Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Help Removing Adware Generic6.QJC and .QDX

Started by Bsimon3 , Feb 21 2015 10:11 PM

  • Please log in to reply

#1
Bsimon3
Posted 21 February 2015 - 10:11 PM

Bsimon3

    New Member

  • Member
  • Pip
  • 3 posts

My computer has been infected by Adware Generic6.QJC and Adware Generic6.QDX

 

I have looked to numerous sites for help but they want to charge me ridiculous sums of money to control my computer remotely, and fix it manually.

 

I would like to fix it manually as well, but I'm hardly knowledgeable in this topic, a little background on my infection:

 

-It showed up via AVG, and would sometimes allow me to resolve the virus, and sometimes not. 

-When i did a Whole Computer Scan with AVG, it would not detect any such virus, and said that i was 100% protected.

-Come to see that it made various programs stop working, and lord knows what will happen next, and that is why i am seeking help ASAP.

 

If you can help me PLEASE contact me as soon as possible. I will give you my skype information via Direct Message if at all necessary. Thanks!


  • 0

Advertisements

#2
zep516
Posted 21 February 2015 - 10:42 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)



Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  • 0

#3
Bsimon3
Posted 22 February 2015 - 02:30 PM

Bsimon3

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-02-2015
Ran by bayga_000 (administrator) on BAILEYPC on 22-02-2015 13:27:19
Running from C:\Users\bayga_000\Desktop
Loaded Profiles: bayga_000 (Available profiles: bayga_000)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-11-04] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe [2758200 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [155704 2013-10-14] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2013-07-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company)
HKLM-x32\...\Run: [YouCam Service] => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2013-09-01] (CyberLink Corp.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [1045304 2013-10-08] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3667472 2014-12-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2072928 2014-10-31] (Wondershare)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe [1960336 2014-12-09] ()
HKLM-x32\...\Run: [Wondershare Media Server] => C:\Program Files (x86)\Wondershare\Video Converter Ultimate\MediaLibServer.exe [215440 2014-12-09] (Wondershare)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [3081752 2015-01-15] ()
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [847576 2015-02-03] (BlueStack Systems, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-12-16] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2014-10-27] (Nota Inc.)
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\Run: [Spotify] => C:\Users\bayga_000\AppData\Roaming\Spotify\Spotify.exe [6737976 2014-12-09] (Spotify Ltd)
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\Run: [Spotify Web Helper] => C:\Users\bayga_000\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-09] (Spotify Ltd)
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd)
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\MountPoints2: {a329435b-80c6-11e4-8284-a02bb8507033} - "F:\LaunchU3.exe" -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hauppauge Device Properties.lnk
ShortcutTarget: Hauppauge Device Properties.lnk -> C:\desktop\DeviceCentral\HcwDCTrayTool.exe (Hauppauge Computer Works, Inc.)
Startup: C:\Users\bayga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT14/1
SearchScopes: HKU\S-1-5-21-1180861547-3144097421-3143714482-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={22DF1B6F-3616-4546-B30E-25A1721D81AB}&mid=66a43506c91347d2a1e77162feb499c0-1124323cc1e66a92e6affcf950cedecefa6c1abe&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-15 23:15:06&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll (Wondershare)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected]
FF Extension: Wondershare Video Converter Ultimate - C:\ProgramData\Wondershare\Video Converter Ultimate\[email protected] [2014-12-10]
 
Chrome: 
=======
CHR Profile: C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-21]
CHR Extension: (Google Docs) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-21]
CHR Extension: (Google Drive) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-21]
CHR Extension: (YouTube) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-21]
CHR Extension: (Google Search) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-21]
CHR Extension: (Google Sheets) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-21]
CHR Extension: (PremierOpinion) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2015-02-21]
CHR Extension: (Google Wallet) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-21]
CHR Extension: (Gmail) - C:\Users\bayga_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-21]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\PremierOpinion\pmcm.crx [2014-12-18]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3432976 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-12-18] (AVG Technologies CZ, s.r.o.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2015-02-03] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2015-02-03] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [794328 2015-02-03] (BlueStack Systems, Inc.)
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 Cachedrv server; C:\Program Files\Hewlett-Packard\SimplePass\cachesrvr.exe [109568 2013-10-14] () [File not signed]
S2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-10-17] (CyberLink)
S2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [298760 2013-10-17] (CyberLink)
S3 HcwDevCentralService; C:\desktop\DeviceCentral\HcwDevCentralService.exe [399120 2014-06-17] (Hauppauge Computer Works, Inc.)
S2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-12-16] (Hewlett-Packard Company) [File not signed]
S2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation)
S2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel® Corporation)
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-03] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-03] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [87552 2013-10-14] (Softex Inc.) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
S2 PremierOpinion; C:\Program Files (x86)\PremierOpinion\pmservice.exe [213816 2014-10-31] (VoiceFive, Inc.)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [289496 2013-10-16] (Realtek Semiconductor)
S2 vToolbarUpdater18.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe [1850392 2015-01-15] (AVG Secure Search)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-08-25] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-21] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-21] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [260888 2014-12-08] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [203544 2014-11-18] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [52000 2015-01-15] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [277784 2014-09-24] (AVG Technologies CZ, s.r.o.)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2015-02-03] (BlueStack Systems)
S1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink)
S3 hcwE5bda; C:\Windows\system32\drivers\hcwE5bda.sys [969048 2014-04-29] (Hauppauge Computer Work, Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-03] (Intel Corporation)
S3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [429272 2013-08-21] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-07-05] (Realtek Semiconductor Corporation                           )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2013-07-26] (Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-07-26] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-21] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-22 13:27 - 2015-02-22 13:27 - 00019494 _____ () C:\Users\bayga_000\Desktop\FRST.txt
2015-02-22 13:27 - 2015-02-22 13:27 - 00000000 ____D () C:\FRST
2015-02-22 13:23 - 2015-02-22 13:23 - 02087424 _____ (Farbar) C:\Users\bayga_000\Desktop\FRST64.exe
2015-02-21 21:31 - 2015-02-21 21:31 - 00000000 ____D () C:\Users\bayga_000\AppData\Local\Steam
2015-02-21 19:08 - 2015-02-21 20:01 - 00018098 _____ () C:\Users\bayga_000\Desktop\avgrep.txt
2015-02-21 19:04 - 2015-02-21 19:05 - 360891712 _____ () C:\Users\bayga_000\Desktop\registry backup.reg
2015-02-21 18:27 - 2015-02-21 18:28 - 07782048 _____ (TeamViewer GmbH) C:\Users\bayga_000\Downloads\TeamViewer_Setup_en.exe
2015-02-21 17:37 - 2015-02-21 17:37 - 00002780 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-02-21 17:36 - 2015-02-21 17:36 - 00000841 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2015-02-21 17:36 - 2015-02-21 17:36 - 00000000 ____D () C:\Program Files\CCleaner
2015-02-21 17:29 - 2015-02-21 18:34 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-21 17:29 - 2015-02-21 18:19 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-21 17:29 - 2015-02-21 17:35 - 00002364 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-02-21 17:29 - 2015-02-21 17:29 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-21 17:29 - 2015-02-21 17:29 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-02-21 17:29 - 2015-02-21 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-02-20 23:13 - 2015-02-20 23:13 - 00000734 ____H () C:\Windows\Tasks\Bomgar Task 2836218.job
2015-02-20 22:40 - 2015-02-20 22:40 - 00000000 ____D () C:\Users\bayga_000\AppData\Roaming\QuickScan
2015-02-20 22:39 - 2015-02-20 22:42 - 00000000 ____D () C:\ProgramData\SmartPCScan
2015-02-20 22:25 - 2015-02-21 18:39 - 00000000 ____D () C:\Windows\pss
2015-02-20 22:12 - 2015-02-21 17:46 - 00000000 ____D () C:\Program Files (x86)\iYogi Support Dock
2015-02-16 21:35 - 2015-02-16 22:09 - 00000000 ____D () C:\Users\bayga_000\Desktop\School Work
2015-02-13 21:56 - 2015-02-13 21:56 - 00000000 ____D () C:\Users\bayga_000\.android
2015-02-13 21:49 - 2015-02-13 21:59 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-02-13 21:49 - 2015-02-13 21:49 - 00000000 ____D () C:\ProgramData\BlueStacks
2015-02-13 21:48 - 2015-02-21 17:38 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2015-02-13 21:48 - 2015-02-13 21:48 - 00000000 ____D () C:\Users\bayga_000\AppData\Local\Bluestacks
2015-02-12 19:41 - 2015-02-13 19:09 - 00883215 _____ () C:\Users\bayga_000\Desktop\eagle scout excel sheet.xlsx
2015-02-12 19:33 - 2015-02-12 19:33 - 05375514 _____ () C:\Users\bayga_000\Desktop\GCC Eagle Packet 12_09_2014.zip
2015-02-08 20:55 - 2015-02-08 20:55 - 00000000 ____H () C:\Users\bayga_000\AppData\Local\BIT2F72.tmp
2015-02-08 20:54 - 2015-02-08 20:54 - 00000000 _____ () C:\Users\bayga_000\AppData\Local\{1CFA3258-22F3-4159-A4C2-75B164EC23A8}
2015-01-28 10:18 - 2015-01-28 10:18 - 00000000 ____D () C:\Users\bayga_000\AppData\Local\HP
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-22 10:22 - 2015-01-17 16:12 - 00000024 _____ () C:\Users\bayga_000\random.dat
2015-02-22 10:18 - 2014-05-10 18:03 - 00000000 ____D () C:\Users\bayga_000\AppData\Roaming\Skype
2015-02-22 10:15 - 2015-01-21 18:09 - 00000023 _____ () C:\Users\bayga_000\jagexappletviewer.preferences
2015-02-22 10:13 - 2015-01-21 18:09 - 00000048 _____ () C:\Users\bayga_000\jagex_cl_runescape_LIVE.dat
2015-02-21 21:38 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-02-21 21:33 - 2014-05-09 00:27 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-02-21 19:58 - 2014-01-17 17:38 - 00000000 ____D () C:\ProgramData\WildTangent
2015-02-21 19:58 - 2014-01-17 17:38 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2015-02-21 18:39 - 2013-08-22 07:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-21 18:38 - 2014-05-12 18:39 - 00000000 ____D () C:\Users\bayga_000\Desktop\Junk
2015-02-21 18:35 - 2014-05-09 00:02 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1180861547-3144097421-3143714482-1001
2015-02-21 18:34 - 2015-01-17 15:47 - 00000043 _____ () C:\Users\bayga_000\rn_cl_serpent_LIVE.dat
2015-02-21 18:31 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-02-21 18:30 - 2014-05-17 08:23 - 00000000 ____D () C:\Users\bayga_000\AppData\Roaming\Spotify
2015-02-21 18:22 - 2014-05-08 23:58 - 00000000 ___DO () C:\Users\bayga_000\SkyDrive
2015-02-21 18:20 - 2014-05-08 23:58 - 00000000 ____D () C:\Users\bayga_000\Documents\Youcam
2015-02-21 18:02 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\sru
2015-02-21 17:45 - 2014-11-26 13:49 - 00000000 ____D () C:\Users\bayga_000\Desktop\Random Clips
2015-02-21 17:45 - 2014-05-10 16:57 - 00000000 ____D () C:\Users\bayga_000\Desktop\Laws Ep 1
2015-02-21 17:38 - 2014-12-13 16:35 - 00000000 ____D () C:\Users\bayga_000\AppData\Roaming\TS3Client
2015-02-21 17:38 - 2014-12-10 16:14 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2015-02-21 17:38 - 2014-05-10 21:24 - 00000000 ____D () C:\Windows\Minidump
2015-02-21 17:38 - 2013-08-25 23:57 - 00000000 ____D () C:\Windows\Panther
2015-02-21 17:37 - 2013-08-22 08:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-02-21 17:32 - 2014-12-17 18:59 - 00000000 ____D () C:\Program Files (x86)\PremierOpinion
2015-02-21 17:29 - 2014-05-09 23:50 - 00000000 ____D () C:\Users\bayga_000\AppData\Local\Google
2015-02-21 17:29 - 2014-05-09 23:50 - 00000000 ____D () C:\Program Files (x86)\Google
2015-02-21 17:28 - 2014-05-09 23:50 - 00000000 ____D () C:\Users\bayga_000\AppData\Local\Deployment
2015-02-21 17:24 - 2014-05-09 00:06 - 00003942 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{5F763009-B83F-4A70-A915-D0DA43DDAF62}
2015-02-21 17:23 - 2014-05-08 17:31 - 00000000 ____D () C:\ProgramData\MFAData
2015-02-20 22:27 - 2013-08-22 07:44 - 00422144 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-02-20 13:34 - 2014-05-17 08:24 - 00000000 ____D () C:\Users\bayga_000\AppData\Local\Spotify
2015-02-16 19:08 - 2013-08-22 06:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2015-02-13 21:56 - 2014-05-08 23:56 - 00000000 ____D () C:\Users\bayga_000
2015-02-13 21:50 - 2013-08-22 08:36 - 00000000 __RHD () C:\Users\Public\Libraries
2015-02-13 21:37 - 2014-05-10 17:42 - 00000000 ____D () C:\Users\bayga_000\AppData\Roaming\Audacity
2015-02-13 21:33 - 2015-01-17 14:53 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-02-13 21:32 - 2014-05-09 19:03 - 00000000 ____D () C:\Users\bayga_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-02-13 21:28 - 2014-05-08 17:42 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2015-02-08 20:58 - 2015-01-15 22:00 - 00000000 ____D () C:\ProgramData\AVG2015
2015-02-05 12:46 - 2014-12-20 12:39 - 00003188 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForbayga_000
2015-02-05 12:46 - 2014-12-20 12:39 - 00000366 _____ () C:\Windows\Tasks\HPCeeScheduleForbayga_000.job
2015-02-03 12:31 - 2014-11-27 18:18 - 00714720 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-02-03 12:31 - 2014-11-27 18:18 - 00106976 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-02-01 13:11 - 2014-05-09 18:54 - 00000000 ____D () C:\ProgramData\Oracle
2015-02-01 13:11 - 2014-05-09 18:50 - 00000000 ____D () C:\Program Files (x86)\Java
2015-02-01 13:10 - 2015-01-02 20:02 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-02-01 13:10 - 2015-01-02 20:02 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-02-01 13:10 - 2015-01-02 20:02 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-02-01 13:10 - 2015-01-02 20:02 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-30 16:39 - 2015-01-20 23:18 - 00000000 ____D () C:\Users\bayga_000\Desktop\Slayer Guide Pics
2015-01-28 09:59 - 2013-08-22 08:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-01-28 09:54 - 2014-08-29 20:53 - 00000000 ____D () C:\ProgramData\HP
2015-01-24 23:36 - 2013-08-25 23:09 - 00958356 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-24 23:33 - 2015-01-18 16:04 - 00000000 ____D () C:\Users\bayga_000\Desktop\bayel 4 mod
2015-01-24 12:46 - 2014-05-17 14:10 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2015-01-24 12:46 - 2014-05-10 15:22 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
 
==================== Files in the root of some directories =======
 
2015-02-08 20:55 - 2015-02-08 20:55 - 0000000 ____H () C:\Users\bayga_000\AppData\Local\BIT2F72.tmp
2015-02-08 20:54 - 2015-02-08 20:54 - 0000000 _____ () C:\Users\bayga_000\AppData\Local\{1CFA3258-22F3-4159-A4C2-75B164EC23A8}
 
Files to move or delete:
====================
C:\Users\bayga_000\jagex_cl_runescape_LIVE.dat
C:\Users\bayga_000\patch.dat
C:\Users\bayga_000\random.dat
C:\Users\bayga_000\rn_cl_serpent_LIVE.dat
C:\Users\bayga_000\rn_cl_serpent_LIVE1.dat
C:\Users\bayga_000\xaxa.dat
 
 
Some content of TEMP:
====================
C:\Users\bayga_000\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-08 21:25
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-02-2015
Ran by bayga_000 at 2015-02-22 13:28:33
Running from C:\Users\bayga_000\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5645 - AVG Technologies)
AVG 2015 (Version: 15.0.4293 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5645 - AVG Technologies) Hidden
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.0.5.7 - AVG Technologies)
BlueStacks Notification Center (HKLM-x32\...\{E78B4959-B348-4913-874B-FF982378E035}) (Version: 0.9.11.4119 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.5.6902 - CyberLink Corp.)
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.3.4503 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.5.3416 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.5.3304 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2.3418 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.2.3302 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.115 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Gyazo 2.3 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
Hauppauge Capture (HKLM-x32\...\Hauppauge Capture) (Version: 1.0.32168 - Hauppauge Computer Works)
Hauppauge Device Central (HKLM-x32\...\Hauppauge Device Central) (Version: 1.3.32167 - Hauppauge Computer Works, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company)
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd)
HP Connected Music (Meridian - player) (HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\HPConnectedMusic) (Version: 1.1 (build 128) hp - Meridian Audio Ltd)
HP CoolSense (HKLM-x32\...\{394B14EA-B072-4440-9510-87797CB12371}) (Version: 2.20.21 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{4525FF56-E096-42F4-BB64-52AAA8B3D893}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7372.4698 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.00.57 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{2C395A31-8A70-4C2E-893F-25CBF37394CC}) (Version: 7.4.50.10 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{891A1782-8B20-4403-8383-458962525926}) (Version: 2.3.4 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
Inst5675 (Version: 8.00.57 - Softex Inc.) Hidden
Inst5676 (Version: 8.00.57 - Softex Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3325 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation)
iTunes (HKLM\...\{1CF5754A-545B-4360-BFDE-2847BC728DFC}) (Version: 11.2.0.115 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Pinger (HKLM-x32\...\Pinger 1.4.0.1) (Version: 1.4.0.1 - Pinger Inc.)
Pinger (x32 Version: 1.4.0.1 - Pinger Inc.) Hidden
PremierOpinion (HKLM-x32\...\{eeb86aef-4a5d-4b75-9d74-f16d438fc286}) (Version: 1.3.337.344 - VoiceFive, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 1.1.9200.23 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Wondershare Video Converter Ultimate(Build 8.0.2.8) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.2.8 - Wondershare Software)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
30-01-2015 16:40:59 Removed puush
05-02-2015 13:21:11 Windows Update
12-02-2015 19:09:11 Scheduled Checkpoint
13-02-2015 21:27:37 Removed League of Legends
20-02-2015 22:12:36 Windows Modules Installer
20-02-2015 22:13:13 Windows Modules Installer
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 06:25 - 2013-08-22 06:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0500A916-03FA-4450-8EC4-600262E6AA84} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN1AA332XD => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {0D9EFBD3-AEF2-4564-B953-302D53B3F171} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-12-16] (Hewlett-Packard Company)
Task: {2193AA8B-9673-41A4-ACB6-825FF4774AFC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-12-16] (Hewlett-Packard Company)
Task: {44FF14B5-5C5F-444E-8ACA-91A55450471B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {4539FF76-40F4-4049-AAFA-7967B74BD26B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.)
Task: {5FFB785D-CE56-4433-B98D-2F42C3BAB3FE} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-07-26] (Synaptics Incorporated)
Task: {6466BC51-5A2E-49EF-B697-0EBED3AD5688} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {7274F7A9-92D0-4F3C-83F3-6ED8F736D908} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {73C230F3-E39D-489A-A142-F154B46DEE0D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {9192A9C5-9ADB-441B-81B2-9C28AE6DC2C9} - System32\Tasks\HPCeeScheduleForbayga_000 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {98BE98A5-3B2D-4F1B-849B-F95C2B2BC821} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-21] (Google Inc.)
Task: {993FEF8F-62F9-492D-9A29-CD6DED1EC227} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink)
Task: {AD5A0111-F7CC-4F97-9AA8-9FBC264EDEE9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd)
Task: {C7813EEC-D364-47D1-82EA-A9E8E4A16A5E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-01-20] (Microsoft Corporation)
Task: {D1E6FE4B-1C9E-461A-90CC-9031158235AE} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-09-10] (Hewlett-Packard Development Company, L.P.)
Task: {D9417162-DABF-4C51-A40A-272B08E32179} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {E13EBF38-30E0-43DC-9751-FC75F16FD09F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN4BO570S8 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard)
Task: {ED04C87C-F165-43B0-9A1A-1A11513242F0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F5204E87-DE2C-48B5-8E6B-3B3EE25CA9F0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP SoftPaq Installer => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Tasks.exe [2013-12-16] (Hewlett-Packard Company)
Task: {FA8CF2ED-99F5-4613-9DCA-F7EA58DE2174} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: C:\Windows\Tasks\Bomgar Task 2836218.job => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe›http://remote.iyogi.net/
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForbayga_000.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2014-12-10 16:15 - 2014-10-24 14:16 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2015-02-21 17:29 - 2015-02-17 15:44 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libglesv2.dll
2015-02-21 17:29 - 2015-02-17 15:44 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\libegl.dll
2015-02-21 17:29 - 2015-02-17 15:44 - 09171272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.115\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\bayga_000\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1180861547-3144097421-3143714482-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\bayga_000\Desktop\Junk\camaro wallpaper.jpg
DNS Servers: 192.168.0.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1180861547-3144097421-3143714482-500 - Administrator - Disabled)
bayga_000 (S-1-5-21-1180861547-3144097421-3143714482-1001 - Administrator - Enabled) => C:\Users\bayga_000
Guest (S-1-5-21-1180861547-3144097421-3143714482-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1180861547-3144097421-3143714482-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/20/2015 11:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13718
 
Error: (02/20/2015 11:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13718
 
Error: (02/20/2015 11:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/20/2015 10:13:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: pmropn.exe, version: 1.3.337.344, time stamp: 0x5453bfbd
Faulting module name: WININET.dll, version: 11.0.9600.17496, time stamp: 0x546fe016
Exception code: 0xc0000005
Fault offset: 0x00081410
Faulting process id: 0x33e4
Faulting application start time: 0xpmropn.exe0
Faulting application path: pmropn.exe1
Faulting module path: pmropn.exe2
Report Id: pmropn.exe3
Faulting package full name: pmropn.exe4
Faulting package-relative application ID: pmropn.exe5
 
Error: (02/20/2015 09:28:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: OLEAUT32.dll, version: 6.3.9600.17403, time stamp: 0x54407221
Exception code: 0xc0000005
Fault offset: 0x0001e931
Faulting process id: 0x1724
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (02/20/2015 09:24:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: OLEAUT32.dll, version: 6.3.9600.17403, time stamp: 0x54407221
Exception code: 0xc0000005
Fault offset: 0x0001e931
Faulting process id: 0x3538
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
 
Error: (02/20/2015 09:23:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 16c8
 
Start Time: 01d04d8e03f1c7a0
 
Termination Time: 17
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 6ae06661-b981-11e4-8294-a02bb8507033
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/20/2015 09:22:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1070
 
Start Time: 01d04d8da3592a7a
 
Termination Time: 12
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 405d0113-b981-11e4-8294-a02bb8507033
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/18/2015 00:23:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17416 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2ddc
 
Start Time: 01d04bafecf09936
 
Termination Time: 22
 
Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
 
Report Id: 9e3dee7c-b7a3-11e4-8294-a02bb8507033
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (02/13/2015 11:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31141
 
 
System errors:
=============
Error: (02/22/2015 01:28:49 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:49 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:46 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:46 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:46 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:46 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:40 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:40 PM) (Source: DCOM) (EventID: 10005) (User: BAILEYPC)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (02/22/2015 01:28:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
Error: (02/22/2015 01:28:38 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (02/20/2015 11:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 13718
 
Error: (02/20/2015 11:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 13718
 
Error: (02/20/2015 11:52:54 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (02/20/2015 10:13:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: pmropn.exe1.3.337.3445453bfbdWININET.dll11.0.9600.17496546fe016c00000050008141033e401d04d94e4bc2927C:\Program Files (x86)\PremierOpinion\pmropn.exeC:\Windows\SYSTEM32\WININET.dll503f047c-b988-11e4-8294-a02bb8507033
 
Error: (02/20/2015 09:28:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9OLEAUT32.dll6.3.9600.1740354407221c00000050001e931172401d04d8eadcfc1abC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\OLEAUT32.dll082ee009-b982-11e4-8294-a02bb8507033
 
Error: (02/20/2015 09:24:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9OLEAUT32.dll6.3.9600.1740354407221c00000050001e931353801d04d8e2e8c1db6C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\OLEAUT32.dll87462620-b981-11e4-8294-a02bb8507033
 
Error: (02/20/2015 09:23:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.1741616c801d04d8e03f1c7a017C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE6ae06661-b981-11e4-8294-a02bb8507033
 
Error: (02/20/2015 09:22:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17416107001d04d8da3592a7a12C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE405d0113-b981-11e4-8294-a02bb8507033
 
Error: (02/18/2015 00:23:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.174162ddc01d04bafecf0993622C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE9e3dee7c-b7a3-11e4-8294-a02bb8507033
 
Error: (02/13/2015 11:42:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31141
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4200U CPU @ 1.60GHz
Percentage of memory in use: 9%
Total physical RAM: 12218.15 MB
Available physical RAM: 11110.02 MB
Total Pagefile: 14074.15 MB
Available Pagefile: 13049.75 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:909.57 GB) (Free:840.45 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.17 GB) (Free:2.16 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EFB311BB)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

#4
zep516
Posted 22 February 2015 - 03:10 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

A few items to fix;

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
CloseProcesses:
CreateRestorePoint:
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1180861547-3144097421-3143714482-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg.com/search?cid={22DF1B6F-3616-4546-B30E-25A1721D81AB}&mid=66a43506c91347d2a1e77162feb499c0-1124323cc1e66a92e6affcf950cedecefa6c1abe&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2015-01-15 23:15:06&v=4.0.5.7&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll (AVG)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll (AVG Secure Search)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.2.0\\npsitesafety.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
2015-02-13 21:28 - 2014-05-08 17:42 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
C:\Users\bayga_000\jagex_cl_runescape_LIVE.dat
C:\Users\bayga_000\patch.dat
C:\Users\bayga_000\random.dat
C:\Users\bayga_000\rn_cl_serpent_LIVE.dat
C:\Users\bayga_000\rn_cl_serpent_LIVE1.dat
C:\Users\bayga_000\xaxa.dat
C:\Users\bayga_000\AppData\Local\Temp\SkypeSetup.exe 
2015-02-08 20:55 - 2015-02-08 20:55 - 00000000 ____H () C:\Users\bayga_000\AppData\Local\BIT2F72.tmp
AlternateDataStreams: C:\Users\bayga_000\SkyDrive:ms-properties
C:\Users\bayga_000\SkyDrive:ms-properties
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply post;
    • Fixlog.txt
    • The AdwCleaner [S1].txt Log
    • The JRT.txt Log
    Thanks
    Joe :)

  • 0

#5
zep516
Posted 24 February 2015 - 07:36 AM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Are you still with me ?

Joe
  • 0

#6
Bsimon3
Posted 25 February 2015 - 10:38 PM

Bsimon3

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Are you still with me ?

Joe

Yes! just i am trying out a few things, different viruses appear, some go away... just making sure that these viruses are still on my computer! i apologize i am very busy, keep forgetting to come on here! please give me a day or two


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP