 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-13 21:19 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2014-07-13 21:19 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-13 21:19 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2014-07-13 21:19 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2014-07-13 21:19 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2014-07-13 21:19 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-13 21:19 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-13 21:19 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-13 21:19 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-13 21:19 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2014-07-13 21:19 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2014-07-13 21:19 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2014-07-13 21:19 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2014-07-13 21:19 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-13 21:19 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-13 21:19 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2014-07-13 21:19 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2014-07-13 21:19 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-13 21:19 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2014-07-13 21:19 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2014-07-13 21:19 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2014-07-13 21:19 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2014-07-13 21:19 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-13 21:19 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-13 21:19 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2014-07-13 21:19 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-13 21:19 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-13 21:19 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-13 21:19 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-13 21:19 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-13 21:19 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-13 21:19 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2014-07-13 21:19 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-13 21:19 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-13 21:19 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-13 21:19 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-13 21:19 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-13 21:19 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-13 21:19 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-13 21:19 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2014-07-13 21:19 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2014-07-13 21:19 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2014-07-13 21:19 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2014-07-13 21:19 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2014-07-13 21:19 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2014-07-13 21:19 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2014-07-13 21:19 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2014-07-13 21:19 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2014-07-13 21:19 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2014-07-13 21:19 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2014-07-13 21:19 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2014-07-13 21:19 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2014-07-13 21:19 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2014-07-13 21:16 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-13 21:16 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2014-07-13 21:16 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2014-07-13 20:57 - 2014-07-13 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-13 20:57 - 2014-07-13 20:57 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-13 19:29 - 2014-07-13 19:29 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-03 00:05 - 2014-07-03 00:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-26 17:52 - 2014-07-26 17:47 - 00031530 _____ () C:\Users\MartinM\Desktop\FRST.txt
2014-07-26 17:52 - 2014-07-26 17:41 - 00000000 ____D () C:\FRST
2014-07-26 17:38 - 2012-07-04 12:52 - 01547732 _____ () C:\windows\WindowsUpdate.log
2014-07-26 17:36 - 2014-07-26 17:36 - 02093568 _____ (Farbar) C:\Users\MartinM\Desktop\FRST64.exe
2014-07-26 17:34 - 2012-08-31 22:20 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-26 17:33 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-26 17:33 - 2009-07-13 23:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-26 17:24 - 2012-08-17 01:55 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-07-26 17:23 - 2013-02-09 14:35 - 00000000 ____D () C:\AllShare Play
2014-07-26 17:22 - 2012-07-04 13:33 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-26 17:21 - 2014-07-26 17:21 - 00000056 _____ () C:\windows\setupact.log
2014-07-26 17:21 - 2014-07-26 17:21 - 00000000 _____ () C:\windows\setuperr.log
2014-07-26 17:21 - 2009-07-14 00:08 - 00032576 _____ () C:\windows\Tasks\SCHEDLGU.TXT
2014-07-26 17:21 - 2009-07-14 00:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-25 21:30 - 2012-08-24 00:25 - 00000936 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA.job
2014-07-25 21:14 - 2012-11-04 01:48 - 00000916 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA.job
2014-07-25 21:14 - 2012-07-04 13:33 - 00000912 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-25 21:07 - 2012-10-28 17:03 - 00000000 ____D () C:\Users\MartinM\AppData\Local\CrashDumps
2014-07-25 16:26 - 2013-07-10 22:31 - 00000000 ____D () C:\Users\MartinM\Documents\Malware_Tools_2013
2014-07-21 00:30 - 2012-08-24 00:25 - 00000914 _____ () C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core.job
2014-07-20 22:14 - 2012-11-04 01:48 - 00000864 _____ () C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core.job
2014-07-20 21:19 - 2014-07-20 21:19 - 00000000 ____D () C:\Users\MartinM\Documents\Toastmaster
2014-07-20 21:17 - 2013-11-23 11:19 - 00144384 _____ () C:\Users\MartinM\Documents\2014 Budget.xls
2014-07-20 20:37 - 2014-07-20 20:37 - 00150528 _____ () C:\Users\MartinM\Downloads\2014 Budget(5).xls
2014-07-19 16:06 - 2013-01-11 15:19 - 00055296 _____ () C:\Users\MartinM\Documents\MDMps.xls
2014-07-19 14:21 - 2014-07-19 14:20 - 00000000 ____D () C:\Users\MartinM\Documents\TAB2 GT-P3113
2014-07-19 12:20 - 2009-07-13 22:20 - 00000000 ____D () C:\windows\rescache
2014-07-19 11:32 - 2014-07-19 11:32 - 00001794 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-07-19 11:32 - 2014-07-19 11:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-19 11:32 - 2014-07-19 11:30 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-07-19 11:32 - 2014-07-19 11:30 - 00000000 ____D () C:\Program Files\iTunes
2014-07-19 11:32 - 2014-07-19 11:30 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-07-19 11:30 - 2014-07-19 11:30 - 00000000 ____D () C:\Program Files\iPod
2014-07-19 11:21 - 2012-08-17 23:41 - 00000000 ____D () C:\ProgramData\Apple
2014-07-14 21:28 - 2014-07-14 21:28 - 00001856 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-07-14 21:28 - 2014-07-14 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-07-14 21:28 - 2014-07-14 21:27 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-07-14 18:06 - 2014-07-14 18:06 - 00000000 ____D () C:\b91e903b2d24cc5813a7
2014-07-14 18:06 - 2013-08-16 08:27 - 00000000 ____D () C:\windows\system32\MRT
2014-07-14 18:05 - 2012-08-17 15:41 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-14 18:04 - 2014-07-14 17:55 - 00000000 ____D () C:\WORK
2014-07-14 17:54 - 2009-07-14 00:13 - 00782470 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-14 17:24 - 2013-12-17 22:46 - 00000000 ____D () C:\Users\MartinM\AppData\Local\CutePDF Writer
2014-07-14 16:42 - 2014-07-14 16:42 - 00000000 __SHD () C:\Users\MartinM\AppData\Local\EmieUserList
2014-07-14 16:42 - 2014-07-14 16:42 - 00000000 __SHD () C:\Users\MartinM\AppData\Local\EmieSiteList
2014-07-13 21:55 - 2014-07-13 21:55 - 00000000 ____D () C:\Users\MartinM\AppData\Local\AdTrustMedia
2014-07-13 21:54 - 2014-07-13 21:54 - 00000000 ____D () C:\ProgramData\Adtrustmedia
2014-07-13 21:54 - 2014-07-13 21:54 - 00000000 ____D () C:\Program Files\AdTrustMedia
2014-07-13 21:54 - 2014-07-13 21:54 - 00000000 ____D () C:\Program Files (x86)\AdTrustMedia
2014-07-13 21:54 - 2012-08-17 01:51 - 00002291 _____ () C:\Users\Public\Desktop\COMODO Firewall.lnk
2014-07-13 20:57 - 2014-07-13 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-13 20:57 - 2014-07-13 20:57 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-13 20:34 - 2012-08-31 22:20 - 00003768 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-13 20:34 - 2012-04-18 04:08 - 00699056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2014-07-13 20:34 - 2012-04-18 04:08 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-13 20:15 - 2013-05-24 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-13 19:30 - 2014-05-17 07:39 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-13 19:30 - 2014-03-28 21:54 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswstm.sys
2014-07-13 19:30 - 2013-04-10 12:08 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-13 19:30 - 2013-04-10 12:08 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-13 19:30 - 2012-08-17 01:55 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
2014-07-13 19:30 - 2012-08-17 01:55 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-13 19:30 - 2012-08-17 01:55 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-13 19:30 - 2012-08-17 01:55 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-13 19:30 - 2012-08-17 01:55 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-13 19:30 - 2012-08-17 01:55 - 00001977 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-07-13 19:29 - 2014-07-13 19:29 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-13 19:23 - 2012-08-17 01:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-03 00:05 - 2014-07-03 00:05 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-02 22:34 - 2014-03-08 14:36 - 00000000 ____D () C:\Users\MartinM\Documents\fema
2014-07-02 22:09 - 2012-11-04 01:48 - 00003890 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA
2014-07-02 22:09 - 2012-11-04 01:48 - 00003494 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core
2014-07-02 22:09 - 2012-07-04 13:33 - 00003908 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-02 22:09 - 2012-07-04 13:33 - 00003656 _____ () C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-26 17:40 - 2012-08-19 08:08 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\MartinM\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 12:11

==================== End Of Log ============================
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK

Re: Computer will not shut down on its own

Unread postby Gary R » July 27th, 2014, 12:45 am

Addition.txt should not be blank, run the scan again please, and this time when you do please ensure that the Additional.txt radio button on the interface (bottom right corner) is checked before you hit the Scan button.

No need to post me another copy of FRST.txt (since I've already got a copy of that) so just post me Addition.txt please.

If it's still blank then let me know, since I'll need to contact the tool's developer about this.

Also will you please do the following ...

Please download AdwCleaner and save it to your desktop.

  • Double click AdwCleaner.exe to run it.
  • Click Scan.
  • A logfile will automatically open after the scan has finished.
  • Close the adwCleaner window, click ok to the prompt.
  • Please post the contents of that logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[R1].txt.

Do not attempt to clean anything it might find at this point.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer will not shut down on its own

Unread postby martin6976 » July 27th, 2014, 1:43 am

Addition.txt is blank. Ran again radio button was selected.

On my mobile now will have to run adwcleaner tomorrow
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK

Re: Computer will not shut down on its own

Unread postby Gary R » July 27th, 2014, 1:51 am

OK, thanks for letting me know, talk to you tomorrow.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer will not shut down on its own

Unread postby martin6976 » July 27th, 2014, 12:22 pm

# AdwCleaner v3.216 - Report created 27/07/2014 at 11:18:16
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : MartinM - MARTINM-PC
# Running from : C:\Users\MartinM\Desktop\adwcleaner_3.216.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\user.js
File Found : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\BrowserMngr_extensions.sqlite
File Found : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\browsermngr_prefs.js
File Found : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\user.js
Folder Found : C:\Program Files (x86)\BabylonToolbar
Folder Found : C:\Program Files (x86)\Optimizer Pro
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\Browser Manager
Folder Found : C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\MartinM\AppData\LocalLow\BabylonToolbar
Folder Found : C:\Users\MartinM\AppData\Roaming\Babylon
Folder Found : C:\Users\MartinM\AppData\Roaming\BabylonToolbar
Folder Found : C:\Users\MartinM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Found : C:\Users\MartinM\Documents\Optimizer Pro

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\BabylonToolbar
Key Found : HKCU\Software\BrowserMngr
Key Found : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Babylon
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Key Found : HKCU\Software\Myfree Codec
Key Found : [x64] HKCU\Software\BabylonToolbar
Key Found : [x64] HKCU\Software\BrowserMngr
Key Found : [x64] HKCU\Software\DataMngr
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\Microsoft\Babylon
Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : [x64] HKCU\Software\Myfree Codec
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\Software\BabylonToolbar
Key Found : HKLM\Software\BrowserMngr
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\b
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Found : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Found : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Found : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Key Found : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cmaiofennmphjldldcpphcechfnnohja
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Found : HKLM\Software\Myfree Codec
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page] - hxxp://search.babylon.com/?affID=110795 ... 72b950d9e7

-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "FindWide");
Line Found : user_pref("browser.search.order.1", "Search the web (Babylon)");
Line Found : user_pref("extensions.trusted-ads.ExLst", "{\"u\":{\"v\":\"1.91\",\"d\":\"072114\"},\"h\":{\"spotmais.iol.pt\":{\"p\":[{\"e\":\"/.*/\",\"r\":[\"/pubads\\\\.g\\\\.doubleclick\\\\.net/i\"]}]},\"pogo.com[...]
Line Found : user_pref("extensions.trusted-ads.list_api", "{\"r\":[\"hxxp://a1supplements.com/\",\"hxxp://aactionair.net/\",\"hxxp://afasterpc.com/\",\"hxxp://airservicesrefrigeration.com/\",\"hxxp://ajperri.com/\[...]
Line Found : user_pref("extensions.trusted-ads.serpInject", "{\"u\":{\"v\":\"2.72\",\"d\":\"061714\"},\"l\":\"hxxp://search.adtrustmedia.com/search_safecontent.php\",\"e\":[{\"u\":\"hxxp://ads.adtrustmedia.com/con[...]
Line Found : user_pref("extensions.trusted-ads.serp_mywebsearch", "\"%2F*!%20serp-mywebsearch%20-%20v0.1.10%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09de[...]

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Startup_urls] : hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22
Found [Startup_urls] : hxxp://search.babylon.com/?affID=110795 ... 72b950d9e7
Found [Homepage] : hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22
Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
Found [Extension] : dhkplhfnhceodhffomolpfigojocbpcb

*************************

AdwCleaner[R0].txt - [10702 octets] - [27/07/2014 11:18:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [10763 octets] ##########
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK

Re: Computer will not shut down on its own

Unread postby Gary R » July 27th, 2014, 12:45 pm

I still need to see an addition.txt log if I can, so can you please do the following for me ...

Reboot your computer into Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode (do not use Safe Mode with Networking), then press Enter.
  • Choose your usual account.
Note: if you cannot boot into safe mode using this method, DO NOT attempt to do so by using MSConfig, this could result in your computer becoming unbootable. Just let me know.

Now run a scan with FRST, not forgetting to click the Addition.txt radio button before clicking on Scan

Post me the Addition.txt log if it creates one.

If it's still blank please let me know, and only if the log is blank, then do the following ....

Reboot back into Normal Mode

Download OTL by OldTimer to your Desktop.

If you already have a copy of OTL delete it and use this version.

  • Double click OTL.exe to launch the programme.
  • Check the following.
    • Scan all users.
    • Standard Output.
    • Lop check.
    • Purity check.
  • Under Extra Registry section, select Use SafeList
  • Click the Run Scan button and wait for the scan to finish (usually about 10-15 mins).
  • When finished it will produce two logs.
    • OTL.txt (open on your desktop).
    • Extras.txt (minimised in your taskbar)
  • Please post me both logs.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer will not shut down on its own

Unread postby martin6976 » July 27th, 2014, 1:23 pm

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by MartinM at 2014-07-27 12:12:57
Running from C:\Users\MartinM\Desktop
Boot Mode: Safe Mode (minimal)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: COMODO Antivirus (Disabled - Out of date) {0C2D2636-923D-EE52-2A83-E643204A8275}
FW: COMODO Firewall (Enabled) {8F7746F7-FE68-E084-3B6C-7404A51E8FB3}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
Aiseesoft Total Video Converter Platinum 6.3.26 (HKLM-x32\...\{3661F243-518C-4d05-8BDF-7B10CC22689F}_is1) (Version: - )
AllShare Framework DMS (HKLM\...\{1ABC9BD2-7E06-4D70-929B-AC1B6461A8B2}) (Version: 1.3.06 - Samsung)
AllShare Play 1.5.0.1301241209 (HKLM\...\8474-7877-9059-0204) (Version: 1.5.0.1301241209 - Copyright 2013 SAMSUNG)
Amateur Contact Log 3.3 (HKLM-x32\...\ST6UNST #1) (Version: - )
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
AMD Accelerated Video Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.873.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{63F96D8F-D32B-AABF-4DE1-F51FF391FFD6}) (Version: 3.0.870.0 - Advanced Micro Devices, Inc.)
AMD Media Foundation Decoders (Version: 1.0.70213.1643 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In (Version: 2.03.0000 - AMD) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0213.1644.29893 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcGIS 10.1 Desktop Tutorial Data (HKLM-x32\...\ArcGIS 10.1 Desktop Tutorial Data) (Version: 10.1.3035 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 Desktop Tutorial Data (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.) Hidden
ArcGIS 10.1 for Desktop (HKLM-x32\...\ArcGIS 10.1 for Desktop) (Version: 10.1.3035 - Environmental Systems Research Institute, Inc.)
ArcGIS 10.1 for Desktop (x32 Version: 10.1.3035 - Environmental Systems Research Institute, Inc.) Hidden
Art Effects for PDR10 (HKLM-x32\...\NewBlue Art Effects for PDR10) (Version: 2.0 - NewBlue)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
BabylonObjectInstaller (HKLM-x32\...\{83AA2913-C123-4146-85BD-AD8F93971D39}) (Version: 2.0.0.3 - Babylon Ltd) <==== ATTENTION
Batch Update (x32 Version: 3.0 - Libronix Corporation) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bentley DGN IFilter (HKLM\...\{2E873893-A883-4C06-8308-7B491D58F3D6}) (Version: 1.0.1.11 - Bentley Systems, Incorporated)
Bentley DGN Index Service (HKLM-x32\...\{A753B088-3FCE-4F1C-BF92-8E6931DE261E}) (Version: 08.11.09029 - Bentley Systems, Incorporated)
Bentley DGN Preview Handler (HKLM-x32\...\{264B522D-1B7F-4AAF-A32B-55A6BF5679F2}) (Version: 8.11.8004 - Bentley Systems, Incorporated)
Bentley DGN Thumbnail Provider (HKLM\...\{74A8C1AF-75E5-4653-95AF-222725B7D877}) (Version: 8.11.7.410 - Bentley Systems, Incorporated)
Bentley V8i (SELECTseries 3) - Autodesk® RealDWG™ 2012 (HKLM-x32\...\{23D46254-9D4C-446C-900A-F53AF1D12A90}) (Version: 8.11.9.292 - Bentley Systems, Incorporated)
Bible Data Type System Files (x32 Version: 3.0 - Libronix Corporation) Hidden
BibleWorks 9 (HKLM-x32\...\{3C556482-2DD6-436C-A67E-428C5A31439E}) (Version: 1.00.000 - BibleWorks)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0213.1644.29893 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0213.1644.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0213.1643.29893 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0213.1644.29893 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
ChromecastApp (HKCU\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.316.0 - Google Inc.)
Clause Visualizer (x32 Version: 3.0 - Libronix Corporation) Hidden
Common System Files (x32 Version: 3.0 - Libronix Corporation) Hidden
COMODO Internet Security (HKLM\...\{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}) (Version: 5.10.31649.2253 - COMODO Security Solutions Inc.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2023 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.0.2023 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0002 - Microsoft Corporation)
Divvy (HKCU\...\Divvy) (Version: - Mizage LLC)
Epson Connect (HKLM-x32\...\{64BA551C-9AF6-495C-93F3-D1270E0045FC}) (Version: - )
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{8ED43F7E-A8F6-4898-AF11-B6158F2EDF94}) (Version: 2.50.0000 - SEIKO EPSON CORPORATION)
EPSON NX330 Series Printer Uninstall (HKLM\...\EPSON NX330 Series) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FileStream Take-1 Recorder (HKLM-x32\...\FileStream Take-1 Recorder) (Version: 2.0 - FileStream, Inc.)
FlashWorks (HKLM-x32\...\FlashWorks_is1) (Version: - )
GIMP 2.8.0 (HKLM\...\GIMP-2_is1) (Version: 2.8.0 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Graphical Query Editor (x32 Version: 3.0 - Libronix Corporation) Hidden
HDR Preview (HKLM\...\{9F7815C9-A323-4215-905C-73137D21BCC0}) (Version: 1.0.0.2 - Bentley Systems, Incorporated)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
i-model ODBC Driver for Windows 7 (HKLM-x32\...\{775616F7-2D4C-4D73-8773-A66C0BCECB38}) (Version: 01.00.00020 - Bentley Systems, Incorporated)
i-model ODBC Driver for Windows 7 (x64) (HKLM\...\{454AD0FD-21D2-4E73-99E9-A40CAC75A636}) (Version: 01.00.00020 - Bentley Systems, Incorporated)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Letters from Nowhere 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Libronix Digital Library System (HKLM-x32\...\Libronix DLS) (Version: - Libronix Corporation)
Libronix Digital Library System (x32 Version: 3.0 - Libronix Corporation) Hidden
Libronix DLS Application (x32 Version: 3.0 - Libronix Corporation) Hidden
Libronix DLS Shortcuts (x32 Version: 3.0 - Libronix Corporation) Hidden
Libronix Update (x32 Version: 3.0 - Libronix Corporation) Hidden
LLS Resource Driver (x32 Version: 3.0 - Libronix Corporation) Hidden
Logos 4 Prerequisites (HKLM-x32\...\{8CE68BCD-DBFE-477D-859D-3E571B435DB3}) (Version: 4.63.00327 - Logos Bible Software)
Logos Bible Software 4 (HKLM-x32\...\{99D7DB16-3913-4820-A641-FC34DB92E514}) (Version: 4.63.00400 - Logos Bible Software)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
MicroStation V8i (SELECTseries 3) 08.11.09.292 (HKLM-x32\...\{3E580885-4EF5-40EA-B2E9-7645CA1A0D73}) (Version: 08.11.09.292 - Bentley Systems, Incorporated)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Music Manager (HKCU\...\MusicManager) (Version: - Google, Inc.)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
OEB Resource Driver (x32 Version: 3.0 - Libronix Corporation) Hidden
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
PDF Resource Driver (x32 Version: 3.0 - Libronix Corporation) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Premium Sound HD (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.1800 - SRS Labs, Inc.)
PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Sentence Diagramming (x32 Version: 3.0 - Libronix Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SmartSound Quicktracks 5 (HKLM-x32\...\InstallShield_{2F8BA3FD-1FA9-4279-B696-712ABB12F09F}) (Version: 5.1.8 - SmartSound Software Inc.)
SmartSound Quicktracks 5 (x32 Version: 5.1.8 - SmartSound Software Inc.) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.3.39 - Safer-Networking Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.38.2 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.2 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{C31337DE-0CDC-45A9-9A32-F099AC78D557}) (Version: 3.0.9490 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 1.6.11.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 1.6.11.64 - TOSHIBA Corporation) Hidden
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{C9C56642-9AAB-4267-9454-36FF1CC59168}) (Version: 1.3.11.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.18.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.18.64 - TOSHIBA Corporation) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0020 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.12 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.17.38 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}) (Version: 1.0.87.5 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.31 - Toshiba)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.7.15.64 - TOSHIBA Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.4 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.6.52020009 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.21.64 - TOSHIBA Corporation) Hidden
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.1.3.03 - TOSHIBA Corporation)
Toshiba Security Dashboard (HKLM-x32\...\ToshibaSD) (Version: 1.0.0.48 - Symantec Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.13 - TOSHIBA)
TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.0022.000104 - TOSHIBA Corporation)
TOSHIBA Supervisor Password (HKLM-x32\...\{119826A8-4EF6-4BE5-A88B-D2D81FA7CEE2}) (Version: 2.00.0009 - TOSHIBA)
TOSHIBA User's Guide (HKLM-x32\...\{3384E1D9-3F18-4A98-8655-180FEF0DFC02}) (Version: 1.00.02 - TOSHIBA)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0023.640204 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.6.0023.640204 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.6.0023.640204 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.33 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.3.33 - TOSHIBA Corporation) Hidden
TOSHIBARegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.9 - TOSHIBA)
TrustedQSL 1.13 (HKLM-x32\...\TrustedQSL_is1) (Version: - ARRL)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version: - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version: - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{F5DCAB53-C2FD-4E5A-8C83-0F37485E5E89}) (Version: - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version: - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version: - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version: - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Visual Basic for Applications (R) Core - English (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visual Basic for Applications (R) Core (x32 Version: 6.5.10.32 - Microsoft Corporation) Hidden
Visualization Content (HKLM-x32\...\{A12C2FC2-6122-4107-A6AE-677339873A24}) (Version: 8.11.9.292 - Bentley Systems, Incorporated)
WildTangent Games (HKLM-x32\...\WildTangent toshiba Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Z 39.50 Library (x32 Version: 3.0 - Libronix Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-469878408-117990764-4033472088-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\MartinM\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-469878408-117990764-4033472088-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MartinM\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points =========================

24-05-2014 15:31:13 Windows Update
24-05-2014 15:33:48 Scheduled Checkpoint
08-06-2014 02:59:12 Windows Update
16-06-2014 04:05:59 Windows Update
14-07-2014 00:28:12 avast! antivirus system restore point
14-07-2014 01:58:43 Windows Update
14-07-2014 22:53:21 Windows Update
19-07-2014 16:23:44 Installed iTunes
26-07-2014 22:33:55 Windows Update
27-07-2014 03:21:22 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2012-08-16 23:16 - 00000885 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 www.libronix.net # Block Libronix update.

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2AABC5D7-36F5-467D-91AD-7B50CC3A0B12} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {2BEB1A5D-24AC-41F6-8EE2-F4F29562CD2E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA => C:\Users\MartinM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-24] (Facebook Inc.)
Task: {3CD83AE4-59A5-499D-9603-2916ED41F36F} - System32\Tasks\{D9DEEAE6-493C-4DC2-89E9-BC3EC1955D6F} => C:\Windows\twain_32\escndv\escndv.exe [2009-01-24] (SEIKO EPSON CORP.)
Task: {3F343CB1-F34C-4F3C-B889-065B1F1E3CBA} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core => C:\Users\MartinM\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-24] (Facebook Inc.)
Task: {41389738-DBA8-4694-9AF9-A7EC922ACC8E} - System32\Tasks\{E623D52D-8DF3-4326-AEDD-431A0577814A} => C:\Windows\twain_32\escndv\escndv.exe [2009-01-24] (SEIKO EPSON CORP.)
Task: {5F0E06A5-D79C-4352-BD94-30270A1659E6} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA => C:\Users\MartinM\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-04] (Google Inc.)
Task: {5FDCF13A-A901-4A37-ADCB-8EFB4E695A3E} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {60DDFDD0-66DA-4502-BA2B-C6B09A6431D2} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [2014-04-16] (COMODO)
Task: {6D4AF7BD-9E6A-4554-ADC6-6915983ECF8B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-13] (AVAST Software)
Task: {79BC6A6A-6F44-4489-BBE3-11CA31D74774} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-04] (Google Inc.)
Task: {8D58A6EF-38E2-401A-B984-144F2F452ECA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core => C:\Users\MartinM\AppData\Local\Google\Update\GoogleUpdate.exe [2012-11-04] (Google Inc.)
Task: {AA496F9E-1123-4704-AC72-34E052CC61D3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-04] (Google Inc.)
Task: {AE48907D-998C-4E9D-9D5A-3A14F0B9E217} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.2.0.29\SymErr.exe
Task: {B6C1196F-893F-4210-BEB5-6B4ED9B9F3C4} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.2.0.29\SymErr.exe
Task: {C766ED0B-7147-4429-9A75-9752008C9CC0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-18] (Piriform Ltd)
Task: {CA2D19B2-7E0E-466E-90B3-56F6D1DA34E2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {CED141F8-4D97-4BEE-9908-C7B51D900A47} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {D2D6945A-227E-4A2C-BFB6-07275562C405} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {DF55F6B8-3318-4B86-AEA3-0D1763513BB0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-13] (Adobe Systems Incorporated)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core.job => C:\Users\MartinM\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA.job => C:\Users\MartinM\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000Core.job => C:\Users\MartinM\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-469878408-117990764-4033472088-1000UA.job => C:\Users\MartinM\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============


==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="1"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: aswRvrt
Description: aswRvrt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: aswVmm
Description: aswVmm
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/27/2014 00:10:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2014 11:11:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/27/2014 11:11:10 AM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcInit started failed with 0

Error: (07/27/2014 11:11:10 AM) (Source: AllShare Framework DMS) (EventID: 1) (User: )
Description: AllShare Framework DMSSvcMain failed with 0

Error: (07/26/2014 05:24:01 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/26/2014 05:24:01 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.

Context: Windows Application


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/26/2014 05:24:01 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/26/2014 05:24:01 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)

Error: (07/26/2014 05:23:55 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.

Context: Windows Application, SystemIndex Catalog


Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

Error: (07/26/2014 05:23:55 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.

Context: Windows Application, SystemIndex Catalog


Details:
The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)


System errors:
=============
Error: (07/27/2014 00:11:32 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:35 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/27/2014 00:10:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
%%1068

Error: (07/27/2014 00:10:31 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2013-11-23 20:19:48.940
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:48.805
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:45.861
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:45.687
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:43.153
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:42.965
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:40.026
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:39.851
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:37.208
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2013-11-23 20:19:36.999
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 30%
Total physical RAM: 5606.37 MB
Available physical RAM: 3874.3 MB
Total Pagefile: 11210.91 MB
Available Pagefile: 9517.06 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: (TI106426W0A) (Fixed) (Total:581.16 GB) (Free:187.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 404E45E7)
Partition 1: (Active) - (Size=1 GB) - (Type=27)
Partition 2: (Not Active) - (Size=581 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=17)

==================== End Of Log ============================
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK

Re: Computer will not shut down on its own

Unread postby Gary R » July 27th, 2014, 2:28 pm

Before we start removing the infection on your computer, I need you to create a Registry backup for me ...

Please click on THIS link, and follow the instructions for installing TCRB and creating a backup of your Registry.

Also backup your personal files and folders.

I don't expect anything to go wrong, but removing Malware is a hazardous undertaking and nothing is 100% safe, so back things up first.

once that is done ...

You have signs of more than one AV program installed on your computer, this is a recipe for disaster, as they will conflict, reducing rather than enhancing your security. They're also almost certainly the reason that we didn't get an Addition.txt report when booted into Normal Mode.

Please go to Control Panel > Programs > Uninstall a program and Uninstall one of the following (the choice is yours which one)

avast! Free Antivirus
COMODO Internet Security


can you also uninstall ...

Spybot - Search & Destroy 2


... which will interfere with what we're trying to do. You can re-install it when we're finished cleaning your computer.

Reboot your computer once those programs are uninstalled

Next ....

  • Double click AdwCleaner.exe to run it.
  • Click Scan and allow the scan to finish.
  • Now click Clean to remove the items found.
  • Click OK to the prompt.
  • The tool will run & your computer will be rebooted automatically. A logfile will open after the restart.
  • Post the contents of the logfile with your next reply.
  • You can also find the logfile at C:\AdwCleaner[s1].txt.

Next ....

  • Click Start
  • Type notepad.exe in the search programs and files box and click Enter.
  • A blank Notepad page should open.
    • Copy/Paste the contents of the code box below into Notepad. (don't include Code: Select all)
Code: Select all
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = http://search.babylon.com/?affID=110795 ... 72b950d9e7
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.babylon.com/?q={searchTerms}&affID=110795&tt=bandext_3312_5&babsrc=SP_ss&mntrId=00ffbd6d0000000000004c72b950d9e7
SearchScopes: HKCU - {68F2F0BB-8D8B-4FB1-8F16-2D61C7F29734} URL = http://search.findwide.com/serp?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&action=default_search&serpv=22&k={searchTerms}
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {ACF628D7-0CE2-4C96-993F-C1C0ABB7BB4F} - No File
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKCU - No Name - {ACF628D7-0CE2-4C96-993F-C1C0ABB7BB4F} - No File
Handler: lbxfile - {56831180-F115-11d2-B6AA-00104B2B9943} - No File
Handler: lbxres - {24508F1B-9E94-40EE-9759-9AF5795ADF52} - No File
FF SearchEngineOrder.1: Search the web (Babylon)
/?affID=110795&tt=bandext_3312_5&babsrc=HP_ss&mntrId=00ffbd6d0000000000004c72b950d9e7", "hxxp://www.msn.com/?pc=AV01"
CHR Plugin: (Babylon ToolBar) - C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.7_0\BabylonChromeToolBar.dll No File
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
C:\Users\MartinM\AppData\Local\Temp\*.*
Hosts:
CMD: ipconfig /flushdns

    • Save it to the same folder/directory that FRST.exe is in, naming it as fixlist.txt

NOTICE: This script was written specifically for this user. Running it on another machine may cause damage to your operating system

  • Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens ....
    • Press the Fix button once and wait.
    • FRST will process fixlist.txt
    • When finished, it will produce a log fixlog.txt in the same folder/directory as FRST64.exe
    • Please post me the log

Next ....

Please run a search for me with FRST

  • Double click Frst64.exe to launch it.
  • FRST will start to run.
    • When the tool opens click Yes to the disclaimer.
    • Copy/Paste or Type the following line into the Search: box.
    Fun4IM;Bandoo;Searchnu;Searchqu;iLivid;whitesmoke;datamngr;kelkoopartners;trolltech;babylon;conduit

    • Press the Search Registry button.
    • When finished searching a log will open on your Desktop ... Search.txt
    • Please post it in your next reply.

Your home and startpage for Chrome have been altered ...

CHR HomePage: hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22
CHR StartupUrls: "hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22", "hxxp://search.babylon.com

... please reset them using the instructions at ... https://support.google.com/chrome/answer/95314?hl=en ... and ... https://support.google.com/chrome/answer/95426?hl=en


Summary of the logs I need from you in your next post:
  • AdwCleaner[s1].txt
  • Fixlog.txt
  • Search.txt


Please post each log separately to prevent it being cut off by the forum post size limiter. Check each after you've posted it to make sure it's all present, if any log is cut off you'll have to post it in sections.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer will not shut down on its own

Unread postby martin6976 » July 27th, 2014, 9:33 pm

how long should tcrb take do backup. It has been running for about an hour and a half? I do not mind waiting but just want to be sure
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK

Re: Computer will not shut down on its own

Unread postby Gary R » July 28th, 2014, 3:25 am

It shouldn't take as long as that. It's usually just a few minutes.

Try it again, and if it's still taking a lot of time, then instead of backing up your Registry with TCRB, do the following.

  • Click Start and in the Search programs and files box type Create
  • Select Create a Restore Point from the list of "options" produced.
  • When the System Properties window opens, click on the Create button.
  • Give the Restore Point a name you can remember and click Create
  • Windows will now create a System Restore Point that we can restore to if necessary.
  • When the SRP has been created, exit out of the System Properties window, and proceed with the fix, starting with ADWCleaner.

Any problems creating a SRP please let me know.
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer will not shut down on its own

Unread postby martin6976 » July 29th, 2014, 2:15 am

Sorry been sick all day.

Will post requested logs tomorrow
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK

Re: Computer will not shut down on its own

Unread postby Gary R » July 29th, 2014, 3:29 am

No worries, talk to you then. :)
User avatar
Gary R
Administrator
Administrator
 
Posts: 25888
Joined: June 28th, 2005, 11:36 am
Location: Yorkshire

Re: Computer will not shut down on its own

Unread postby martin6976 » July 29th, 2014, 2:03 pm

First of 3 logs files requested:

# AdwCleaner v3.216 - Report created 29/07/2014 at 12:57:17
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : MartinM - MARTINM-PC
# Running from : C:\Users\MartinM\Desktop\adwcleaner_3.216.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\Program Files (x86)\BabylonToolbar
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Users\MartinM\AppData\LocalLow\BabylonToolbar
Folder Deleted : C:\Users\MartinM\AppData\Roaming\Babylon
Folder Deleted : C:\Users\MartinM\AppData\Roaming\BabylonToolbar
Folder Deleted : C:\Users\MartinM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Browser Manager
Folder Deleted : C:\Users\MartinM\Documents\Optimizer Pro
Folder Deleted : C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
File Deleted : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\BrowserMngr_extensions.sqlite
File Deleted : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\browsermngr_prefs.js
File Deleted : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\user.js
File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js
File Deleted : C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage
File Deleted : C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.babylon.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{B64982B1-D112-42B5-B1E4-D3867C4533F8}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cmaiofennmphjldldcpphcechfnnohja
Key Deleted : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [BrowserMngrDefaultScope]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\b
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FD8F79A0-D2E2-4FA2-AEAF-393EAC8064F7}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\BrowserMngr
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Microsoft\Babylon
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\BabylonToolbar
Key Deleted : HKLM\Software\BrowserMngr
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Key Deleted : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Key Deleted : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [BrowserMngr Start Page]

-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\MartinM\AppData\Roaming\Mozilla\Firefox\Profiles\lxngwgnk.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "FindWide");
Line Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)");
Line Deleted : user_pref("extensions.trusted-ads.ExLst", "{\"u\":{\"v\":\"1.91\",\"d\":\"072114\"},\"h\":{\"spotmais.iol.pt\":{\"p\":[{\"e\":\"/.*/\",\"r\":[\"/pubads\\\\.g\\\\.doubleclick\\\\.net/i\"]}]},\"pogo.com[...]
Line Deleted : user_pref("extensions.trusted-ads.list_api", "{\"r\":[\"hxxp://a1supplements.com/\",\"hxxp://aactionair.net/\",\"hxxp://afasterpc.com/\",\"hxxp://airservicesrefrigeration.com/\",\"hxxp://ajperri.com/\[...]
Line Deleted : user_pref("extensions.trusted-ads.serpInject", "{\"u\":{\"v\":\"2.72\",\"d\":\"061714\"},\"l\":\"hxxp://search.adtrustmedia.com/search_safecontent.php\",\"e\":[{\"u\":\"hxxp://ads.adtrustmedia.com/con[...]
Line Deleted : user_pref("extensions.trusted-ads.serp_mywebsearch", "\"%2F*!%20serp-mywebsearch%20-%20v0.1.10%20-%202014-04-07%2018%3A21%3A58%20*%2F%0D%0Avar%20u%20%3D%20%7B%7D%3B%0A%0Avar%20Util%20%3D%20%7B%0A%09de[...]

-\\ Google Chrome v36.0.1985.125

[ File : C:\Users\MartinM\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.findwide.com/serp?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&action=default_search&serpv=22&k={searchTerms}
Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=HP_ss&s=web&rlz=0&sd=1&as=0&ac=0
Deleted [Startup_urls] : hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22
Deleted [Startup_urls] : hxxp://search.babylon.com/?affID=110795 ... 72b950d9e7
Deleted [Homepage] : hxxp://search.findwide.com/?guid={C8C8C1C7-6740-4105-B995-20CABABB8956}&serpv=22
Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
Deleted [Extension] : dhkplhfnhceodhffomolpfigojocbpcb

*************************

AdwCleaner[R0].txt - [10936 octets] - [27/07/2014 11:18:16]
AdwCleaner[R1].txt - [11265 octets] - [29/07/2014 12:55:22]
AdwCleaner[S0].txt - [11263 octets] - [29/07/2014 12:57:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11324 octets] ##########
martin6976
Regular Member
 
Posts: 98
Joined: August 30th, 2007, 2:29 pm
Location: Mannford, OK
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 384 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware