1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

MS Windows 7 - Generally Slow

Discussion in 'Virus & Other Malware Removal' started by BBdude, Jan 25, 2014.

Thread Status:
Not open for further replies.
Advertisement
  1. BBdude

    BBdude Thread Starter

    Joined:
    Jan 25, 2014
    Messages:
    11
    Hi All,

    I used be pretty good with computers, but it's been a while! I have an ASUS laptop running Windows 7. It's worked great for the last year or so, but the last 6 months it's painfully slow doing anything on the laptop. I've checked a few things listed below, but the computer is still very slow.

    Ran Malwarebytes / CC Cleaner - found no major issues
    Internet is slow, but network utilization is < 5% and other machines on the same network are running fine
    Only two programs installed on the laptop post purchase - AVG, Picasa, and Carbonite (only back-ups at night)
    Running internet programs (e.g., IE, FF, Chrome) takes up ~35% of the CPU, even when idle
    Ran msconfig and didn't see any odd or irregular programs running at startup.
    Plenty of space available on the harddisk

    Before I reformat the laptop, wanted to see if there's something else I should check/do? Thanks in advance for any help!
     
  2. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Lets run a couple of scans.

    Disk Check

    • Click on Start then type cmd in the search box. A menu will pop up with cmd at the top, right click on it and select Run as Administrator. Another box will open, at the prompt type chkdsk /r and hit Enter. Note: you must include a space between the k and the /
    • You will then see the following message:
      chkdsk cannot run because the volume is in use by another process. Would you like to schedule this volume to be checked the next time the system restarts? (Y/N)
    • Type Y for yes, and hit Enter. Then reboot the computer.
    • chkdsk will start when Windows begins loading again. Let all 5 phases run and don't use or turn off the computer. (The chkdsk process may take an hour or more to finish, if it appears to freeze this is normal so do not interrupt it. On drives above 500GB it can take several hours.)
    • When the Disk Check is done, it will finish loading Windows.


    When back at the desktop, follow this to find the log.


    • Press the Windows + R keys to open the Run box, type eventvwr.msc, and hit the Enter key on your keyboard.
    • If prompted by the User Account Control, click on Yes (Windows 7/8) or Continue (Vista).
    • In the left pane of Event Viewer, double click on Windows Logs to expand it, then left click once on Application then right click on Application and select Find.
    • Type wininit into the Find box and click on Find Next.
    • When the search completes you should see the log displayed in the central pane, close the Find window.
    • In the right hand pane click on Copy and select Copy details as text.
    • Come back to this thread and right click in the message box and select Paste, the log should appear.
    • Add any other information asked for and submit the post.


    ==========================================================

    Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop. Do not get tempted to download Regclean Pro.

    Note: If you get a warning that the download could harm your system, please ignore it and allow the download to go ahead. FRST is perfectly safe and we would never ask you to download anything that isn't.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click on FRST to run it. When the tool opens click Yes to the disclaimer.
    • Press theScan button.
    • It will make a log (FRST.txt) in the same directory the tool is run from. Please copy and paste it into your next reply.
    • The first time the tool is run, it makes another log (Addition.txt). Please also copy and paste that into your reply.
     
  3. BBdude

    BBdude Thread Starter

    Joined:
    Jan 25, 2014
    Messages:
    11
    Thanks for the help! As instructed, log information is pasted below.

    ++++++++++++++++++++wininit log+++++++++++++++++++++++++++++++++

    Log Name: Application
    Source: Microsoft-Windows-Wininit
    Date: 1/26/2014 7:13:17 PM
    Event ID: 1001
    Task Category: None
    Level: Information
    Keywords: Classic
    User: N/A
    Computer: <PC NAME>-PC
    Description:


    Checking file system on C:
    The type of the file system is NTFS.
    Volume label is OS.

    A disk check has been scheduled.
    Windows will now check the disk.

    CHKDSK is verifying files (stage 1 of 5)...
    278272 file records processed.

    File verification completed.
    698 large file records processed.

    0 bad file records processed.

    0 EA records processed.

    45 reparse records processed.

    CHKDSK is verifying indexes (stage 2 of 5)...
    345080 index entries processed.

    Index verification completed.
    0 unindexed files scanned.

    0 unindexed files recovered.

    CHKDSK is verifying security descriptors (stage 3 of 5)...
    278272 file SDs/SIDs processed.

    Cleaning up 4669 unused index entries from index $SII of file 0x9.
    Cleaning up 4669 unused index entries from index $SDH of file 0x9.
    Cleaning up 4669 unused security descriptors.
    Security descriptor verification completed.
    33405 data files processed.

    CHKDSK is verifying Usn Journal...
    35221168 USN bytes processed.

    Usn Journal verification completed.
    CHKDSK is verifying file data (stage 4 of 5)...
    278256 files processed.

    File data verification completed.
    CHKDSK is verifying free space (stage 5 of 5)...
    33962588 free clusters processed.

    Free space verification is complete.
    CHKDSK discovered free space marked as allocated in the
    master file table (MFT) bitmap.
    CHKDSK discovered free space marked as allocated in the volume bitmap.
    Windows has made corrections to the file system.

    315006975 KB total disk space.
    178616584 KB in 179477 files.
    147452 KB in 33406 indexes.
    0 KB in bad sectors.
    392583 KB in use by the system.
    65536 KB occupied by the log file.
    135850356 KB available on disk.

    4096 bytes in each allocation unit.
    78751743 total allocation units on disk.
    33962589 allocation units available on disk.

    Internal Info:
    00 3f 04 00 9f 3f 03 00 08 ce 05 00 00 00 00 00 .?...?..........
    64 b4 00 00 2d 00 00 00 00 00 00 00 00 00 00 00 d...-...........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

    Windows has finished checking your disk.
    Please wait while your computer restarts.

    Event Xml:
    <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2014-01-27T00:13:17.000000000Z" />
    <EventRecordID>35242</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer><PC NAME>-PC</Computer>
    <Security />
    </System>
    <EventData>
    <Data>

    Checking file system on C:
    The type of the file system is NTFS.
    Volume label is OS.

    A disk check has been scheduled.
    Windows will now check the disk.

    CHKDSK is verifying files (stage 1 of 5)...
    278272 file records processed.

    File verification completed.
    698 large file records processed.

    0 bad file records processed.

    0 EA records processed.

    45 reparse records processed.

    CHKDSK is verifying indexes (stage 2 of 5)...
    345080 index entries processed.

    Index verification completed.
    0 unindexed files scanned.

    0 unindexed files recovered.

    CHKDSK is verifying security descriptors (stage 3 of 5)...
    278272 file SDs/SIDs processed.

    Cleaning up 4669 unused index entries from index $SII of file 0x9.
    Cleaning up 4669 unused index entries from index $SDH of file 0x9.
    Cleaning up 4669 unused security descriptors.
    Security descriptor verification completed.
    33405 data files processed.

    CHKDSK is verifying Usn Journal...
    35221168 USN bytes processed.

    Usn Journal verification completed.
    CHKDSK is verifying file data (stage 4 of 5)...
    278256 files processed.

    File data verification completed.
    CHKDSK is verifying free space (stage 5 of 5)...
    33962588 free clusters processed.

    Free space verification is complete.
    CHKDSK discovered free space marked as allocated in the
    master file table (MFT) bitmap.
    CHKDSK discovered free space marked as allocated in the volume bitmap.
    Windows has made corrections to the file system.

    315006975 KB total disk space.
    178616584 KB in 179477 files.
    147452 KB in 33406 indexes.
    0 KB in bad sectors.
    392583 KB in use by the system.
    65536 KB occupied by the log file.
    135850356 KB available on disk.

    4096 bytes in each allocation unit.
    78751743 total allocation units on disk.
    33962589 allocation units available on disk.

    Internal Info:
    00 3f 04 00 9f 3f 03 00 08 ce 05 00 00 00 00 00 .?...?..........
    64 b4 00 00 2d 00 00 00 00 00 00 00 00 00 00 00 d...-...........
    00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................

    Windows has finished checking your disk.
    Please wait while your computer restarts.
    </Data>
    </EventData>
    </Event>

    ++++++++++++++++++++++++++++FRST Scan Log+++++++++++++++++++++++++++++

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-01-2014 02
    Ran by <PC NAME>(administrator) on <PC NAME>-PC on 26-01-2014 20:31:00
    Running from C:\Users\<PC NAME>\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
    (AMD) C:\Windows\System32\atiesrxx.exe
    (AMD) C:\Windows\System32\atieclxx.exe
    (ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
    (Carbonite, Inc. (www.carbonite.com)) C:\Program Files\Carbonite\Carbonite Backup\CarboniteService.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    (ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    (ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
    (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
    (ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
    (Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Carbonite, Inc.) C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
    () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe
    (LeapFrog Enterprises, Inc.) C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
    (ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
    (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
    (Acresso Corporation) C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe
    (ASUS) C:\Windows\AsScrPro.exe
    (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
    (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
    (Microsoft Corporation) C:\Windows\System32\mmc.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2264168 2011-07-28] (Realtek Semiconductor)
    HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [Setwallpaper] - c:\programdata\SetWallpaper.cmd
    HKLM-x32\...\Run: [Nuance PDF Reader-reminder] - C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe [328992 2008-11-03] (Nuance Communications, Inc.)
    HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-01] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
    HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
    HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322176 2012-02-16] (ASUSTek Computer Inc.)
    HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174720 2011-10-24] (ASUS)
    HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
    HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2321072 2012-02-02] (ASUSTeK Computer Inc.)
    HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
    HKLM-x32\...\Run: [] - [x]
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [Carbonite Backup] - C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe [1056264 2013-10-10] (Carbonite, Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
    HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-10-07] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2486296 2014-01-06] ()
    HKLM-x32\...\Run: [Monitor] - C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe [106496 2013-11-27] (LeapFrog Enterprises, Inc.)
    MountPoints2: {355d14c9-ec77-11e2-a8f3-5404a6e0611e} - F:\VZW_Software_upgrade_assistant.exe

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={B509391A-2BFA-4E3C-AF85-7D0B2CED9C17}&mid=5700d4964f1d47d18be6854de00488ed-4227e4855d5002c823cc6af255a300bb88c3c720&lang=en&ds=AVG&coid=avgtbavg&pr=fr&d=2013-11-13 17:05:27&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
    BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
    BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
    BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
    BHO-x32: No Name - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No File
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
    Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{0BCB7A03-B304-4DA3-A1B3-CFB1F5657A16}: [NameServer]107.6.133.8,23.23.180.210

    Chrome:
    =======
    CHR Extension: (Google Docs) - C:\Users\<PC NAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-25]
    CHR Extension: (Google Drive) - C:\Users\<PC NAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-25]
    CHR Extension: (YouTube) - C:\Users\<PC NAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-25]
    CHR Extension: (Google Search) - C:\Users\<PC NAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-25]
    CHR Extension: (AVG SafeGuard) - C:\Users\<PC NAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-01-25]
    CHR Extension: (Google Wallet) - C:\Users\<PC NAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-25]
    CHR Extension: (Gmail) - C:\Users\<PC NAME>\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-25]
    CHR HKLM-x32\...\Chrome\Extension: [aaedokpmfnajoioaciedaoekpaieojih] - C:\Users\<PC NAME>\AppData\Roaming\Find a Local Pro\noproblem.crx [2014-01-25]
    CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG SafeGuard toolbar\ChromeExt\17.3.0.49\avg.crx [2014-01-06]

    ==================== Services (Whitelisted) =================

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-03-21] (Advanced Micro Devices, Inc.)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
    S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-25] (AVG Technologies CZ, s.r.o.)
    R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1771544 2014-01-06] (AVG Secure Search)

    ==================== Drivers (Whitelisted) ====================

    R1 ATKWMIACPIIO_; C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [17536 2011-09-07] (ASUS)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-13] (AVG Technologies)
    R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-01-26 20:31 - 2014-01-26 20:31 - 00016965 _____ C:\Users\<PC NAME>\Downloads\FRST.txt
    2014-01-26 20:30 - 2014-01-26 20:30 - 00000000 ____D C:\FRST
    2014-01-26 20:28 - 2014-01-26 20:28 - 02078208 _____ (Farbar) C:\Users\<PC NAME>\Downloads\FRST64.exe
    2014-01-26 19:11 - 2014-01-26 19:11 - 00003544 ____N C:\bootsqm.dat
    2014-01-19 12:29 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2014-01-19 12:29 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2014-01-19 12:29 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2014-01-19 12:29 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2014-01-19 12:27 - 2014-01-19 12:29 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
    2014-01-17 13:11 - 2014-01-24 09:29 - 00084286 _____ C:\Users\<PC NAME>\Desktop\James Scrapbook.pptx
    2014-01-17 10:12 - 2014-01-17 10:12 - 00000000 ____D C:\Users\<PC NAME>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
    2014-01-16 09:42 - 2014-01-16 09:42 - 00000000 ____D C:\Users\<PC NAME>\AppData\Local\{5E5D1B15-4657-4AD7-B5AB-25112D76FF9B}
    2014-01-16 03:26 - 2014-01-16 03:26 - 00000000 _____ C:\Windows\SysWOW64\shoDEEA.tmp
    2014-01-15 13:57 - 2013-11-26 06:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
    2014-01-15 13:21 - 2013-11-26 20:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
    2014-01-15 13:21 - 2013-11-26 20:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
    2014-01-15 13:21 - 2013-11-26 20:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
    2014-01-15 13:21 - 2013-11-26 20:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
    2014-01-15 13:21 - 2013-11-26 20:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
    2014-01-15 13:21 - 2013-11-26 20:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
    2014-01-15 13:21 - 2013-11-26 20:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
    2014-01-15 13:21 - 2013-11-26 05:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2014-01-13 16:20 - 2014-01-15 16:22 - 00000000 ____D C:\Users\<PC NAME>\AppData\Local\{FFF46D63-A018-4753-A2CD-32EBFAF44EFD}
    2014-01-12 08:05 - 2014-01-12 08:05 - 00000000 ____D C:\Users\<PC NAME>\Desktop\2013 Yearbook
    2014-01-06 14:23 - 2014-01-06 14:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
    2013-12-30 11:35 - 2013-12-30 11:35 - 00000000 ____D C:\Windows\9155DB04A032491A88B27C19B9E9F945.TMP
    2013-12-30 11:34 - 2013-12-30 11:34 - 00000000 ____D C:\Program Files\DIFX
    2013-12-30 11:32 - 2013-12-30 11:34 - 00000000 ____D C:\Program Files (x86)\LeapFrog
    2013-12-30 11:32 - 2013-12-30 11:32 - 11171960 _____ (LeapFrog Enterprises, Inc.) C:\Users\<PC NAME>\Downloads\LeapFrogConnectSetup_MyPals.exe
    2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Leapfrog

    ==================== One Month Modified Files and Folders =======

    2014-01-26 20:31 - 2014-01-26 20:31 - 00016965 _____ C:\Users\<PC NAME>\Downloads\FRST.txt
    2014-01-26 20:30 - 2014-01-26 20:30 - 00000000 ____D C:\FRST
    2014-01-26 20:28 - 2014-01-26 20:28 - 02078208 _____ (Farbar) C:\Users\<PC NAME>\Downloads\FRST64.exe
    2014-01-26 20:17 - 2011-11-30 23:03 - 01515468 _____ C:\Windows\WindowsUpdate.log
    2014-01-26 20:00 - 2012-08-23 15:43 - 00098955 _____ C:\Users\<PC NAME>\Desktop\<PC NAME> Budget.xlsx
    2014-01-26 19:44 - 2012-09-03 10:58 - 00000900 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-01-26 19:38 - 2012-04-17 19:30 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-01-26 19:30 - 2013-09-23 09:09 - 00015657 _____ C:\Users\<PC NAME>\Desktop\Dinner and Groceries.xlsx
    2014-01-26 19:21 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-01-26 19:21 - 2009-07-13 23:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-01-26 19:13 - 2012-09-03 10:58 - 00000896 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-01-26 19:12 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2014-01-26 19:12 - 2009-07-13 23:51 - 00078291 _____ C:\Windows\setupact.log
    2014-01-26 19:11 - 2014-01-26 19:11 - 00003544 ____N C:\bootsqm.dat
    2014-01-25 11:25 - 2013-06-09 13:26 - 00007594 _____ C:\Users\<PC NAME>\AppData\Local\Resmon.ResmonCfg
    2014-01-25 11:20 - 2011-11-30 23:39 - 00045056 _____ C:\Windows\system32\acovcnt.exe
    2014-01-25 11:19 - 2013-11-15 21:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2014-01-25 11:19 - 2011-04-01 23:17 - 00394326 _____ C:\Windows\PFRO.log
    2014-01-25 11:17 - 2012-02-16 21:07 - 00000000 ____D C:\Users\<PC NAME>\AppData\Roaming\Mozilla
    2014-01-25 11:12 - 2012-09-03 10:58 - 00000000 ____D C:\Users\<PC NAME>\AppData\Local\Google
    2014-01-25 11:12 - 2011-04-01 23:36 - 00000000 ____D C:\Program Files (x86)\Google
    2014-01-24 09:29 - 2014-01-17 13:11 - 00084286 _____ C:\Users\<PC NAME>\Desktop\James Scrapbook.pptx
    2014-01-20 13:21 - 2009-07-14 00:13 - 00795576 _____ C:\Windows\system32\PerfStringBackup.INI
    2014-01-19 12:30 - 2013-11-03 13:54 - 00000000 ____D C:\ProgramData\Oracle
    2014-01-19 12:29 - 2014-01-19 12:27 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
    2014-01-19 12:29 - 2013-03-31 16:54 - 00000000 ____D C:\Program Files (x86)\Java
    2014-01-17 10:12 - 2014-01-17 10:12 - 00000000 ____D C:\Users\<PC NAME>\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
    2014-01-16 09:42 - 2014-01-16 09:42 - 00000000 ____D C:\Users\<PC NAME>\AppData\Local\{5E5D1B15-4657-4AD7-B5AB-25112D76FF9B}
    2014-01-16 03:28 - 2009-07-13 23:45 - 00417408 _____ C:\Windows\system32\FNTCACHE.DAT
    2014-01-16 03:26 - 2014-01-16 03:26 - 00000000 _____ C:\Windows\SysWOW64\shoDEEA.tmp
    2014-01-16 03:09 - 2013-08-14 08:08 - 00000000 ____D C:\Windows\system32\MRT
    2014-01-16 03:01 - 2012-02-18 14:00 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-01-15 16:22 - 2014-01-13 16:20 - 00000000 ____D C:\Users\<PC NAME>\AppData\Local\{FFF46D63-A018-4753-A2CD-32EBFAF44EFD}
    2014-01-12 08:05 - 2014-01-12 08:05 - 00000000 ____D C:\Users\<PC NAME>\Desktop\2013 Yearbook
    2014-01-08 10:30 - 2011-11-30 23:35 - 00002318 _____ C:\Windows\system32\AutoRunFilter.ini
    2014-01-08 10:30 - 2011-11-30 23:35 - 00001446 _____ C:\Windows\system32\ServiceFilter.ini
    2014-01-08 09:38 - 2009-07-14 00:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2014-01-06 14:23 - 2014-01-06 14:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
    2014-01-06 08:48 - 2013-09-06 10:30 - 00003744 _____ C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
    2014-01-06 08:47 - 2013-09-06 10:30 - 00000000 ____D C:\Program Files (x86)\AVG SafeGuard toolbar
    2013-12-30 11:35 - 2013-12-30 11:35 - 00000000 ____D C:\Windows\9155DB04A032491A88B27C19B9E9F945.TMP
    2013-12-30 11:34 - 2013-12-30 11:34 - 00000000 ____D C:\Program Files\DIFX
    2013-12-30 11:34 - 2013-12-30 11:32 - 00000000 ____D C:\Program Files (x86)\LeapFrog
    2013-12-30 11:34 - 2011-11-30 23:28 - 00010578 _____ C:\Windows\DPINST.LOG
    2013-12-30 11:32 - 2013-12-30 11:32 - 11171960 _____ (LeapFrog Enterprises, Inc.) C:\Users\<PC NAME>\Downloads\LeapFrogConnectSetup_MyPals.exe
    2013-12-30 11:32 - 2013-12-30 11:32 - 00000000 ____D C:\ProgramData\Leapfrog

    Some content of TEMP:
    ====================
    C:\Users\<PC NAME>\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Users\<PC NAME>\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Users\<PC NAME>\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\<PC NAME>\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-01-19 21:41

    ==================== End Of Log ============================

    +++++++++++++++++++++++++++FRST Addition Scan Log++++++++++++++++++++++++

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-01-2014 02
    Ran by <PC NAME> at 2014-01-26 20:33:29
    Running from C:\Users\<PC NAME>\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    3herosoft iPhone to Computer Transfer (x32 Version: 4.2.6.0503 - 3herosoft)
    64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
    Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.7.0.1530 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
    Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
    AMD APP SDK Runtime (Version: 10.0.851.4 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Install Manager (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
    AMD Fuel (Version: 2012.0321.2215.37961 - Advanced Micro Devices, Inc.) Hidden
    AMD Media Foundation Decoders (Version: 1.0.70321.2226 - Advanced Micro Devices, Inc.) Hidden
    AMD Steady Video Plug-In (Version: 2.03.0000 - AMD) Hidden
    AMD VISION Engine Control Center (x32 Version: 2012.0321.2215.37961 - Advanced Micro Devices, Inc.) Hidden
    Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
    Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
    Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
    ASUS AI Recovery (x32 Version: 1.0.24 - ASUS)
    ASUS FaceLogon (x32 Version: 1.0.0014 - ASUS)
    ASUS FancyStart (x32 Version: 1.1.1 - ASUSTeK Computer Inc.)
    ASUS LifeFrame3 (x32 Version: 3.1.1 - ASUS)
    ASUS Live Update (x32 Version: 3.1.7 - ASUS)
    ASUS Power4Gear Hybrid (Version: 1.2.1 - ASUS)
    ASUS Splendid Video Enhancement Technology (x32 Version: 1.02.0036 - ASUS)
    ASUS Virtual Camera (x32 Version: 1.0.25 - ASUS)
    ASUS WebStorage (x32 Version: 3.0.84.161 - eCareme Technologies, Inc.)
    ASUS_Screensaver (x32 Version: - )
    AsusVibe2.0 (x32 Version: 2.0.4.617 - ASUSTEK)
    Atheros Client Installation Program (x32 Version: 7.0 - Atheros)
    ATK Package (x32 Version: 1.0.0016 - ASUS)
    AVG 2014 (Version: 14.0.3629 - AVG Technologies) Hidden
    AVG 2014 (Version: 14.0.4158 - AVG Technologies) Hidden
    AVG 2014 (Version: 2014.0.4158 - AVG Technologies)
    AVG SafeGuard toolbar (x32 Version: 17.3.0.49 - AVG Technologies)
    Awesome Duplicate Photo Finder v. 1.1 (x32 Version: - Duplicate-Finder.com)
    BitTorrent (x32 Version: 7.6.1 - BitTorrent Inc.)
    Bonjour (Version: 3.0.0.10 - Apple Inc.)
    BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Carbonite (x32 Version: 5.5.0 build 3621 (Oct-10-2013) - Carbonite)
    Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0321.2215.37961 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2012.0321.2215.37961 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2012.0321.2215.37961 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Profiles Mobile (x32 Version: 2012.0321.2215.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (x32 Version: 2012.0321.2214.37961 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility64 (Version: 2012.0321.2215.37961 - Advanced Micro Devices, Inc.) Hidden
    Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
    Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2 - Microsoft Corporation)
    Controlo ActiveX do Windows Live Mesh para Ligações Remotas (x32 Version: 15.4.5722.2 - Microsoft Corporation)
    Coupon Printer for Windows (x32 Version: 5.0.0.4 - Coupons.com Incorporated) <==== ATTENTION
    CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.)
    CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
    CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.)
    CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
    D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32 Version: - Microsoft)
    Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
    DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
    DomaIQ (x32 Version: - Tuguu SLU)
    Easy Phone Tunes (x32 Version: 137 - Easy Phone Tunes)
    ETDWare PS/2-X64 8.0.5.1_WHQL (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
    Fast Boot (Version: 1.0.9 - ASUS)
    ffdshow (remove only) (x32 Version: - )
    Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Google Chrome (x32 Version: 32.0.1700.76 - Google Inc.)
    Google Earth Plug-in (x32 Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
    Google+ Auto Backup (x32 Version: 1.0.21.81 - Google)
    GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
    Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
    HP Customer Participation Program 14.0 (Version: 14.0 - HP)
    HP Imaging Device Functions 14.0 (Version: 14.0 - HP)
    HP Photo Creations (x32 Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
    HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0 - HP)
    HP Product Detection (x32 Version: 11.14.0001 - HP)
    HP Smart Web Printing 4.60 (Version: 4.60 - HP)
    HP Solution Center 14.0 (Version: 14.0 - HP)
    HP Update (x32 Version: 5.005.000.002 - Hewlett-Packard)
    HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
    HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
    HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
    HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
    HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
    iCloud (Version: 3.0.2.163 - Apple Inc.)
    iTunes (Version: 11.1.3.8 - Apple Inc.)
    Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)
    Java 7 Update 51 (x32 Version: 7.0.510 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    K-Lite Codec Pack 9.3.0 (Basic) (x32 Version: 9.3.0 - )
    LeapFrog Connect (x32 Version: 5.2.4.18506 - LeapFrog)
    LeapFrog Connect (x32 Version: 5.2.4.18506 - LeapFrog) Hidden
    LeapFrog My Pals Plugin (x32 Version: 5.1.26.18340 - LeapFrog) Hidden
    Malwarebytes Anti-Malware version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
    MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Office 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
    Microsoft Office Click-to-Run 2010 (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook Connector (x32 Version: 14.0.6123.5001 - Microsoft Corporation)
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Starter 2010 - English (x32 Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
    Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
    Nuance PDF Reader (x32 Version: 6.00.0041 - Nuance Communications, Inc.)
    Picasa 3 (x32 Version: 3.9 - Google, Inc.)
    Picasa Uploader (x32 Version: 0.6 - UNKNOWN)
    Picasa Uploader (x32 Version: 0.6 - UNKNOWN) Hidden
    PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
    QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
    QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
    Realtek Ethernet Controller Driver (x32 Version: 7.42.304.2011 - Realtek)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.6418 - Realtek Semiconductor Corp.)
    Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
    Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
    Shop for HP Supplies (Version: 14.0 - HP)
    Skype&#8482; 5.10 (x32 Version: 5.10.116 - Skype Technologies S.A.)
    SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
    SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
    Sonic Focus (x32 Version: 1.0.0.4 - Synopsys )
    Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
    syncables desktop SE (x32 Version: 5.5.746.11492 - syncables)
    Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
    TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1 - Microsoft Corporation)
    Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (x32 Version: 3 - Microsoft Corporation)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32 Version: - Microsoft)
    Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32 Version: - Microsoft)
    Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin) (x32 Version: - LeapFrog)
    Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
    Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (x32 Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live &#24433;&#20687;&#20013;&#24515; (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live &#29031;&#29255;&#24211; (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live &#31243;&#24335;&#38598; (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live &#36719;&#20214;&#21253; (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WinFlash (x32 Version: 2.41.0 - ASUS)
    Wireless Console 3 (x32 Version: 3.0.27 - ASUS)
    &#29992;&#20110;&#36828;&#31243;&#36830;&#25509;&#30340; Windows Live Mesh ActiveX &#25511;&#20214;(&#31616;&#20307;&#20013;&#25991;) (x32 Version: 15.4.5722.2 - Microsoft Corporation)
    &#36969;&#29992;&#36960;&#31471;&#36899;&#32218;&#30340; Windows Live Mesh ActiveX &#25511;&#21046;&#38917; (x32 Version: 15.4.5722.2 - Microsoft Corporation)

    ==================== Restore Points =========================

    12-12-2013 08:00:24 Windows Update
    14-12-2013 08:00:11 Windows Update
    31-12-2013 13:42:08 Scheduled Checkpoint
    11-01-2014 01:09:10 Scheduled Checkpoint
    16-01-2014 08:00:16 Windows Update
    19-01-2014 17:24:51 Installed Java 7 Update 51

    ==================== Hosts content: ==========================

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {0F3BAB3A-3C73-4D34-9F75-233915E08DDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-03] (Google Inc.)
    Task: {570B29EF-6B2E-4C00-992B-F79EA72DC32D} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-02-16] (ASUSTek Computer Inc.)
    Task: {6FAF0B3D-426A-42F1-9BBD-4CF1B7A45173} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {7507F894-10DC-4DD9-8678-789081D430CB} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-06-20] (ASUSTeK Computer Inc.)
    Task: {8182AE10-2AB3-4B17-8ADF-D1C56EE267A5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {90DC25B6-2318-4740-8D47-DBC0A6D9FD69} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2011-11-22] (ASUS)
    Task: {9323FF0B-3817-46C7-BF18-88A2A0088664} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-02-15] (ASUS)
    Task: {BEB9D91D-D632-460C-9D3B-7DA08EBEAB36} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
    Task: {C6E07F13-43F3-4803-A2C1-FAEB9B03A1CC} - System32\Tasks\{5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} => C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe
    Task: {CA50EFA6-1AE5-408E-82B9-40FEA18A8915} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-09-03] (Google Inc.)
    Task: {E4CB52DD-921E-4616-B29A-627250A75EEC} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2010-07-14 15:11 - 2010-07-14 15:11 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
    2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2011-11-22 15:09 - 2011-11-22 15:09 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
    2012-01-31 08:25 - 2012-01-31 08:25 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
    2014-01-06 08:47 - 2014-01-06 08:46 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
    2009-11-02 17:20 - 2009-11-02 17:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
    2009-11-02 17:23 - 2009-11-02 17:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
    2012-05-11 00:21 - 2012-05-11 00:21 - 00172544 _____ () C:\Windows\SysWow64\iMobileDisk.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2014-01-25 11:12 - 2014-01-11 05:28 - 00715544 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libglesv2.dll
    2014-01-25 11:12 - 2014-01-11 05:28 - 00100120 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\libegl.dll
    2014-01-25 11:12 - 2014-01-11 05:29 - 04055320 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\pdf.dll
    2014-01-25 11:12 - 2014-01-11 05:29 - 00399640 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ppGoogleNaClPluginChrome.dll
    2014-01-25 11:12 - 2014-01-11 05:28 - 01634584 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\ffmpegsumo.dll
    2014-01-25 11:12 - 2014-01-11 05:29 - 13615896 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.76\PepperFlash\pepflashplayer.dll

    ==================== Alternate Data Streams (whitelisted) =========


    ==================== Safe Mode (whitelisted) ===================


    ==================== Faulty Device Manager Devices =============

    Name: Photosmart D110 series
    Description: Photosmart D110 series
    Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
    Manufacturer: HP
    Service:
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (01/26/2014 08:23:08 PM) (Source: Windows Backup) (User: )
    Description: The backup did not complete because of an error writing to the backup location F:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

    Error: (01/24/2014 09:26:49 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 33891701

    Error: (01/24/2014 09:26:49 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 33891701

    Error: (01/24/2014 09:26:49 AM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/23/2014 01:17:19 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 96672306

    Error: (01/23/2014 01:17:18 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 96672306

    Error: (01/23/2014 01:17:18 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/22/2014 04:26:30 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 21624125

    Error: (01/22/2014 04:26:30 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 21624125

    Error: (01/22/2014 04:26:30 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (01/26/2014 07:13:16 PM) (Source: Service Control Manager) (User: )
    Description: The AVG WatchDog service terminated with service-specific error %%-536805290.

    Error: (01/26/2014 07:12:49 PM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 5:31:03 PM on &#8206;1/&#8206;26/&#8206;2014 was unexpected.

    Error: (01/25/2014 11:20:34 AM) (Source: Service Control Manager) (User: )
    Description: The AVG WatchDog service terminated with service-specific error %%-536805290.

    Error: (01/23/2014 01:17:13 PM) (Source: Service Control Manager) (User: )
    Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.

    Error: (01/22/2014 09:54:33 AM) (Source: DCOM) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}

    Error: (01/19/2014 00:37:03 PM) (Source: Service Control Manager) (User: )
    Description: The AVG WatchDog service terminated with service-specific error %%-536805290.

    Error: (01/19/2014 00:36:40 PM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 12:34:34 PM on &#8206;1/&#8206;19/&#8206;2014 was unexpected.

    Error: (01/19/2014 07:36:39 AM) (Source: Service Control Manager) (User: )
    Description: The AVG WatchDog service terminated with service-specific error %%-536805290.

    Error: (01/17/2014 11:29:46 AM) (Source: Service Control Manager) (User: )
    Description: The AVG WatchDog service terminated with service-specific error %%-536805290.

    Error: (01/17/2014 10:14:11 AM) (Source: DCOM) (User: )
    Description: {ED1D0FDF-4414-470A-A56D-CFB68623FC58}


    Microsoft Office Sessions:
    =========================
    Error: (01/26/2014 08:23:08 PM) (Source: Windows Backup)(User: )
    Description: F:\The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006)

    Error: (01/24/2014 09:26:49 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 33891701

    Error: (01/24/2014 09:26:49 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 33891701

    Error: (01/24/2014 09:26:49 AM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/23/2014 01:17:19 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 96672306

    Error: (01/23/2014 01:17:18 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 96672306

    Error: (01/23/2014 01:17:18 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (01/22/2014 04:26:30 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 21624125

    Error: (01/22/2014 04:26:30 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 21624125

    Error: (01/22/2014 04:26:30 PM) (Source: Bonjour Service)(User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    ==================== Memory info ===========================

    Percentage of memory in use: 46%
    Total physical RAM: 3691.71 MB
    Available physical RAM: 1984.08 MB
    Total Pagefile: 7381.61 MB
    Available Pagefile: 5422.77 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:300.41 GB) (Free:129.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
    Drive d: (DATA) (Fixed) (Total:373.22 GB) (Free:301.72 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: AE14F3C6)
    Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
    Partition 2: (Active) - (Size=300 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=373 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
  4. cat1092

    cat1092

    Joined:
    Jan 26, 2014
    Messages:
    28
    This may or may not be part of the solution, but it seems that AVG has reverted to it's old ways after 2 years of being good free security for Windows 7 & 8.

    I was running it instead of Windows Defender through the previews of Windows 8 to have free security, it ran really good. Kept it on one machine after 8 Pro was released on promo, it was when it was updated to the current version, the slowness began. Thing is, the notebook it was running on, while not top of the line, isn't a slouch, an MSI FX603-064US with the i5 480, 8GB of DDR3 1333 RAM, NVIDIA 425M GPU.

    It was a decent number cruncher for the [email protected] project, gaining 5000 points per day off the GPU alone for 5-6 months when new in 2011. This was on the OEM version of Windows 7, on the slow 5400 rpm stock HDD.

    So it was rather disappointing to me that AVG slowed it after the last update, by that time a 180GB Intel 330 SSD had been added to support a dual boot between Windows 7 & 8.1 (both Pro). Installed Bitdefender Total Security 2014 (from an unlimited Sphere package bought on steep promo, $19.99), the OS sped right back up.

    Not even my last remaining XP computer will run AVG 2014 w/out struggling, the OS it was very popular on.

    Another brand may be worth a shot? The free ESET Online Scanner will find things that MBAM may not, it uses the NOD32 engine & uses no resources unless being ran.

    http://www.eset.com/us/online-scanner/

    In fact, I run ESET NOD32 AV on a couple of computers, but I've never bought it direct from ESET, grab all of my security software at massive discounts at Newegg. Even MBAM Pro, which all of my Windows installs has.

    Cat
     
  5. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Cat may well have a point worth noting, but I have helped fix many PC's over the last few months that have AVG 2014 and none of them have reported a drop in performance. The disk check log is fine. Your FRST log doesn't show anything bad, but your system has had a couple of recent unexpected shut downs which could be due to overheating, do your fans run very fast after the system has been on for a while? Overheating due to a blocked air vent could cause your system to run slowly.

    We shall do a bit of cleaning up. There are a few remnants of the AVG 2012 install which we will remove and run a temporary file cleaner.

    Please also uninstall this outdated version of Java: Java 7 Update 45 (64-bit) (Version: 7.0.450 - Oracle)

    Download the attachment at the bottom of this post by clicking on it and save it in the same location as FRST.

    • Launch FRST by double clicking on it.
    • When the FRST window opens click on the Fix button just once and wait.
    • The tool will make a log in the same location the program is run from (Fixlog.txt) please Copy & Paste it into your next reply.



    NOTE: This will empty your recycle bin, if you have anything you need in there please save it before you run this scan.
    Download Temporary file cleaner and save it to the desktop. Make sure you do not use the Download button in the advert at the top of the page, use the button right next to the name TFC - Temp File Cleaner by Old Timer.
    Double click on the icon to run it (it appears as a dark grey dustbin). For Windows 7 and Vista right click the icon and select Run as Administrator.
    When the window opens click on Start. It will close all running programs and clear the desktop icons.
    When complete you may be asked to reboot, if so accept the request and your PC will reboot automatically.

    NOTE: There is no need to post the log, just confirm in your next post that it ran without a problem. At times it may appear to freeze, which is perfectly normal, it may take a while to complete the clean up depending on the amount of temporary files there are on the system.
     

    Attached Files:

  6. BBdude

    BBdude Thread Starter

    Joined:
    Jan 25, 2014
    Messages:
    11
    Thank you. TFC ran fine. I removed the old Java version. Also re-ran FRST and pasted the log below.

    ++++++++++++++++++++++++++++ fixlog.txt ++++++++++++++++++

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 27-01-2014 02
    Ran by PCNAME at 2014-01-27 19:03:56 Run:1
    Running from C:\Users\PC NAME\Downloads
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    HKLM-x32\...\Run: [] - [x]
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
    BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
    BHO-x32: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
    BHO-x32: No Name - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - No File
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll No File
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
    *****************

    HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Value deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key deleted successfully.
    HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key deleted successfully.
    HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => Key not found.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
    HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{6C680BAE-655C-4E3D-8FC4-E6A520C3D928} => Key not found.
    HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
    HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key deleted successfully.
    HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner => Key not found.
    HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key deleted successfully.

    ==== End of Fixlog ====
     
  7. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    You didn't answer this:

    Your FRST log doesn't show anything bad, but your system has had a couple of recent unexpected shut downs which could be due to overheating, do your fans run very fast after the system has been on for a while?

    Has there been any improvement since running the scans just done?
     
  8. BBdude

    BBdude Thread Starter

    Joined:
    Jan 25, 2014
    Messages:
    11

    The fans don't run fast often, but sometimes when the system has been on for a while. We always leave the laptop on a hard service so the air can get to it.
     
  9. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please take a bit more time to read my posts, you have now missed this question:

    Has there been any improvement since running the scans just done?
     
  10. BBdude

    BBdude Thread Starter

    Joined:
    Jan 25, 2014
    Messages:
    11
    Oops, sorry. There has been a small improvement, but still runs slow overall.
     
  11. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    No problem, we all miss things. There is no need to use the Quote button when replying unless someone else has posted after the question you are replying to.

    Lets try some more scans.

    SCAN 1
    Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and double click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

    [​IMG]


    SCAN 2
    Download RogueKiller (by tigzy) and save direct to your Desktop.
    On the web page select the 32bit or 64bit button to match the bit rate of your version of Windows.

    • Quit all running programs.
    • Start RogueKiller.exe by double clicking on the icon.
    • Wait until Prescan has finished.
    • Ensure all boxes are ticked under "Report" tab.
    • Click on Scan.
    • Click on Report when complete. Copy/paste the contents of the report and paste into your next reply.
    • NOTE: DO NOT attempt to remove anything that the scan detects.

    [​IMG]


    SCAN 3
    Please download RKill
    There are three buttons to choose from with different names on, select the first one and save it to your desktop.


    • Double-click on the Rkill desktop icon to run the tool.
    • If using Vista or Windows 7, right-click on it and select Run As Administrator.
    • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
    • A log pops up at the end of the run. This log file is located at C:\rkill.log. Please Copy & Paste the entire log in your next reply.
    • If you do not see the black box flash on the screen delete the icon from the desktop and go back to the link for the download, select the next button and try to run the tool again, continue to repeat this process using the remaining buttons until the tool runs. You will find further links if you scroll down the page with other names, try them one at a time.
    • If the tool does not run from any of the links provided, please let me know.

    SCAN 4
    DO NOT reboot, download Malwarebytes from here if you do not already have it: Malwarebytes. Install the program, run it and let it update. If you already have Malwarebytes launch the program.

    • Select Perform full scan and click on the Scan button. When the scan completes click on Show Results.
    • If the scan does not find any infections the log will appear as soon as it completes, please Copy & Paste it into your next reply.
    • If items are detected it will stay on the Scanner window and you will see Objects detected: 1 (the number may be higher).
    • Click on Show Results and put a check mark next to all the items displayed in the list by clicking on each one in turn <--- very important, then click on Remove Selected.
    • The log will appear, Copy & Paste it into your next post.
    • Click on OK and close the window.
     
  12. BillSnapWire

    BillSnapWire

    Joined:
    Sep 7, 2009
    Messages:
    199
    ***removed by mod***
     
  13. Mark1956

    Mark1956

    Joined:
    May 7, 2011
    Messages:
    14,142
    Please ignore the advice in the above post, registry cleaners are bad news. A moderator will remove the post fairly soon.

    I will have this moved to the Malware forum so only qualified helpers will be able to post advice.
     
  14. valis

    valis Moderator

    Joined:
    Sep 24, 2004
    Messages:
    75,944
    moving to malware
     
  15. BBdude

    BBdude Thread Starter

    Joined:
    Jan 25, 2014
    Messages:
    11
    Output of logs is below - scan #4 log is still running and will be posted soon. As an aside, the other day I noticed the laptop seemed especially slow when browsing the internet (e.g., CNN takes ~30-60 seconds to fully load). I ran a speed test (speedtest.net) and found the speeds are half what I get from the other laptops in my house. Thought this was strange and wanted to share.

    ++++++++++++++++++++++SCAN 1 LOG+++++++++++++++++++++
    # AdwCleaner v3.018 - Report created 09/02/2014 at 14:50:07
    # Updated 28/01/2014 by Xplode
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : COMPUTER - COMPUTER-PC
    # Running from : C:\Users\COMPUTER\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\AVG Security Toolbar
    Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
    Folder Deleted : C:\Program Files\DomaIQ Uninstaller
    Folder Deleted : C:\Users\COMPUTER\AppData\Roaming\strongvault
    Folder Deleted : C:\Users\COMPUTER\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\Software\AVG Secure Search
    Key Deleted : HKLM\Software\AVG Security Toolbar
    Key Deleted : HKLM\Software\InfoAtoms
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DomaIQ Uninstaller
    Key Deleted : [x64] HKLM\SOFTWARE\DomaIQ
    Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.16428


    -\\ Google Chrome v32.0.1700.107

    [ File : C:\Users\COMPUTER\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [5721 octets] - [09/02/2014 14:45:50]
    AdwCleaner[S0].txt - [5629 octets] - [09/02/2014 14:50:07]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5689 octets] ##########

    +++++++++++++++++++++++++++++++SCAN 2 LOG+++++++++++++++++++++++

    RogueKiller V8.8.6 _x64_ [Feb 7 2014] by Tigzy
    mail : tigzyRK<at>gmail<dot>com
    Feedback : http://forum.adlice.com
    Website : http://www.adlice.com/softwares/roguekiller/
    Blog : http://www.adlice.com

    Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
    Started in : Normal mode
    User : COMPUTER [Admin rights]
    Mode : Scan -- Date : 02/09/2014 15:10:10
    | ARK || FAK || MBR |

    ¤¤¤ Bad processes : 0 ¤¤¤

    ¤¤¤ Registry Entries : 5 ¤¤¤
    [DNS][PUM] HKLM\[...]\CCSet\[...]\{0BCB7A03-B304-4DA3-A1B3-CFB1F5657A16} : NameServer (107.6.133.8,23.23.180.210 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND
    [DNS][PUM] HKLM\[...]\CS001\[...]\{0BCB7A03-B304-4DA3-A1B3-CFB1F5657A16} : NameServer (107.6.133.8,23.23.180.210 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND
    [DNS][PUM] HKLM\[...]\CS002\[...]\{0BCB7A03-B304-4DA3-A1B3-CFB1F5657A16} : NameServer (107.6.133.8,23.23.180.210 [(Unknown Country?) (XX) - (Unknown Country?) (XX)]) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
    [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

    ¤¤¤ Scheduled tasks : 1 ¤¤¤
    [V2][SUSP PATH] {5F6010C8-60E5-41f3-BF5B-C3AF5DBE12D4} : "C:\ProgramData\Carbonite\Carbonite Backup\CarboniteUpgrade.exe" - /silent $(Arg0) [x][x] -> FOUND

    ¤¤¤ Startup Entries : 0 ¤¤¤

    ¤¤¤ Web browsers : 0 ¤¤¤

    ¤¤¤ Browser Addons : 0 ¤¤¤

    ¤¤¤ Particular Files / Folders: ¤¤¤

    ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

    ¤¤¤ External Hives: ¤¤¤

    ¤¤¤ Infection : ¤¤¤

    ¤¤¤ HOSTS File: ¤¤¤
    --> %SystemRoot%\System32\drivers\etc\hosts




    ¤¤¤ MBR Check: ¤¤¤

    +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) ST975042 3AS SATA Disk Device +++++
    --- User ---
    [MBR] 8bfa3c9ed7f7656aa412b5112b5a6043
    [BSP] 3d1a95356bd8fbceaeeb9abaeaf62626 : Windows 7/8 MBR Code
    Partition table:
    0 - [XXXXXX] FAT32-LBA (0x1c) [HIDDEN!] Offset (sectors): 2048 | Size: 25600 Mo
    1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 52430848 | Size: 307624 Mo
    2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 682444800 | Size: 382179 Mo
    User = LL1 ... OK!
    User = LL2 ... OK!

    Finished : << RKreport[0]_S_02092014_151010.txt >>
    RKreport[0]_S_02092014_150529.txt

    ++++++++++++++++++++++SCAN 3 LOG++++++++++++++++++++++++++++++++++++++++++

    Rkill 2.6.5 by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/
    Copyright 2008-2014 BleepingComputer.com
    More Information about Rkill can be found at this link:
    http://www.bleepingcomputer.com/forums/topic308364.html

    Program started at: 02/09/2014 03:28:07 PM in x64 mode.
    Windows Version: Windows 7 Home Premium Service Pack 1

    Checking for Windows services to stop:

    * No malware services found to stop.

    Checking for processes to terminate:

    * C:\Windows\SysWOW64\ACEngSvr.exe (PID: 2500) [WD-HEUR]
    * C:\Users\COMPUTER\Downloads\RogueKillerX64.exe (PID: 4404) [UP-HEUR]

    2 proccesses terminated!

    Checking Registry for malware related settings:

    * No issues found in the Registry.

    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

    Performing miscellaneous checks:

    * Windows Defender Disabled

    [HKLM\SOFTWARE\Microsoft\Windows Defender]
    "DisableAntiSpyware" = dword:00000001

    Checking Windows Service Integrity:

    * Windows Defender (WinDefend) is not Running.
    Startup Type set to: Manual

    Searching for Missing Digital Signatures:

    * No issues found.

    Checking HOSTS File:

    * No issues found.

    Program finished at: 02/09/2014 03:30:46 PM
    Execution time: 0 hours(s), 2 minute(s), and 39 seconds(s)
     
  16. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1118421

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice