Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Network adaptor issues


  • This topic is locked This topic is locked

#1
pottsy

pottsy

    Member

  • Member
  • PipPip
  • 17 posts

Hello,

Over the last 8 months, I have had intermittent connection from my router. There are 6 apple devices & 2 laptops on the network (not all at the same time).

When connection is lost & I click fix connection problems, it points to network cable and or network adaptor issues. My ISP have suggested I may have a malware issue, so here it goes.

Could I just add that I'm not particularly very good with pc issues...:-)

 

If devices are connected laptop won't & visa versa.

 

Sorry I had to attach FRST files, didn't have paste option ? (see red text)

 

Thanks in advance pottsy

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by SHARON (administrator) on TOMMYTUCKER on 16-05-2015 16:15:43
Running from C:\Users\SHARON\Desktop
Loaded Profiles: SHARON & tracy_000 (Available profiles: SHARON & tracy_000)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
() C:\Users\SHARON\AppData\Local\StormWatch\StormWatchApp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(www.BitComet.com) C:\Program Files (x86)\BitComet\BitComet.exe
(www.BitComet.com) C:\Program Files (x86)\BitComet\tools\BitCometService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3745232 2015-04-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\K-Lite Codec Pack\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2015-04-26] (Apple Inc.)
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\...\MountPoints2: {174740f4-56d0-11e3-bea6-2016d839e01b} - "D:\LaunchU3.exe" -a
HKU\S-1-5-21-3480854019-250065186-1690203289-1003\...\MountPoints2: {174740f4-56d0-11e3-bea6-2016d839e01b} - "D:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [688984 2014-12-31] (Garmin Ltd or its subsidiaries)
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2015-03-12]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe ()
Startup: C:\Users\SHARON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatchApp.lnk [2014-11-25]
ShortcutTarget: StormWatchApp.lnk -> C:\Users\SHARON\AppData\Local\StormWatch\StormWatchApp.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-3480854019-250065186-1690203289-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.co.uk/
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = http://www.delta-sea...119982&tsp=5038
HKU\S-1-5-21-3480854019-250065186-1690203289-1003\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
HKU\S-1-5-21-3480854019-250065186-1690203289-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> DefaultScope {6F5548DC-956A-4BE7-AF90-DAD9CF264BDB} URL = http://Vosteran.com/...=1005845444&ir=
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {6F5548DC-956A-4BE7-AF90-DAD9CF264BDB} URL = http://Vosteran.com/...=1005845444&ir=
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {756E3821-B2F6-4EFE-9B85-81F4BDBA19D4} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.5.4.11.dll [2011-04-11] (BitComet)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll No File
Toolbar: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2061 -> C:\Program Files (x86)\K-Lite Codec Pack\real\browser\plugins\nppl3260.dll [2004-11-25] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1059 -> C:\Program Files (x86)\K-Lite Codec Pack\real\browser\plugins\nprpjplug.dll [2004-11-25] (RealNetworks, Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HKU\S-1-5-21-3480854019-250065186-1690203289-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\SHARON\AppData\Roaming\BabSolution\CR\Delta.crx [2013-10-17]
CHR HKLM-x32\...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - https://clients2.goo...ice/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3438032 2015-04-15] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [311792 2015-04-15] (AVG Technologies CZ, s.r.o.)
R3 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 Garmin Core Update Service; C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [451416 2014-12-31] (Garmin Ltd or its subsidiaries)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [284128 2015-04-09] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [213984 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [256992 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [344544 2015-03-11] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [137184 2015-04-03] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [293856 2015-04-07] (AVG Technologies CZ, s.r.o.)
S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1578128 2012-12-05] (Realtek Semiconductor Corporation                           )
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-28] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows ® Win 7 DDK provider)
S3 Tosrfcom; No ImagePath
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 16:15 - 2015-05-16 16:15 - 00017164 _____ () C:\Users\SHARON\Desktop\FRST.txt
2015-05-16 15:58 - 2015-05-16 15:58 - 02107392 _____ (Farbar) C:\Users\SHARON\Desktop\FRST64.exe
2015-05-16 15:55 - 2015-05-16 15:57 - 02107392 _____ (Farbar) C:\Users\SHARON\Downloads\FRST64.exe
2015-05-16 15:44 - 2015-05-16 16:15 - 00000000 ____D () C:\FRST
2015-05-13 02:38 - 2015-04-30 21:35 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 02:38 - 2015-04-30 21:35 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 21:41 - 2015-04-10 01:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-05-12 21:41 - 2015-04-10 01:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-05-12 21:41 - 2015-03-17 18:26 - 00467776 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-05-12 21:41 - 2015-03-09 03:02 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-05-12 21:40 - 2015-05-01 00:05 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2015-05-12 21:40 - 2015-04-30 23:48 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2015-05-12 21:40 - 2015-04-21 18:14 - 24971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-05-12 21:40 - 2015-04-21 17:50 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-05-12 21:40 - 2015-04-21 17:50 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-05-12 21:40 - 2015-04-21 17:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-05-12 21:40 - 2015-04-21 17:37 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-05-12 21:40 - 2015-04-21 17:35 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-05-12 21:40 - 2015-04-21 17:31 - 06025728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-05-12 21:40 - 2015-04-21 17:24 - 19691008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-05-12 21:40 - 2015-04-21 17:13 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2015-05-12 21:40 - 2015-04-21 17:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-05-12 21:40 - 2015-04-21 17:09 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-05-12 21:40 - 2015-04-21 17:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-05-12 21:40 - 2015-04-21 17:07 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-05-12 21:40 - 2015-04-21 17:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-05-12 21:40 - 2015-04-21 17:04 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-05-12 21:40 - 2015-04-21 16:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-05-12 21:40 - 2015-04-21 16:58 - 00664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-05-12 21:40 - 2015-04-21 16:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-05-12 21:40 - 2015-04-21 16:49 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-05-12 21:40 - 2015-04-21 16:49 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-05-12 21:40 - 2015-04-21 16:49 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-05-12 21:40 - 2015-04-21 16:46 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-05-12 21:40 - 2015-04-21 16:40 - 14401536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-05-12 21:40 - 2015-04-21 16:38 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-05-12 21:40 - 2015-04-21 16:37 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-05-12 21:40 - 2015-04-21 16:36 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-05-12 21:40 - 2015-04-21 16:32 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-05-12 21:40 - 2015-04-21 16:31 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-05-12 21:40 - 2015-04-21 16:28 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-05-12 21:40 - 2015-04-21 16:27 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-05-12 21:40 - 2015-04-21 16:26 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-05-12 21:40 - 2015-04-21 16:26 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-05-12 21:40 - 2015-04-21 16:25 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-05-12 21:40 - 2015-04-21 16:17 - 12828672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-05-12 21:40 - 2015-04-21 16:15 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-05-12 21:40 - 2015-04-21 16:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-05-12 21:40 - 2015-04-21 16:02 - 01882112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-05-12 21:40 - 2015-04-21 15:58 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-05-12 21:40 - 2015-04-21 15:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-05-12 21:40 - 2015-04-13 23:48 - 04180480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-05-12 21:40 - 2015-04-10 02:00 - 01996800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-05-12 21:40 - 2015-04-10 01:50 - 01387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-05-12 21:40 - 2015-04-10 01:26 - 01560576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-05-12 21:40 - 2015-04-08 23:55 - 00410128 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2015-05-12 21:40 - 2015-04-03 01:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-05-12 21:40 - 2015-04-03 01:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-05-12 21:40 - 2015-04-01 23:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-05-12 21:40 - 2015-04-01 23:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-05-12 21:40 - 2015-04-01 04:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-05-12 21:40 - 2015-04-01 03:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-05-12 21:40 - 2015-03-20 02:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-05-12 21:40 - 2015-03-13 03:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-05-12 21:40 - 2015-03-13 02:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-05-12 21:40 - 2015-03-13 01:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-05-12 21:40 - 2015-03-11 02:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-05-12 21:40 - 2015-03-11 02:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-05-12 21:40 - 2015-03-06 03:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-05-12 21:40 - 2015-03-04 02:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-05-12 21:40 - 2015-03-04 02:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-05-12 21:40 - 2015-02-18 00:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-05-12 21:40 - 2015-01-30 01:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-05-12 21:40 - 2014-11-14 07:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-05-12 21:39 - 2015-03-30 06:47 - 00561928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2015-05-12 21:39 - 2015-03-27 04:27 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2015-05-12 21:39 - 2015-03-27 03:50 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2015-05-12 21:39 - 2015-03-27 03:48 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2015-05-12 21:39 - 2015-03-13 05:03 - 00239424 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-05-12 21:39 - 2015-03-13 05:03 - 00154432 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-05-12 21:39 - 2015-03-13 01:29 - 00410017 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2015-05-12 21:39 - 2015-03-06 04:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-05-12 21:39 - 2015-03-06 03:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-05-06 11:54 - 2015-05-06 11:58 - 00000000 ____D () C:\Users\SHARON\Desktop\Harry Potter
2015-05-02 15:32 - 2015-05-02 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-04-18 18:53 - 2015-05-15 22:18 - 00000000 ____D () C:\Users\SHARON\Desktop\24 Season 1, 2, 3, 4, 5, 6, 7, & 8 Deluxe DVD Boxset in HD + Extras (Extra Episode, Deleted Scenes etc)
2015-04-16 16:54 - 2015-04-16 16:54 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2015-04-16 16:37 - 2015-04-16 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-16 16:36 - 2015-04-16 16:37 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-16 16:36 - 2015-04-16 16:37 - 00000000 ____D () C:\Program Files\iTunes
2015-04-16 16:36 - 2015-04-16 16:36 - 00000000 ____D () C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 16:15 - 2013-09-30 16:52 - 00000000 ____D () C:\Users\SHARON\AppData\Roaming\BitComet
2015-05-16 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-16 15:52 - 2013-11-25 22:13 - 01186878 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-16 15:38 - 2013-03-05 20:18 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3480854019-250065186-1690203289-1001
2015-05-16 15:33 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-16 15:24 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2015-05-16 15:23 - 2013-09-30 05:11 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-05-16 15:22 - 2013-11-25 23:16 - 00000000 ___DO () C:\Users\SHARON\SkyDrive
2015-05-16 13:10 - 2013-03-07 14:16 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-16 13:06 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2015-05-15 20:24 - 2013-08-22 15:46 - 00342141 _____ () C:\WINDOWS\setupact.log
2015-05-15 15:49 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2015-05-14 13:58 - 2014-08-29 18:31 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2015-05-14 13:51 - 2014-01-10 13:48 - 00000000 ____D () C:\Program Files (x86)\Google
2015-05-14 13:13 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-14 13:12 - 2014-01-10 13:49 - 00000000 ____D () C:\Program Files\Google
2015-05-14 13:12 - 2013-09-29 21:03 - 00140438 _____ () C:\WINDOWS\PFRO.log
2015-05-14 13:10 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-14 13:07 - 2014-08-29 18:31 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2015-05-14 13:05 - 2014-01-10 13:48 - 00000000 ____D () C:\Users\SHARON\AppData\Local\Google
2015-05-13 17:40 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\FxsTmp
2015-05-13 03:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2015-05-13 02:39 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2015-05-13 02:38 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\AdvancedInstallers
2015-05-12 23:45 - 2013-08-22 15:44 - 00481120 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2015-05-12 23:40 - 2013-09-30 04:59 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 23:39 - 2013-03-06 15:26 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-12 23:38 - 2013-07-28 13:51 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-05-12 23:33 - 2013-03-19 11:59 - 140425016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-05-12 21:51 - 2014-04-26 12:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-12 21:51 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2015-05-12 21:38 - 2014-01-10 13:48 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-05 18:59 - 2014-12-19 12:45 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-05-05 18:59 - 2014-12-19 12:45 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-05 13:23 - 2014-11-25 15:55 - 00000000 ____D () C:\Users\SHARON\AppData\Local\StormWatch
2015-04-16 17:30 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2015-04-16 16:54 - 2015-03-07 17:36 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2015-04-16 16:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2015-04-16 16:54 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2015-04-16 16:53 - 2013-11-25 21:55 - 00000000 ____D () C:\Users\SHARON
2015-04-16 16:36 - 2014-10-26 17:21 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-16 16:36 - 2013-10-01 16:17 - 00000000 ____D () C:\Program Files\Common Files\Apple

Some content of TEMP:
====================
C:\Users\SHARON\AppData\Local\Temp\UNINSTALL.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 13:29

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by SHARON at 2015-05-16 16:16:16
Running from C:\Users\SHARON\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3480854019-250065186-1690203289-500 - Administrator - Disabled)
Guest (S-1-5-21-3480854019-250065186-1690203289-501 - Limited - Disabled)
SHARON (S-1-5-21-3480854019-250065186-1690203289-1001 - Administrator - Enabled) => C:\Users\SHARON
tracy_000 (S-1-5-21-3480854019-250065186-1690203289-1003 - Limited - Enabled) => C:\Users\tracy_000

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies)
AVG 2015 (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5941 - AVG Technologies) Hidden
BitComet 1.36 (HKLM-x32\...\BitComet) (Version: 1.36 - CometNetwork)
BitGuard (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - MediaTechSoft Inc.) <==== ATTENTION
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.24.6 - Delta) <==== ATTENTION
Elevated Installer (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
FLV-Media Player 1.8 (HKLM-x32\...\FLV-Media Player) (Version: 1.8 - HYBRIDWEB)
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
K-Lite Mega Codec Pack 1.25 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 1.25 - )
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MyPC Backup  (HKLM\...\MyPC Backup) (Version:  - MyPC Backup) <==== ATTENTION
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Bluetooth Filter Driver Package (x32 Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
StormWatch (HKU\S-1-5-21-3480854019-250065186-1690203289-1001\...\StormWatch) (Version: 1.0.1.10 - StormWatch) <==== ATTENTION!
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124  - Toshiba Corporation)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Welcome App (Start-up experience) (x32 Version: 12.0.13000 - Nero AG) Hidden
WinAVIVideoConverter (HKLM-x32\...\WinAVIVideoConverter_is1) (Version:  - ZJ Computing, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3480854019-250065186-1690203289-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)

==================== Restore Points  =========================

26-04-2015 15:48:29 Scheduled Checkpoint
05-05-2015 04:59:16 Scheduled Checkpoint
12-05-2015 21:48:31 Installed AVG 2015

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {26C895A2-626C-4FF1-8A37-022CD39C84C2} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {2D4E16E5-D6E3-4545-9AB5-DCB70B2B7A61} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {42E667E9-9AFB-4A14-9C64-17131497D72F} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
Task: {5DDD1919-2F3E-4BC4-892C-BCF34EEFE149} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {5FB5708F-CD72-4913-B7BB-9E3CC48C32CF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {722F582C-FB02-43CC-8D16-26AE22E30E5B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {769730BA-6D26-41EF-8FAC-C3A4720C17F0} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe [2014-12-31] ()
Task: {830711A0-8E6C-4567-8239-D1A425E58D8C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-05-12] (Microsoft Corporation)
Task: {96BCE30A-AB7F-42B9-9D3E-B97C1BAC3242} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {B0183BBF-6866-4A00-B3CC-7EB8BE27EB14} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {B962F359-CF6D-408B-99BA-2DA9B3AC4D43} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {F1CCBDCF-CD1F-4EAC-BD12-785A1D29AEAE} - System32\Tasks\0614aUpdateInfo => C:\ProgramData\Avg_Update_0614a\0614a_AVG-Secure-Search-Update.exe [2014-06-19] ()
Task: {FB24C135-1F22-45C4-BA71-4B2ACF0030BE} - System32\Tasks\{4219A28A-AE51-43B3-AC1C-DF917CD2FC70} => pcalua.exe -a E:\Autorun\Install.exe -d E:\
Task: {FFFA54EE-4519-4FAF-9E75-00B562A2AD28} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\WINDOWS\Tasks\0614aUpdateInfo.job => C:\ProgramData\Avg_Update_0614a\0614a_AVG-Secure-Search-Update.exe

==================== Loaded Modules (Whitelisted) ==============

2011-10-13 15:38 - 2011-10-13 15:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2013-09-30 16:57 - 2009-06-02 01:15 - 00051200 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2012-08-13 20:13 - 2012-08-13 20:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2012-08-06 05:36 - 2012-08-06 05:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2015-03-12 18:26 - 2013-04-08 16:29 - 00846848 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
2014-08-13 19:19 - 2014-08-13 19:19 - 01140760 _____ () C:\Users\SHARON\AppData\Local\StormWatch\StormWatchApp.exe
2012-11-20 16:09 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-12 18:26 - 2013-03-12 21:48 - 01411072 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2015-03-12 18:26 - 2013-04-02 12:34 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\SHARON\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\tracy_000\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3480854019-250065186-1690203289-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\SHARON\AppData\Roaming\Microsoft\Internet Explorer\Internet Explorer Wallpaper.bmp
HKU\S-1-5-21-3480854019-250065186-1690203289-1003\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "TCrdMain"
HKLM\...\StartupApproved\Run: => "TODDMain"
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{4548F7F8-5814-4AF5-8041-B6BCBFA85714}C:\program files (x86)\bitcomet\bitcomet.exe] => (Block) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [TCP Query User{5DD924AF-30E1-44F5-99B7-18D252352ADB}C:\program files (x86)\bitcomet\bitcomet.exe] => (Block) C:\program files (x86)\bitcomet\bitcomet.exe
FirewallRules: [{D1871093-8533-471B-9AA1-83B93FF8C5AE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D3D1E3E8-C95F-42E8-B783-958915F109BA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DA7FF9E8-44DF-4422-BF5D-B38A6B0444E7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{12162305-874E-4229-94F6-4AA3D5819243}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BD1F3DDB-86D6-4482-838C-38C2295F842A}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{7E9B624F-6857-498E-8B8B-E9A64A86021D}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{78739860-7D67-448A-BBF9-F30C95ED685F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{9B035B05-1D44-43D4-B79A-F065E0004390}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{65ED3422-3B09-4868-8E5C-E4D35007A02E}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{82F8A8A2-8E5A-4A92-B0BB-697C98114736}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{89791757-A2F4-4CD6-A8AD-2A8BB4667D2B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{1485971A-2419-4E34-8728-390C7219B69F}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{773EF919-F4F8-4F56-92A2-EDD56AB3D7AF}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{74862DC6-B402-4CD3-972A-4F4E380D997B}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{4B6A95B0-6BDC-4A6A-9B78-6AE128C2D8B3}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{D7CF0487-C23A-4C15-A501-0DEAAF6352EC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{2CE8976C-5281-4F09-A31A-E41D0DE521F4}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{9E8A277B-E58E-46C5-BB84-AA2713E435D8}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{A639259B-5E60-4317-B8CA-BA06F490EFC5}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{B5C918B7-2E23-407D-82F9-64F0A943F546}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{E51B963C-4B0D-4786-A184-4DDFEB069F84}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{4F60598A-FB07-46C4-B448-F01A052A25C3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{87DB7AA7-3795-4A05-923C-96B10C974630}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{5614D0EA-22CD-4A2C-9353-4A9B2CC178B3}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{4ADC02BA-3B7E-4DBF-8E61-75D07C1F48D4}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{BE28241E-3859-455E-B693-F84487BEA757}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{BBAFC5F9-8FB9-49BC-B84C-B2C148C92847}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/15/2015 10:20:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0
Faulting module name: 3ivx.dll, version: 4.5.1.30, time stamp: 0x40165f49
Exception code: 0xc0000005
Fault offset: 0x000edfe4
Faulting process ID: 0x3318
Faulting application start time: 0xwmplayer.exe0
Faulting application path: wmplayer.exe1
Faulting module path: wmplayer.exe2
Report ID: wmplayer.exe3
Faulting package full name: wmplayer.exe4
Faulting package-relative application ID: wmplayer.exe5

Error: (05/15/2015 10:17:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0
Faulting module name: 3ivx.dll, version: 4.5.1.30, time stamp: 0x40165f49
Exception code: 0xc0000005
Fault offset: 0x000edfe4
Faulting process ID: 0x385c
Faulting application start time: 0xwmplayer.exe0
Faulting application path: wmplayer.exe1
Faulting module path: wmplayer.exe2
Report ID: wmplayer.exe3
Faulting package full name: wmplayer.exe4
Faulting package-relative application ID: wmplayer.exe5

Error: (05/15/2015 03:45:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 83038750

Error: (05/15/2015 03:45:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 83038750

Error: (05/15/2015 03:45:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2015 00:32:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17416, time stamp: 0x5452eed9
Faulting module name: Flash.ocx, version: 17.0.0.169, time stamp: 0x5529e2cc
Exception code: 0xc0000005
Fault offset: 0x008f3dc0
Faulting process ID: 0xc64
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report ID: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5

Error: (05/12/2015 09:38:07 PM) (Source: MsiInstaller) (EventID: 1024) (User: TOMMYTUCKER)
Description: Product: Adobe Reader XI (11.0.10) - Update '{AC76BA86-7AD7-0000-2550-7A8C40011011}' could not be installed. Error code 1625. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: http://go.microsoft....k/?LinkId=23127

Error: (05/12/2015 09:28:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program wwahost.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 3d60

Start Time: 01d08cf18947243f

Termination Time: 4294967295

Application Path: C:\WINDOWS\syswow64\wwahost.exe

Report Id: 7e0de3e8-f8e5-11e4-bee2-7054d2425fce

Faulting package full name: Microsoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5c

Faulting package-relative application ID: App

Error: (05/09/2015 06:51:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15281

Error: (05/09/2015 06:51:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15281


System errors:
=============
Error: (05/16/2015 03:21:17 PM) (Source: Tcpip) (EventID: 4199) (User: )
Description: The system detected an address conflict for IP address 0.0.0.0 with the system
having network hardware address 00-00-00-00-00-00. Network operations on this system may
be disrupted as a result.

Error: (05/16/2015 01:44:54 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/16/2015 01:44:54 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/16/2015 01:44:48 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/16/2015 01:44:48 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/16/2015 01:44:48 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/16/2015 01:44:48 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/14/2015 04:41:09 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/14/2015 04:41:09 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (05/14/2015 01:08:48 PM) (Source: DCOM) (EventID: 10010) (User: TOMMYTUCKER)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (05/15/2015 10:20:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmplayer.exe12.0.9600.17415545046f03ivx.dll4.5.1.3040165f49c0000005000edfe4331801d08f54f375c725C:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\windows\SYSTEM32\3ivx.dll31c606ba-fb48-11e4-bee5-7054d2425fce

Error: (05/15/2015 10:17:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmplayer.exe12.0.9600.17415545046f03ivx.dll4.5.1.3040165f49c0000005000edfe4385c01d08f547fefe1a7C:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\windows\SYSTEM32\3ivx.dllbfe02ef0-fb47-11e4-bee5-7054d2425fce

Error: (05/15/2015 03:45:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 83038750

Error: (05/15/2015 03:45:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 83038750

Error: (05/15/2015 03:45:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2015 00:32:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.174165452eed9Flash.ocx17.0.0.1695529e2ccc0000005008f3dc0c6401d08d06daebef6aC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\Macromed\Flash\Flash.ocx1f4f14ee-f8ff-11e4-bee4-7054d2425fce

Error: (05/12/2015 09:38:07 PM) (Source: MsiInstaller) (EventID: 1024) (User: TOMMYTUCKER)
Description: Adobe Reader XI (11.0.10){AC76BA86-7AD7-0000-2550-7A8C40011011}1625(NULL)(NULL)(NULL)

Error: (05/12/2015 09:28:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.174153d6001d08cf18947243f4294967295C:\WINDOWS\syswow64\wwahost.exe7e0de3e8-f8e5-11e4-bee2-7054d2425fceMicrosoft.SkypeApp_3.1.0.1007_x86__kzf8qxf38zg5cApp

Error: (05/09/2015 06:51:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15281

Error: (05/09/2015 06:51:44 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15281


==================== Memory info ===========================

Processor: Intel® Pentium® CPU B960 @ 2.20GHz
Percentage of memory in use: 57%
Total physical RAM: 3977.22 MB
Available physical RAM: 1673.57 MB
Total Pagefile: 6665.22 MB
Available Pagefile: 4648.7 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (TI30992200A) (Fixed) (Total:585.58 GB) (Free:384.76 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

Attached Files


  • 0

Advertisements


#2
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


First
Please remove these programs from your programs an features list, Start > Control panel > Programs an features. (Windows 8 users: Learn how to access the Control Panel) In the list find the program listed below and uninstall it if found.
  • Delta Chrome Toolbar
  • Delta toolbar
  • MyPC Backup
  • StormWatch
I'll be back with more instructions for you, let me know when you uninstalled those programs and what ones would not uninstall or any other issues that may have occurred
  • 0

#3
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)


First
Please remove these programs from your programs an features list, Start > Control panel > Programs an features. (Windows 8 users: Learn how to access the Control Panel) In the list find the program listed below and uninstall it if found.

  • Delta Chrome Toolbar
  • Delta toolbar
  • MyPC Backup
  • StormWatch
I'll be back with more instructions for you, let me know when you uninstalled those programs and what ones would not uninstall or any other issues that may have occurred

 

hi zep516

Delta toolbar will not uninstall takes me to a 404 error page


  • 0

#4
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
OK,

I missed one too, see if you can get this one BitGuard

I have also noticed in your log file you are using BitComet P2P program. We at Geeks to go ! Recommend removing these type of programs, they are a known cause of Malware infections. When you use file sharing programs like this you can never be sure of the file content and you are put at a much greater risk for infection. I strongly recommend you remove this program before we begin our work.

Thanks,

Let me have some time to look over log.
  • 0

#5
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Ok both gone 2nd hand laptop, (would also like to rename pc's name of Sharon)  Delta toolbar is still in the list take me to a hung webpage stating navigation cancelled ?


  • 0

#6
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
OK,

A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
start
CloseProcesses:
CreateRestorePoint:
C:\Users\SHARON\AppData\Local\StormWatch\StormWatchApp.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> DefaultScope {6F5548DC-956A-4BE7-AF90-DAD9CF264BDB} URL = http://Vosteran.com/...=1005845444&ir=
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {6F5548DC-956A-4BE7-AF90-DAD9CF264BDB} URL = http://Vosteran.com/...=1005845444&ir=
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {756E3821-B2F6-4EFE-9B85-81F4BDBA19D4} URL =
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll No File
Toolbar: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\SHARON\AppData\Roaming\BabSolution\CR\Delta.crx [2013-10-17]
2015-05-05 13:23 - 2014-11-25 15:55 - 00000000 ____D () C:\Users\SHARON\AppData\Local\StormWatch
S3 Tosrfcom; No ImagePath
Task: {42E667E9-9AFB-4A14-9C64-17131497D72F} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
AlternateDataStreams: C:\Users\SHARON\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\tracy_000\OneDrive:ms-properties
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
hosts:
Emptytemp:
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
Next

thisisujrt.gif Please download Junkware Removal Tool to your Desktop.

Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.

In your next reply post;
  • Fixlog.txt, found on desktop after fix has run
  • The AdwCleaner [SO].txt Log
  • The JRT.txt Log
Thanks
Joe :)
  • 0

#7
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-05-2015 02
Ran by SHARON at 2015-05-16 18:35:10 Run:1
Running from C:\Users\SHARON\Desktop
Loaded Profiles: SHARON (Available profiles: SHARON & tracy_000)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
CloseProcesses:
CreateRestorePoint:
C:\Users\SHARON\AppData\Local\StormWatch\StormWatchApp.exe
AppInit_DLLs: c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found
SearchScopes: HKLM -> {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL =
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> DefaultScope {6F5548DC-956A-4BE7-AF90-DAD9CF264BDB} URL = http://Vosteran.com/....=1005845444=
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {6F5548DC-956A-4BE7-AF90-DAD9CF264BDB} URL = http://Vosteran.com/....=1005845444=
SearchScopes: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> {756E3821-B2F6-4EFE-9B85-81F4BDBA19D4} URL =
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll No File
Toolbar: HKU\S-1-5-21-3480854019-250065186-1690203289-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\SHARON\AppData\Roaming\BabSolution\CR\Delta.crx [2013-10-17]
2015-05-05 13:23 - 2014-11-25 15:55 - 00000000 ____D () C:\Users\SHARON\AppData\Local\StormWatch
S3 Tosrfcom; No ImagePath
Task: {42E667E9-9AFB-4A14-9C64-17131497D72F} - System32\Tasks\BitGuard => Sc.exe start BitGuard <==== ATTENTION
AlternateDataStreams: C:\Users\SHARON\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\tracy_000\OneDrive:ms-properties
CMD: bitsadmin /reset /allusers
CMD: netsh winsock reset catalog
CMD: ipconfig /flushdns
hosts:
Emptytemp:
*****************

Processes closed successfully.
Restore point was successfully created.
"C:\Users\SHARON\AppData\Local\StormWatch\StormWatchApp.exe" => File/Directory not found.
"c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll" => Value Data removed successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77}" => Key deleted successfully.
HKCR\CLSID\{DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} => Key not found.
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\bProtectorDefaultScope => value deleted successfully.
"HKU\S-1-5-21-3480854019-250065186-1690203289-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}" => Key deleted successfully.
HKCR\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
"HKU\S-1-5-21-3480854019-250065186-1690203289-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6F5548DC-956A-4BE7-AF90-DAD9CF264BDB}" => Key deleted successfully.
HKCR\CLSID\{6F5548DC-956A-4BE7-AF90-DAD9CF264BDB} => Key not found.
"HKU\S-1-5-21-3480854019-250065186-1690203289-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{756E3821-B2F6-4EFE-9B85-81F4BDBA19D4}" => Key deleted successfully.
HKCR\CLSID\{756E3821-B2F6-4EFE-9B85-81F4BDBA19D4} => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}" => Key deleted successfully.
HKU\S-1-5-21-3480854019-250065186-1690203289-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} => value deleted successfully.
"HKCR\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde => Key not found.
"C:\Users\SHARON\AppData\Roaming\BabSolution\CR\Delta.crx" => File/Directory not found.
"C:\Users\SHARON\AppData\Local\StormWatch" => File/Directory not found.
Tosrfcom => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{42E667E9-9AFB-4A14-9C64-17131497D72F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{42E667E9-9AFB-4A14-9C64-17131497D72F}" => Key deleted successfully.
C:\Windows\System32\Tasks\BitGuard => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BitGuard" => Key deleted successfully.
C:\Users\SHARON\SkyDrive => ":ms-properties" ADS removed successfully.
C:\Users\tracy_000\OneDrive => ":ms-properties" ADS removed successfully.

=========  bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

=========  netsh winsock reset catalog =========

Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.

========= End of CMD: =========

=========  ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 2.6 GB temporary data.

The system needed a reboot.

==== End of Fixlog 18:41:40 ====


  • 0

#8
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

# AdwCleaner v4.204 - Logfile created 16/05/2015 at 19:01:01
# Updated 12/05/2015 by Xplode
# Database : 2015-05-12.2 [Server]
# Operating system : Windows 8.1  (x64)
# Username : SHARON - POTTSYS
# Running from : C:\Users\SHARON\Desktop\adwcleaner_4.204.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BitGuard
Folder Deleted : C:\ProgramData\DSearchLink
Folder Deleted : C:\ProgramData\Fighters
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\AVG Security Toolbar
Folder Deleted : C:\Program Files (x86)\Delta
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Users\SHARON\AppData\Roaming\Babylon
Folder Deleted : C:\Users\SHARON\AppData\Roaming\Fighters
Folder Deleted : C:\Users\SHARON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\SHARON\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\tracy_000\AppData\LocalLow\AVG SafeGuard toolbar

***** [ Scheduled tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\d
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Key Deleted : HKCU\Software\5d0dfdcb334e546
Key Deleted : HKLM\SOFTWARE\5d0dfdcb334e546
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\StormWatch
Key Deleted : HKCU\Software\CoinisRS
Key Deleted : HKCU\Software\Fighters
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\Delta
Key Deleted : HKLM\SOFTWARE\Fighters
Key Deleted : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416

*************************

AdwCleaner[R0].txt - [7417 bytes] - [16/05/2015 18:57:02]
AdwCleaner[S0].txt - [6997 bytes] - [16/05/2015 19:01:01]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7056  bytes] ##########


  • 0

#9
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.2 (05.15.2015:1)
OS: Windows 8.1 x64
Ran by SHARON on 16/05/2015 at 19:07:32.09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Tasks

Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1468742799-1168679891-210940226-500
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3480854019-250065186-1690203289-1001
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3480854019-250065186-1690203289-1003
Successfully deleted: [Task] C:\WINDOWS\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-3480854019-250065186-1690203289-500

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16/05/2015 at 19:11:50.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


  • 0

#10
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
  • Please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup-version.exe and follow the prompts to install the program.
  • At the end, be sure a check-mark is placed next to the following:
  • Enable free trial of Malwarebytes Anti-Malware Premium
  • Launch Malwarebytes Anti-Malware
  • Then click Finish.
  • If an update is found, you will be prompted to download and install the latest version.
  • Once the program has loaded, select Scan now. Or select the Threat Scan from the Scan menu.
  • When the scan is complete , make sure that that all Threats are selected, and click Remove Selected.
  • Reboot your computer if prompted.
Posting the Malwarebytes log.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the Scan Log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • post that saved log to your next reply.

  • 0

Advertisements


#11
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 16/05/2015
Scan Time: 19:31:00
Logfile: MBscanlog.txt
Administrator: Yes

Version: 2.01.6.1022
Malware Database: v2015.05.16.04
Rootkit Database: v2015.05.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: SHARON

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 440912
Time Elapsed: 58 min, 46 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 5
PUP.Optional.Delta.A, HKU\S-1-5-21-3480854019-250065186-1690203289-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [78dc3b599feb8da9ea65117c51b2aa56],
PUP.Optional.Delta.A, HKU\S-1-5-21-3480854019-250065186-1690203289-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, Quarantined, [78dc3b599feb8da9ea65117c51b2aa56],
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [b4a0761e8208ed49bfca46a35ca75fa1],
PUP.Optional.Vosteran.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\MEDIAPLAYER\SHIMINCLUSIONLIST\vosteran.exe, Quarantined, [04507f152e5cca6c0da62ab601022ad6],
PUP.Optional.Vosteran.A, HKU\S-1-5-21-3480854019-250065186-1690203289-1001\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\oilkkkefbalmbfppgjmgjoefbclebkce, Quarantined, [1e36c5cf29613df990fa58912cd7f808],

Registry Values: 1
PUP.Optional.Vosteran.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Vosteran\\, Quarantined, [7cd89bf91d6dc274d9846571b94a758b]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)


  • 0

#12
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello, this will not take long :)

Please download MiniToolBox http://download.blee...MiniToolBox.exe and run it.

Checkmark following boxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Restore Points
Click Go and post the result.
  • 0

#13
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

MiniToolBox by Farbar  Version: 11-05-2015 01
Ran by SHARON (administrator) on 16-05-2015 at 20:50:14
Running from "C:\Users\SHARON\Desktop"
Microsoft Windows 8.1  (X64)
Model: SATELLITE C850-1D2 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

========================= IP Configuration: ================================

Realtek PCIe FE Family Controller = Ethernet (Connected)
Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC = WiFi (Media disconnected)

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="WiFi" nexthop=192.168.0.1 publish=Yes
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="other_1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="wireless_11" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="ethernet_3" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="WiFi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled

popd
# End of IPv4 configuration

 

Windows IP Configuration

   Host Name . . . . . . . . . . . . : Pottsys
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : Home

Wireless LAN adapter Local Area Connection* 12:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 20-16-D8-39-95-BB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 70-54-D2-42-5F-CE
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::51cd:41ae:772d:4265%4(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.4(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 16 May 2015 19:02:52
   Lease Expires . . . . . . . . . . : 17 May 2015 19:02:51
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 259019986
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3D-54-06-70-54-D2-42-5F-CE
   DNS Servers . . . . . . . . . . . : 192.168.0.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter WiFi:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC
   Physical Address. . . . . . . . . : 20-16-D8-39-95-BB
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.Home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : Home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 17:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:3c37:37fd:4fe6:5927(Preferred)
   Link-local IPv6 Address . . . . . : fe80::3c37:37fd:4fe6:5927%5(Preferred)
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 201326592
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-3D-54-06-70-54-D2-42-5F-CE
   NetBIOS over Tcpip. . . . . . . . : Disabled
Server:  SkyRouter.Home
Address:  192.168.0.1

Name:    google.com
Addresses:  2a00:1450:4009:80a::200e
   216.58.208.78

Pinging google.com [216.58.208.78] with 32 bytes of data:
Reply from 216.58.208.78: bytes=32 time=13ms TTL=58
Reply from 216.58.208.78: bytes=32 time=13ms TTL=58

Ping statistics for 216.58.208.78:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 13ms, Maximum = 13ms, Average = 13ms
Server:  SkyRouter.Home
Address:  192.168.0.1

Name:    yahoo.com
Addresses:  206.190.36.45
   98.139.183.24
   98.138.253.109

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=104ms TTL=49
Reply from 98.139.183.24: bytes=32 time=103ms TTL=49

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 103ms, Maximum = 104ms, Average = 103ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  6...20 16 d8 39 95 bb ......Microsoft Wi-Fi Direct Virtual Adapter
  4...70 54 d2 42 5f ce ......Realtek PCIe FE Family Controller
  3...20 16 d8 39 95 bb ......Realtek RTL8723AE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.0.1      192.168.0.4     20
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.0.0    255.255.255.0         On-link       192.168.0.4    276
      192.168.0.4  255.255.255.255         On-link       192.168.0.4    276
    192.168.0.255  255.255.255.255         On-link       192.168.0.4    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.0.4    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.0.4    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      192.168.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  5    306 ::/0                     On-link
  1    306 ::1/128                  On-link
  5    306 2001::/32                On-link
  5    306 2001:0:5ef5:79fd:3c37:37fd:4fe6:5927/128
                                    On-link
  4    276 fe80::/64                On-link
  5    306 fe80::/64                On-link
  5    306 fe80::3c37:37fd:4fe6:5927/128
                                    On-link
  4    276 fe80::51cd:41ae:772d:4265/128
                                    On-link
  1    306 ff00::/8                 On-link
  4    276 ff00::/8                 On-link
  5    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\WINDOWS\SysWOW64\napinsp.dll [55296] (Microsoft Corporation)
Catalog5 02 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 03 C:\WINDOWS\SysWOW64\pnrpnsp.dll [70144] (Microsoft Corporation)
Catalog5 04 C:\WINDOWS\SysWOW64\NLAapi.dll [65536] (Microsoft Corporation)
Catalog5 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog5 06 C:\WINDOWS\SysWOW64\winrnr.dll [23040] (Microsoft Corporation)
Catalog5 07 C:\WINDOWS\SysWOW64\wshbth.dll [50688] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 02 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 03 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 04 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 05 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 06 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 07 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 08 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 09 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 10 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
Catalog9 11 C:\WINDOWS\SysWOW64\mswsock.dll [286208] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\napinsp.dll [69120] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [88576] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\NLAapi.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [30720] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\wshbth.dll [63488] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [339456] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/16/2015 06:38:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_inetcpl.cpl, version: 6.3.9600.17415, time stamp: 0x54504eb8
Faulting module name: USER32.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc0000142
Fault offset: 0x00000000000ec180
Faulting process ID: 0x774
Faulting application start time: 0xrundll32.exe_inetcpl.cpl0
Faulting application path: rundll32.exe_inetcpl.cpl1
Faulting module path: rundll32.exe_inetcpl.cpl2
Report ID: rundll32.exe_inetcpl.cpl3
Faulting package full name: rundll32.exe_inetcpl.cpl4
Faulting package-relative application ID: rundll32.exe_inetcpl.cpl5

Error: (05/16/2015 06:38:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: rundll32.exe_inetcpl.cpl, version: 6.3.9600.17415, time stamp: 0x54504eb8
Faulting module name: USER32.dll, version: 6.3.9600.17736, time stamp: 0x550f4336
Exception code: 0xc0000142
Fault offset: 0x00000000000ec180
Faulting process ID: 0x7b4
Faulting application start time: 0xrundll32.exe_inetcpl.cpl0
Faulting application path: rundll32.exe_inetcpl.cpl1
Faulting module path: rundll32.exe_inetcpl.cpl2
Report ID: rundll32.exe_inetcpl.cpl3
Faulting package full name: rundll32.exe_inetcpl.cpl4
Faulting package-relative application ID: rundll32.exe_inetcpl.cpl5

Error: (05/16/2015 06:35:15 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {05514059-aa21-4bad-b3d9-96942a24ccf0}

Error: (05/16/2015 06:21:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUninstaller.exe, version: 9.1.2.11, time stamp: 0x521b57d7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc000041d
Fault offset: 0x00002f00
Faulting process ID: 0xdbc
Faulting application start time: 0xGUninstaller.exe0
Faulting application path: GUninstaller.exe1
Faulting module path: GUninstaller.exe2
Report ID: GUninstaller.exe3
Faulting package full name: GUninstaller.exe4
Faulting package-relative application ID: GUninstaller.exe5

Error: (05/16/2015 06:21:03 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUninstaller.exe, version: 9.1.2.11, time stamp: 0x521b57d7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00002f00
Faulting process ID: 0xdbc
Faulting application start time: 0xGUninstaller.exe0
Faulting application path: GUninstaller.exe1
Faulting module path: GUninstaller.exe2
Report ID: GUninstaller.exe3
Faulting package full name: GUninstaller.exe4
Faulting package-relative application ID: GUninstaller.exe5

Error: (05/16/2015 06:07:04 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUninstaller.exe, version: 9.1.2.11, time stamp: 0x521b57d7
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000
Faulting process ID: 0x1a20
Faulting application start time: 0xGUninstaller.exe0
Faulting application path: GUninstaller.exe1
Faulting module path: GUninstaller.exe2
Report ID: GUninstaller.exe3
Faulting package full name: GUninstaller.exe4
Faulting package-relative application ID: GUninstaller.exe5

Error: (05/16/2015 06:02:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUninstaller.exe, version: 9.1.2.11, time stamp: 0x521b57d7
Faulting module name: ieframe.dll, version: 11.0.9600.17801, time stamp: 0x553669ec
Exception code: 0xc0000005
Fault offset: 0x001a6e39
Faulting process ID: 0x1838
Faulting application start time: 0xGUninstaller.exe0
Faulting application path: GUninstaller.exe1
Faulting module path: GUninstaller.exe2
Report ID: GUninstaller.exe3
Faulting package full name: GUninstaller.exe4
Faulting package-relative application ID: GUninstaller.exe5

Error: (05/16/2015 06:01:01 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUninstaller.exe, version: 9.1.2.11, time stamp: 0x521b57d7
Faulting module name: ieframe.dll, version: 11.0.9600.17801, time stamp: 0x553669ec
Exception code: 0xc000041d
Fault offset: 0x001a6e39
Faulting process ID: 0x7c0
Faulting application start time: 0xGUninstaller.exe0
Faulting application path: GUninstaller.exe1
Faulting module path: GUninstaller.exe2
Report ID: GUninstaller.exe3
Faulting package full name: GUninstaller.exe4
Faulting package-relative application ID: GUninstaller.exe5

Error: (05/16/2015 06:00:59 PM) (Source: Application Error) (User: )
Description: Faulting application name: GUninstaller.exe, version: 9.1.2.11, time stamp: 0x521b57d7
Faulting module name: ieframe.dll, version: 11.0.9600.17801, time stamp: 0x553669ec
Exception code: 0xc0000005
Fault offset: 0x001a6e39
Faulting process ID: 0x7c0
Faulting application start time: 0xGUninstaller.exe0
Faulting application path: GUninstaller.exe1
Faulting module path: GUninstaller.exe2
Report ID: GUninstaller.exe3
Faulting package full name: GUninstaller.exe4
Faulting package-relative application ID: GUninstaller.exe5

Error: (05/15/2015 10:20:22 PM) (Source: Application Error) (User: )
Description: Faulting application name: wmplayer.exe, version: 12.0.9600.17415, time stamp: 0x545046f0
Faulting module name: 3ivx.dll, version: 4.5.1.30, time stamp: 0x40165f49
Exception code: 0xc0000005
Fault offset: 0x000edfe4
Faulting process ID: 0x3318
Faulting application start time: 0xwmplayer.exe0
Faulting application path: wmplayer.exe1
Faulting module path: wmplayer.exe2
Report ID: wmplayer.exe3
Faulting package full name: wmplayer.exe4
Faulting package-relative application ID: wmplayer.exe5

System errors:
=============
Error: (05/16/2015 07:08:38 PM) (Source: Service Control Manager) (User: )
Description: The TMachInfo service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:38 PM) (Source: Service Control Manager) (User: )
Description: The TPCH Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:38 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Management and Security Application User Notification Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:37 PM) (Source: Service Control Manager) (User: )
Description: The Nero Update service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:37 PM) (Source: Service Control Manager) (User: )
Description: The Intel® ME Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:37 PM) (Source: Service Control Manager) (User: )
Description: The iPod Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:35 PM) (Source: Service Control Manager) (User: )
Description: The TOSHIBA eco Utility Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:35 PM) (Source: Service Control Manager) (User: )
Description: The TOSHIBA Optical Disc Drive Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:35 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Dynamic Application Loader Host Interface Service service terminated unexpectedly. It has done this 1 time(s).

Error: (05/16/2015 07:08:34 PM) (Source: Service Control Manager) (User: )
Description: The Intel® Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Microsoft Office Sessions:
=========================
Error: (05/16/2015 06:38:25 PM) (Source: Application Error)(User: )
Description: rundll32.exe_inetcpl.cpl6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec18077401d08fff1c54fb14C:\WINDOWS\system32\rundll32.exeUSER32.dll5a2a367f-fbf2-11e4-bee7-7054d2425fce

Error: (05/16/2015 06:38:25 PM) (Source: Application Error)(User: )
Description: rundll32.exe_inetcpl.cpl6.3.9600.1741554504eb8USER32.dll6.3.9600.17736550f4336c000014200000000000ec1807b401d08fff1c575d76C:\WINDOWS\system32\rundll32.exeUSER32.dll5a2a0f6f-fbf2-11e4-bee7-7054d2425fce

Error: (05/16/2015 06:35:15 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.

Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {05514059-aa21-4bad-b3d9-96942a24ccf0}

Error: (05/16/2015 06:21:06 PM) (Source: Application Error)(User: )
Description: GUninstaller.exe9.1.2.11521b57d7unknown0.0.0.000000000c000041d00002f00dbc01d08ffcaddfe1e0C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exeunknowneed293d8-fbef-11e4-bee7-7054d2425fce

Error: (05/16/2015 06:21:03 PM) (Source: Application Error)(User: )
Description: GUninstaller.exe9.1.2.11521b57d7unknown0.0.0.000000000c000000500002f00dbc01d08ffcaddfe1e0C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exeunknowned8720e5-fbef-11e4-bee7-7054d2425fce

Error: (05/16/2015 06:07:04 PM) (Source: Application Error)(User: )
Description: GUninstaller.exe9.1.2.11521b57d7unknown0.0.0.000000000c0000005000000001a2001d08ffaba35b8c0C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exeunknownf9391b93-fbed-11e4-bee6-7054d2425fce

Error: (05/16/2015 06:02:27 PM) (Source: Application Error)(User: )
Description: GUninstaller.exe9.1.2.11521b57d7ieframe.dll11.0.9600.17801553669ecc0000005001a6e39183801d08ffa14fa6db3C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exeC:\Windows\SYSTEM32\ieframe.dll53f96935-fbed-11e4-bee6-7054d2425fce

Error: (05/16/2015 06:01:01 PM) (Source: Application Error)(User: )
Description: GUninstaller.exe9.1.2.11521b57d7ieframe.dll11.0.9600.17801553669ecc000041d001a6e397c001d08ff9e05e6c23C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exeC:\Windows\SYSTEM32\ieframe.dll20f1c688-fbed-11e4-bee6-7054d2425fce

Error: (05/16/2015 06:00:59 PM) (Source: Application Error)(User: )
Description: GUninstaller.exe9.1.2.11521b57d7ieframe.dll11.0.9600.17801553669ecc0000005001a6e397c001d08ff9e05e6c23C:\Program Files (x86)\Delta\delta\1.8.24.6\GUninstaller.exeC:\Windows\SYSTEM32\ieframe.dll1fad20f7-fbed-11e4-bee6-7054d2425fce

Error: (05/15/2015 10:20:22 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.9600.17415545046f03ivx.dll4.5.1.3040165f49c0000005000edfe4331801d08f54f375c725C:\Program Files (x86)\Windows Media Player\wmplayer.exeC:\windows\SYSTEM32\3ivx.dll31c606ba-fb48-11e4-bee5-7054d2425fce

=========================== Installed Programs ============================

Adobe Reader XI (11.0.11) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
ANT Drivers Installer x64 (HKLM\...\{4AE2138C-8A0F-4C68-B7D2-722A5F6327F5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\{3A1B060C-5D3F-4FFA-914E-6292A6F7464E}) (Version: 15.0.4342 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\{B38CFE4C-C9C4-460B-8353-F56DF2AC3877}) (Version: 15.0.5941 - AVG Technologies) Hidden
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5941 - AVG Technologies)
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.32(T) - TOSHIBA CORPORATION)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Elevated Installer (HKLM-x32\...\{B9493F36-49B9-4E6F-BA94-4E54C86D7CA8}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
FLV-Media Player 1.8 (HKLM-x32\...\FLV-Media Player) (Version: 1.8 - HYBRIDWEB)
Garmin Express (HKLM-x32\...\{631F7A18-2816-45DD-AD98-60F57D14E7AD}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{855d8086-4275-4bd3-a7a8-b44da3a56d7a}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{0B4A6B94-236B-4257-B560-28942335C938}) (Version: 3.2.27.0 - Garmin Ltd or its subsidiaries) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{709A2D23-C25E-47B5-9268-CB6FEE648504}) (Version: 4.1.1.53 - Apple Inc.)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
K-Lite Mega Codec Pack 1.25 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 1.25 - )
Malwarebytes Anti-Malware version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.49.124  - Toshiba Corporation)
TP-LINK TL-WN821N©_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden
WinAVIVideoConverter (HKLM-x32\...\WinAVIVideoConverter_is1) (Version:  - ZJ Computing, Inc.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth  (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )

========================= Memory info: ===================================

Percentage of memory in use: 43%
Total physical RAM: 3977.22 MB
Available physical RAM: 2245.2 MB
Total Pagefile: 6665.22 MB
Available Pagefile: 4588.96 MB
Total Virtual: 4095.88 MB
Available Virtual: 3967.8 MB

========================= Partitions: =====================================

1 Drive c: (TI30992200A) (Fixed) (Total:585.58 GB) (Free:385.32 GB) NTFS

========================= Users: ========================================

User accounts for \\POTTSYS

Administrator            Guest                    SHARON                  
tracy_000               

========================= Restore Points ==================================

26-04-2015 14:48:29 Scheduled Checkpoint
05-05-2015 03:59:16 Scheduled Checkpoint
12-05-2015 20:48:31 Installed AVG 2015
16-05-2015 17:35:16 Restore Point Created by FRST

**** End of log ****


  • 0

#14
zep516

zep516

    Trusted Helper

  • Malware Removal
  • 6,803 posts
Hello,

One more Malware scan. This scan could take a while and may list things we already addressed. I'll look at the log when you post it and go from there.

ESET Online Scanner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.
  • Please go >>HERE<< then click on: ESET1st.jpg

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the ESETexe.jpg icon to install.

    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: ESETsave.jpg
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed make sure you first copy the logfile located at C:\Program Files (x86)\ESET\Esetonlinescanner\log.txt).
  • Copy and paste that log as a reply to this topic.
  • Now click on: EOLS4.gif
    (Selecting Uninstall application on close if you so wish)
Please post the ESET Scan results in you next reply.
  • 0

#15
pottsy

pottsy

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts

[email protected] as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
 


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP