Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I think my computer may be infected

Started by Ice205 , May 23 2015 05:29 AM

  • Please log in to reply

#1
Ice205
Posted 23 May 2015 - 05:29 AM

Ice205

    New Member

  • Member
  • Pip
  • 3 posts

I have run a malware scan with my anti-virus package but nothing comes up. Please help

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015
Ran by BeaJames (administrator) on BEA on 23-05-2015 13:37:15
Running from C:\Users\BeaJames\Downloads
Loaded Profiles: UpdatusUser & BeaJames (Available profiles: UpdatusUser & BeaJames)
Platform: Windows 8.1 Single Language (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(My Digital Life Forums) C:\Windows\KMSServerService\KMS Server Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\Settings\sSettings.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Samsung Electronics CO., LTD.) C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\Dropbox.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [391128 2013-10-04] (Intel Corporation)
HKLM-x32\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe [771032 2013-10-04] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe [769496 2013-10-04] (Intel Corporation)
HKLM-x32\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2862448 2012-08-06] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-13] (Intel Corporation)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [111120 2012-06-08] (CyberLink)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2503704 2015-03-23] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3602199943-3102315252-1166656674-1001\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2013-08-22] (Microsoft Corporation)
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Run: [Quick Starter] => C:\Program Files (x86)\Samsung\Quick Starter\Quick Starter.exe [1996800 2012-08-29] (Samsung Electronics CO., LTD.)
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Run: [uTorrent] => C:\Users\BeaJames\AppData\Roaming\uTorrent\uTorrent.exe [1130576 2013-08-30] (BitTorrent Inc.)
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2013-07-26] (Google Inc.)
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Run: [AVG-Secure-Search-Update_1113a] => C:\Users\BeaJames\AppData\Roaming\AVG 1113a Campaign\AVG-Secure-Search-Update-1113a.exe /PROMPT /mid=d5753ea047db47d3a1ea81fe85dd87ee-91cb43df4eb1c3d20440ab3e073a97ff59b0cfba /CMPID=1113a
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Run: [GoogleChromeAutoLaunch_255D4794CE0372CE130BCAC71CE75566] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [812872 2015-04-28] (Google Inc.)
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Run: [Viber] => "C:\Users\BeaJames\AppData\Local\Viber\Viber.exe"
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {3402a100-5bbb-11e3-bec3-50b7c3396e1d} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {3402a109-5bbb-11e3-bec3-50b7c3396e1d} - "F:\AutoRun.exe" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {aa544911-9ca0-11e3-bed6-50b7c3396e1d} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {aa544928-9ca0-11e3-bed6-50b7c3396e1d} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {be1c10f2-8d3e-11e4-bf05-50b7c3396e1d} - "E:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {c7a34d2a-2d13-11e4-bef6-50b7c3396e1d} - "F:\SETUP.EXE" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {dec979b2-b712-11e3-bed6-50b7c3396e1d} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {dec979d8-b712-11e3-bed6-50b7c3396e1d} - "E:\AutoRun.exe" 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\MountPoints2: {dec979eb-b712-11e3-bed6-50b7c3396e1d} - "E:\AutoRun.exe" 
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
Startup: C:\Users\BeaJames\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-18]
ShortcutTarget: Dropbox.lnk -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.howzit.msn.com/
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.3.0.885&pid=safeguard&sg=&sap=hp
URLSearchHook: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {247500F5-A4C4-4D41-9F76-9B0F81EDE707} URL = http://search.condui...6092158030&UM=2
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {A1270DF7-3DF5-4D3D-A393-058AF08347D3} URL = http://search.yahoo....petb&type=10553
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {DFE0AEEC-7F34-4D2E-91C8-BE8EFBB35521} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-08-10] (Qualcomm Atheros Commnucations)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-09] (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-12-26] (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-23] (AVG Secure Search)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-09] (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-12-26] (Oracle Corporation)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-23] (AVG Secure Search)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-09] (Google Inc.)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.3.0.885\AVG SafeGuard toolbar_toolbar.dll [2015-03-23] (AVG Secure Search)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-09] (Google Inc.)
Toolbar: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-03-09] (Google Inc.)
Toolbar: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
DPF: HKLM-x32 {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...n/ieawsdc32.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.3.0\ViProtocol.dll [2015-03-23] (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.2
 
FireFox:
========
FF ProfilePath: C:\Users\BeaJames\AppData\Roaming\Mozilla\Firefox\Profiles\2p3n2739.default
FF DefaultSearchEngine: sweet-page
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: sweet-page
FF Keyword.URL: 
FF NetworkProxy: "no_proxies_on", ""
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-22] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-22] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\Microsoft Office\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2014-09-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3602199943-3102315252-1166656674-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-3602199943-3102315252-1166656674-1002: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml [2015-03-23]
FF Extension: Adblock Plus - C:\Users\BeaJames\AppData\Roaming\Mozilla\Firefox\Profiles\2p3n2739.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-16]
FF Extension: Whilokii - C:\Users\BeaJames\AppData\Roaming\Mozilla\Firefox\Profiles\2p3n2739.default\Extensions\{fed5e6b2-4fc4-43ba-8e95-001d959d8008}.xpi [2014-02-04]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.3.0.885
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.3.0.885 [2015-03-23]
FF Extension: No Name - C:\Users\BeaJames\AppData\Roaming\Mozilla\Firefox\Profiles\2p3n2739.default\extensions\[email protected] [not found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={FD65F796-194C-11E2-A4CB-B8AC6F6546A7}", "https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.c...earchTerms}&o=1
CHR Profile: C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-20]
CHR Extension: (Google Drive) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-20]
CHR Extension: (YouTube) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-20]
CHR Extension: (Google Search) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-20]
CHR Extension: (Bookmark Manager) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-23]
CHR Extension: (Grammarly Spell Checker & Grammar Checker) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2015-01-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-22]
CHR Extension: (Google Wallet) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-20]
CHR Extension: (MapsGalaxy) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\oammipppclmanpimbdhhnbibcnhholbp [2014-11-20]
CHR Extension: (Gmail) - C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [211584 2012-08-10] (Qualcomm Atheros Commnucations) []
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [321024 2013-08-22] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 CrypKey License; C:\WINDOWS\system32\crypserv.exe [126976 2010-03-18] (CrypKey (Canada) Ltd.) []
R2 Easy Launcher; C:\Program Files (x86)\Samsung\Settings\CmdServer\EasyLauncher.exe [1593976 2012-08-26] (Samsung Electronics CO., LTD.)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-18] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 KMSServerService; C:\WINDOWS\KMSServerService\KMS Server Service.exe [211968 2014-07-22] (My Digital Life Forums) []
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) []
R3 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-10] (Microsoft Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2014-04-14] (The OpenVPN Project)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448976 2015-04-17] (TeamViewer GmbH)
R2 vToolbarUpdater18.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\ToolbarUpdater.exe [1802776 2015-03-23] (AVG Secure Search)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-08-10] (Atheros) []
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [270104 2014-06-30] (AVG Technologies CZ, s.r.o.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-08-10] (Qualcomm Atheros)
R3 BthA2DP; C:\Windows\system32\drivers\BthA2DP.sys [131584 2013-08-22] (Microsoft Corporation)
R3 BthHFAud; C:\Windows\system32\DRIVERS\BthHfAud.sys [32640 2013-08-22] (Microsoft Corporation)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2015-05-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-11-21] (Malwarebytes Corporation)
R1 NetworkX; C:\Windows\System32\ckldrv.sys [30272 2010-03-19] ()
R3 RadioHIDMini; C:\Windows\System32\drivers\RadioHIDMini.sys [23408 2012-07-27] (Windows ® Win 7 DDK provider)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [204568 2013-10-28] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; \SystemRoot\system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-23 13:37 - 2015-05-23 13:37 - 00032367 _____ () C:\Users\BeaJames\Downloads\FRST.txt
2015-05-23 13:37 - 2015-05-23 13:37 - 00000000 ____D () C:\FRST
2015-05-23 13:36 - 2015-05-23 13:36 - 02108416 _____ (Farbar) C:\Users\BeaJames\Downloads\FRST64.exe
2015-05-23 12:00 - 2015-05-23 12:01 - 00000000 ____D () C:\Users\BeaJames\Downloads\Dexter.Season.6.S06.Complete[XWRteam]
2015-05-11 09:02 - 2015-05-11 09:43 - 00000000 ____D () C:\Users\BeaJames\Downloads\The.Good.Wife.S06E22.HDTV.x264-LOL[ettv]
2015-05-11 08:59 - 2015-05-11 10:00 - 00000000 ____D () C:\Users\BeaJames\Downloads\Revenge.S04E23.HDTV.x264-LOL[ettv]
2015-05-11 08:58 - 2015-05-11 08:59 - 00000000 ____D () C:\Users\BeaJames\Downloads\Greys.Anatomy.S11E23.HDTV.x264-LOL[ettv]
2015-05-06 12:47 - 2015-05-06 12:49 - 00000000 ____D () C:\Users\BeaJames\Documents\AGBS
2015-05-06 11:22 - 2015-05-06 11:22 - 00495384 _____ () C:\Users\BeaJames\Downloads\Content Schedule.xlsx
2015-05-05 14:31 - 2015-05-06 15:39 - 00000000 ____D () C:\Users\BeaJames\Downloads\Salem S01 Season 1 Complete HDTV 480p x264 AAC E-Subs [GWC]
2015-05-05 13:30 - 2015-05-05 13:50 - 00000000 ____D () C:\Users\BeaJames\Downloads\Red Dog (2011)
2015-05-04 07:05 - 2015-05-04 07:25 - 00000000 ____D () C:\Users\BeaJames\Downloads\The.Following.S03E10.HDTV.x264-LOL[ettv]
2015-05-03 17:12 - 2015-05-04 02:52 - 00000000 ____D () C:\Users\BeaJames\Downloads\The.Following.S03E09.HDTV.x264-LOL[ettv]
2015-05-03 17:07 - 2015-05-03 19:52 - 00000000 ____D () C:\Users\BeaJames\Downloads\The.Following.S03E06.HDTV.x264-LOL[ettv]
2015-05-03 16:59 - 2015-05-04 01:48 - 00000000 ____D () C:\Users\BeaJames\Downloads\The.Following.S03E08.HDTV.x264-LOL[ettv]
2015-05-03 16:47 - 2015-05-04 00:36 - 00000000 ____D () C:\Users\BeaJames\Downloads\The.Following.S03E07.HDTV.x264-LOL[ettv]
2015-05-03 13:12 - 2015-05-11 08:18 - 00000000 ____D () C:\Users\BeaJames\Downloads\Dexter Season 4 Blueray
2015-05-03 13:11 - 2015-05-03 13:11 - 00000000 ____D () C:\Users\BeaJames\Downloads\Dexter Season 8 Complete 480p HDTV x264 [Multi-Sub] [DexzAery]
2015-05-02 17:20 - 2015-05-03 22:03 - 00000000 ____D () C:\Users\BeaJames\Downloads\Fast.and.Furious.7.2015.HD-TS.XVID.AC3.HQ.Hive-CM8
2015-05-02 16:07 - 2015-05-03 05:11 - 00000000 ____D () C:\Users\BeaJames\Downloads\Black Sails S02 Season 02 Complete 480p HDTV x264 AAC E-Subs [GWC]
2015-05-02 15:20 - 2015-05-02 16:55 - 00000000 ____D () C:\Users\BeaJames\Downloads\Black Sails - Season 1 (HDTV)
2015-05-01 11:30 - 2015-05-01 11:31 - 00000000 ____D () C:\Users\BeaJames\Downloads\Greys.Anatomy.S11E22.HDTV.x264-KILLERS[ettv]
2015-04-29 13:13 - 2015-05-02 14:54 - 00000000 ____D () C:\Users\BeaJames\Downloads\Helix S02 Season 2 Complete 480p HDTV x264 AAC E-Subs [GWC]
2015-04-29 13:11 - 2015-04-29 23:07 - 00000000 ____D () C:\Users\BeaJames\Downloads\Helix Season 1 Complete HDTV x264 [GWC]
2015-04-29 13:07 - 2015-04-29 13:08 - 00000000 ____D () C:\Users\BeaJames\Downloads\The.Good.Wife.S06E20.HDTV.x264-LOL[ettv]
2015-04-23 14:27 - 2015-04-23 15:05 - 00000000 ____D () C:\Users\BeaJames\Downloads\The Five Love Languages by Gary Chapman , Yasser
2015-04-23 14:25 - 2015-04-23 14:25 - 01649852 _____ () C:\Users\BeaJames\Downloads\How to Be an Adult in Relationships - Richo_ David.mobi
2015-04-23 14:19 - 2015-04-23 14:20 - 00000000 ____D () C:\Users\BeaJames\Downloads\David Levithan
2015-04-23 14:16 - 2015-04-23 15:08 - 00000000 ____D () C:\Users\BeaJames\Downloads\Getting the Love You Want, 20th An. Ed_ (384)
2015-04-23 14:15 - 2015-04-23 14:15 - 00000000 ____D () C:\Users\BeaJames\Downloads\His Needs Her Needs ebook
2015-04-23 11:22 - 2015-05-23 11:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-04-23 10:31 - 2015-04-23 15:09 - 00000000 ____D () C:\Users\BeaJames\Downloads\American.Odyssey.S01E01.HDTV.x264-LOL[ettv]
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-05-23 13:36 - 2014-04-15 20:25 - 00000000 ____D () C:\Users\BeaJames\AppData\Roaming\Skype
2015-05-23 13:29 - 2013-07-18 22:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3602199943-3102315252-1166656674-1002
2015-05-23 13:28 - 2013-11-20 11:33 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{BE834B0E-3883-42F2-9B94-B00DB3CCC1B1}
2015-05-23 13:23 - 2014-05-20 13:20 - 00002163 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-23 13:23 - 2013-07-26 02:05 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-23 13:20 - 2013-12-06 22:20 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-23 13:15 - 2013-12-06 22:20 - 00003650 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-23 13:15 - 2013-07-26 02:05 - 00003886 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-23 13:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2015-05-23 12:52 - 2014-06-27 12:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-05-23 12:52 - 2012-08-30 06:13 - 00000000 ____D () C:\ProgramData\WinClon
2015-05-23 12:50 - 2014-07-18 21:49 - 00000000 ___RD () C:\Users\BeaJames\Dropbox
2015-05-23 12:49 - 2014-07-18 21:38 - 00000000 ____D () C:\Users\BeaJames\AppData\Roaming\Dropbox
2015-05-23 12:49 - 2012-07-26 07:26 - 00000187 _____ () C:\WINDOWS\win.ini
2015-05-23 12:48 - 2014-08-07 12:21 - 00003124 _____ () C:\WINDOWS\error.log
2015-05-23 12:48 - 2013-11-20 22:18 - 00000282 _____ () C:\WINDOWS\Tasks\AutoKMS.job
2015-05-23 12:48 - 2013-11-20 22:11 - 01735657 _____ () C:\WINDOWS\setupact.log
2015-05-23 12:48 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-05-23 12:47 - 2014-08-07 12:21 - 00003888 _____ () C:\WINDOWS\errord.log
2015-05-23 12:47 - 2013-11-20 22:18 - 00000000 ____D () C:\WINDOWS\AutoKMS
2015-05-23 12:47 - 2013-09-30 06:02 - 01047494 _____ () C:\WINDOWS\PFRO.log
2015-05-23 12:47 - 2013-09-17 01:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-23 12:47 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2015-05-23 12:45 - 2013-08-30 18:35 - 00000000 ____D () C:\Users\BeaJames\AppData\Roaming\uTorrent
2015-05-23 12:42 - 2013-09-17 05:31 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-05-23 12:04 - 2013-11-20 10:22 - 01274419 _____ () C:\WINDOWS\WindowsUpdate.log
2015-05-23 09:02 - 2014-11-28 23:45 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2015-05-23 00:42 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2015-05-22 15:01 - 2013-08-30 18:37 - 00000310 _____ () C:\WINDOWS\Tasks\Registry Optimizer_DEFAULT.job
2015-05-20 09:37 - 2013-08-30 18:37 - 00000318 _____ () C:\WINDOWS\Tasks\Registry Optimizer_UPDATES.job
2015-05-17 12:04 - 2014-08-26 15:07 - 00000000 ____D () C:\Users\BeaJames\Documents\Mark
2015-05-15 17:00 - 2013-11-08 19:27 - 00000416 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
2015-05-11 18:45 - 2013-10-24 15:22 - 00000000 ____D () C:\Users\BeaJames\Documents\Calibre Library
2015-05-11 08:52 - 2014-07-18 21:49 - 00001071 _____ () C:\Users\BeaJames\Desktop\Dropbox.lnk
2015-05-11 08:52 - 2014-07-18 21:45 - 00000000 ____D () C:\Users\BeaJames\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-08 12:15 - 2014-07-18 13:09 - 00000000 ____D () C:\Users\BeaJames\Documents\Beatrice
2015-05-06 11:22 - 2013-07-18 22:15 - 00000000 ____D () C:\Users\BeaJames\AppData\Local\Packages
2015-05-06 10:55 - 2013-09-30 06:10 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-28 12:54 - 2014-07-19 14:21 - 00000000 ____D () C:\Users\BeaJames\Documents\ODesk
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015
Ran by BeaJames at 2015-05-23 13:38:29
Running from C:\Users\BeaJames\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3602199943-3102315252-1166656674-500 - Administrator - Disabled)
BeaJames (S-1-5-21-3602199943-3102315252-1166656674-1002 - Administrator - Enabled) => C:\Users\BeaJames
Guest (S-1-5-21-3602199943-3102315252-1166656674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3602199943-3102315252-1166656674-1004 - Limited - Enabled)
UpdatusUser (S-1-5-21-3602199943-3102315252-1166656674-1001 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\uTorrent) (Version: 3.3.2.30180 - BitTorrent Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Allshare Play Link (HKLM-x32\...\{91786428-D4AA-476D-8AF9-A63FFAC2901F}) (Version: 1.0.0 - Samsung)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.3.0.885 - AVG Technologies)
BBC iPlayer Downloads (HKLM-x32\...\{D8753E3F-B86E-4BA6-A44A-6D92BFB38519}) (Version: 1.11.0 - BBC)
calibre (HKLM-x32\...\{260CE6D4-9FB5-47CB-8425-BEE666F40FC0}) (Version: 1.7.0 - Kovid Goyal)
Cole2k Media - Codec Pack (Advanced) 8.0.2 (HKLM-x32\...\Cole2k Media - Codec Pack) (Version: 8.0.2 - Cole2k Media)
ConverterLite 1.6.5.0 (HKLM-x32\...\ConverterLite) (Version: 1.6.5.0 - ConverterLite)
ConvertXtoDVD 4.1.19.365 (HKLM-x32\...\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1) (Version: 4.1.19.365 - )
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1912 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4421.02 - CyberLink Corp.)
Dropbox (HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Easy File Share (HKLM-x32\...\{A7C37D4B-F37A-42E8-9B6A-B28C18AD4C12}) (Version: 1.3.4 - Samsung Electronics CO.,LTD.)
E-POP (HKLM-x32\...\{F06DD8D9-9DC8-430C-835C-C9BF21E05CC1}) (Version: 1.0.1 - Samsung Electronics CO., LTD.)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - SEIKO EPSON Corporation)
ETDWare PS/2-X64 11.7.2.1_WHQL (HKLM\...\Elantech) (Version: 11.7.2.1 - ELAN Microelectronic Corp.)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Help Desk (HKLM\...\{C85A891D-7AB4-46AE-84F0-B0C3FAC82280}) (Version: 1.0.4 - Samsung Electronics CO., LTD.)
HMA! Pro VPN 2.8.6.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.6.0 - Privax Ltd)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33070) (Version: 3.6.1.33070.11 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
KMSpico 5.1 (HKLM\...\KMSpico v5.1_is1) (Version: 5.1 - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mozilla Thunderbird 31.6.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 31.6.0 (x86 en-US)) (Version: 31.6.0 - Mozilla)
NVIDIA Graphics Driver 305.46 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 305.46 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.0613 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0613 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.206 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Quick Starter (HKLM\...\{EC36E2BC-86F7-44C9-84B2-93930F0FBDBF}) (Version: 1.0.0 - Samsung Electronics CO., LTD.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Recovery (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 6.0.5.0 - Samsung Electronics CO., LTD.)
S Agent (Version: 1.0.7 - Samsung Electronics CO., LTD.) Hidden
Settings (HKLM-x32\...\{52E5DE60-C96B-42CC-9A37-FE04725940AE}) (Version: 2.0.0 - Samsung Electronics CO., LTD.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Support Center (HKLM\...\{3D7275C7-8549-46AF-8B59-82A3EF301B31}) (Version: 2.0.8 - Samsung Electronics CO., LTD.)
Support Center FAQ (x32 Version: 1.0.0 - Samsung Electronics CO., LTD.) Hidden
SW Update (HKLM-x32\...\{49271148-3C6B-4F2B-B8C9-FFDE243B8FEA}) (Version: 2.0.15 - Samsung Electronics CO., LTD.)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.41459 - TeamViewer)
User Guide (HKLM-x32\...\{039EA659-E421-45C6-8913-BED5D69B5536}) (Version: 1.1.00 - Samsung Electronics CO., LTD.)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Whilokii 1.0.0 (HKLM\...\Whilokii) (Version: 1.0.0 - Whilokii) <==== ATTENTION
WinRAR 5.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
 
==================== Restore Points =========================
 
05-05-2015 14:58:04 Grammarly for Microsoft® Office Suite
15-05-2015 01:54:02 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0971463C-BFAC-458A-A26F-FB3F6720E795} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {1DCDDC31-DC5A-44D0-A5CA-31D072D3BC6A} - System32\Tasks\{60F6B94B-4F23-4696-B8FC-DF3488941EE4} => pcalua.exe -a C:\Users\BeaJames\AppData\Roaming\VOPackage\uninstall.exe
Task: {217F7CAF-DE1E-487C-8139-16134F5A5DD5} - System32\Tasks\{DEBFECA9-8709-4884-94A9-9E58A996A3D2} => pcalua.exe -a "C:\Program Files (x86)\Windows Live\Installer\wlarp.exe"
Task: {25D01A83-E291-4BBB-8FE3-2D17912F613B} - System32\Tasks\{B2006B40-5BD5-4A63-B5F2-D90AC45F46E2} => pcalua.exe -a D:\setup.exe -d D:\ -c /AUTORUN
Task: {3D84D5A1-D003-4E62-9DD2-B549527562DD} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-22] (Adobe Systems Incorporated)
Task: {4E7A3FC5-E9C9-4088-B0B9-D9E7AFF66A05} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {5F109F4E-A84C-4C6B-A06B-CA653F4CFD9F} - System32\Tasks\advRecovery => C:\Program Files\Samsung\Recovery\WCScheduler.exe [2012-08-23] (SEC)
Task: {76C809C5-3E2C-4C76-9E54-1A2C0950DE6B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {783527CF-27C9-46A4-89BB-26BBF85E14E7} - System32\Tasks\Settings => C:\Program Files (x86)\Samsung\Settings\sSettings.exe [2012-08-26] (Samsung Electronics CO., LTD.)
Task: {824D50E7-D75A-4231-850F-067840B6F25C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
Task: {8A4D98BB-9AF1-427F-A34D-9199F4D283D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {9F309A64-92DF-4B0B-A80F-12E922CAC4A8} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {A7F95140-3CAD-4707-A253-2131E44F59DD} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
Task: {B678A824-6470-4545-8928-3BCEF848CC7A} - System32\Tasks\SWUpdateAgent => C:\Program Files (x86)\Samsung\SW Update\SWMAgent.exe [2012-08-24] (Samsung Electronics CO., LTD.)
Task: {BE3E90D3-C867-429F-89A2-C74E5A8B33C8} - System32\Tasks\Registry Optimizer_UPDATES => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {C01BFCF9-6D80-437F-8D5F-E06490A9E2A5} - System32\Tasks\Registry Optimizer_DEFAULT => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: {C0FF0AA7-73B7-44A3-B23E-E51BC43333AD} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {C15A2912-E367-4360-8F91-3F069B4130ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-07-26] (Google Inc.)
Task: {C97158A8-935A-40E2-9120-ADE8D750D450} - System32\Tasks\{1BB09157-6A33-4ECA-8BF2-C318F974B59B} => pcalua.exe -a "C:\Program Files (x86)\Wondershare\Dr.Fone for Android\unins000.exe"
Task: {D3D999E6-7FE2-4901-85FF-BD0C649B4DF0} - System32\Tasks\{075060FE-97F8-493B-8025-47FA2497C6FF} => pcalua.exe -a C:\Users\BeaJames\AppData\Roaming\sweet-page\UninstallManager.exe -c  -ptid=cor
Task: {D5CF1342-8D30-45ED-B02B-5ED4BB52F112} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {D91BBE08-7CF7-495C-890A-23774D52082B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {E56C89E8-4589-42F3-890E-088A01AC6DA6} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-10] (Microsoft Corporation)
Task: {E6064CF0-8D4A-47ED-A11F-61AD6F3EC7F3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
Task: {E8A7F1BC-17EE-4A43-97AD-320629FFE7BB} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {F43F4C97-34E7-4898-827C-DE65681984DF} - System32\Tasks\SAgent => C:\Program Files\Samsung\S Agent\CommonAgent.exe [2012-08-17] (Samsung Electronics CO., LTD.)
Task: {F78F67E5-FE53-4B58-B329-1937BFACC9A0} - System32\Tasks\{4F7C3BB0-158F-45C2-B2A0-442D7366A7BC} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
Task: {FE04776E-BAAA-4B1C-8FED-26BB85EE0FC0} - System32\Tasks\WLANStartup => C:\Program Files (x86)\Samsung\Easy Settings\WLANStartup.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Registry Optimizer_DEFAULT.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\WINDOWS\Tasks\Registry Optimizer_UPDATES.job => C:\Program Files (x86)\WinZip Registry Optimizer\Winzipro.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2015-03-23 11:00 - 2015-03-23 10:59 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\loggingserver.exe
2012-08-26 11:48 - 2012-08-26 11:48 - 00076920 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdServer.exe
2012-10-01 20:36 - 2012-10-01 20:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-10-04 01:42 - 2013-10-04 01:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-07-18 22:44 - 2013-06-10 08:09 - 00377000 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll
2013-07-18 22:44 - 2013-06-10 08:09 - 00518824 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll
2013-07-18 22:44 - 2013-06-10 08:09 - 00612520 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll
2015-03-23 11:00 - 2015-03-23 10:59 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.3.0\log4cplusU.dll
2012-10-01 20:37 - 2012-10-01 20:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00211064 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\WinCRT.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00028280 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmdWrapper.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 01015416 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsCmd.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\EasySettingsBase.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00056440 _____ () C:\Program Files (x86)\Samsung\Settings\CmdServer\HookDllPS2.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00026232 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsAPI.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00110712 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsBase.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00029816 _____ () C:\Program Files (x86)\Samsung\Settings\EasyMovieEnhancer.dll
2012-08-26 11:48 - 2012-08-26 11:48 - 00091768 _____ () C:\Program Files (x86)\Samsung\Settings\EasySettingsCmdClient.dll
2015-05-23 12:49 - 2015-05-23 12:49 - 00043008 _____ () c:\users\beajames\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp4ua1zl.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2012-08-30 06:23 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 04:34 - 2012-06-08 04:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2015-05-01 12:31 - 2015-04-28 04:07 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libglesv2.dll
2015-05-01 12:31 - 2015-04-28 04:07 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\libegl.dll
2012-08-30 06:00 - 2012-06-25 20:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2015-05-01 12:31 - 2015-04-28 04:07 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.135\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D346F792
 
==================== Safe Mode (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1001\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\BeaJames\Pictures\everton tower.jpg
DNS Servers: 10.0.0.2
 
==================== MSCONFIG/TASK MANAGER Error getting ==
 
(Currently there is no automatic fix for this section.)
 
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "ETDCtrl"
HKLM\...\StartupApproved\Run32: => "Adobe Reader Speed Launcher"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "AVG_UI"
HKLM\...\StartupApproved\Run32: => "Norton Online Backup"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "vProt"
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\StartupApproved\Run: => "Quick Starter"
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\...\StartupApproved\Run: => "swg"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{52341655-840C-4C37-9E4B-F6B75878CB3C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{06027478-E1CC-4F43-ABB3-CD30480E144C}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{945B4615-1B16-4032-B2FA-81EAAF4B3657}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A24489DB-2690-4A6D-A7F4-79F3E07C3088}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{CC6E3AEF-A946-4F95-AD15-413EAFF20075}] => (Allow) C:\Users\BeaJames\AppData\Local\Temp\7zS4F9D.tmp\SymNRT.exe
FirewallRules: [{96965651-6D89-449D-8AC9-5639EA8DC2C5}] => (Allow) C:\Users\BeaJames\AppData\Local\Temp\7zS4F9D.tmp\SymNRT.exe
FirewallRules: [{ABDF6257-2AD1-40F7-A02D-F22CEAE034E2}] => (Allow) C:\Users\BeaJames\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7C99E22A-10D0-4A94-9A67-C2132246D7EB}] => (Allow) C:\Users\BeaJames\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{03696939-B871-4B46-B45F-C07BDD2D3C00}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{E07EA600-CE64-46A0-9601-3608F8424153}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{A1EB2E3D-5B2C-43C6-A827-3088F7EA9899}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{DE719B66-D26D-4DAB-A80F-1DD110F0137D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{806C70B7-4A56-4559-9618-0A49876EA574}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{11E99DE7-4F7F-4C94-8093-014F6226B1D7}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{5927EB72-BCE1-4299-99F3-0B6380FD83A6}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{8664C9F5-CEEF-462C-A5C3-F45974016767}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [TCP Query User{644CD1C3-F667-4C14-AECF-40790663DA0A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{84D4DDBE-69E9-479B-AB01-7562843A442B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{F4F9DFFC-4CB0-488B-86D6-912349D16CF0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{FAE1A87A-357D-434A-B3A0-768F00F57F0F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{075A1218-63AC-42A3-84C7-C97C79DCD6FA}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{3D7E3A08-8107-4840-8243-440FAFF3BE82}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{19A15ECB-90CC-4CE6-B845-0EE23143E7B1}] => (Allow) C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{7DE26C8D-6B61-4416-9AA0-16EC95C92639}] => (Allow) C:\Users\BeaJames\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{9E40AB92-164D-49A7-A190-5D7516A0B1C6}C:\users\beajames\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\beajames\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{A2B3BA56-AE77-461B-A617-B5A544A1D095}C:\users\beajames\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\beajames\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{45D43F0D-D232-43CA-B3E8-FC280429DB42}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{6C36AFA0-9F07-491C-BE30-C32716DEC311}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{2261C3DA-2DA0-45FC-88AF-231BC7EFEC04}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{843B2DC5-C887-4BD3-AEC2-47A60AE3072D}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{0392EDDC-25FB-44FD-A8B4-09D4711F7484}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{B57E3C48-E9A5-49CE-9FD0-5D2787697A13}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
FirewallRules: [{F92155F8-0853-4A7F-B2C2-6EF2A1A98345}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{8728F3AD-DF7E-416B-A326-1215045799EF}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{AFFCC5E9-4FFD-46CA-9B2C-EF4EF8240E5D}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [{A11AB51B-B745-474B-9B13-3578F21EC322}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
FirewallRules: [TCP Query User{BC2FC7D7-34FD-42EA-BE7F-696CAC57A7B5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{2581A7EA-52F7-40AF-BADD-48AED94D1E16}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{E7B1E9BE-57D4-4429-8650-531F729E6D5E}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{55963D38-9953-4D56-AB10-87D1272D3B8D}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{BB67920E-6C18-499E-803A-2E3AF7A99463}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{19CF0AF1-28EB-4A96-BB31-2B51DB672B16}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9F62E5A2-66B1-4FF4-A855-E6AFCD41A401}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E9B1AC9C-DE30-452D-9A51-5A8FCED34BDD}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6E4712E2-2FD9-47A0-8555-D606CDCD7336}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8A20FBCE-3F3D-4CDE-848B-40FD4794F709}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F1799204-8CEA-43BD-8242-29C16F87F8E8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{83740946-F6FD-4E4F-A8A6-BA46EC57B60C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4D653AD1-C53F-47BA-B369-2EA8F100DCC3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2BB88DA9-9488-4C01-B0E0-E81B5217ED27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{283E79D5-2D96-4951-B401-9D75A371B7DF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/23/2015 00:50:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CommonAgent.exe, version: 1.0.7.5, time stamp: 0x502ddd20
Faulting module name: CommonAgent.exe, version: 1.0.7.5, time stamp: 0x502ddd20
Exception code: 0x40000015
Fault offset: 0x0000000000183835
Faulting process id: 0x154c
Faulting application start time: 0xCommonAgent.exe0
Faulting application path: CommonAgent.exe1
Faulting module path: CommonAgent.exe2
Report Id: CommonAgent.exe3
Faulting package full name: CommonAgent.exe4
Faulting package-relative application ID: CommonAgent.exe5
 
Error: (05/23/2015 11:54:17 AM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10055] An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full)
 
Error: (05/23/2015 11:53:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (05/23/2015 04:05:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/22/2015 07:29:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/22/2015 03:54:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/20/2015 06:55:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/19/2015 06:48:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/18/2015 03:30:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (05/17/2015 08:09:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Dependent Assembly Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
 
System errors:
=============
Error: (05/23/2015 00:48:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG WatchDog service failed to start due to the following error: 
%%1053
 
Error: (05/23/2015 00:48:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVG WatchDog service to connect.
 
Error: (05/23/2015 00:48:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVGIDSAgent service failed to start due to the following error: 
%%1053
 
Error: (05/23/2015 00:48:01 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the AVGIDSAgent service to connect.
 
Error: (05/23/2015 00:37:20 PM) (Source: DCOM) (EventID: 10010) (User: Bea)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (05/23/2015 00:36:49 PM) (Source: DCOM) (EventID: 10010) (User: Bea)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (05/12/2015 11:39:59 AM) (Source: DCOM) (EventID: 10010) (User: Bea)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (05/11/2015 08:33:04 AM) (Source: DCOM) (EventID: 10010) (User: Bea)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (05/11/2015 08:32:34 AM) (Source: DCOM) (EventID: 10010) (User: Bea)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (05/05/2015 03:08:46 PM) (Source: DCOM) (EventID: 10010) (User: Bea)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
 
Microsoft Office:
=========================
Error: (05/23/2015 00:50:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CommonAgent.exe1.0.7.5502ddd20CommonAgent.exe1.0.7.5502ddd20400000150000000000183835154c01d0954623bf4b02C:\Program Files\Samsung\S Agent\CommonAgent.exeC:\Program Files\Samsung\S Agent\CommonAgent.exe765aba0b-0139-11e5-bf0a-50b7c3396e1d
 
Error: (05/23/2015 11:54:17 AM) (Source: Python Service) (EventID: 255) (User: )
Description: Exception : HTTPConnectionPool(host='127.0.0.1', port=35600): Max retries exceeded with url: /run_scheduled_task (Caused by <class 'socket.error'>: [Errno 10055] An operation on a socket could not be performed because the system lacked sufficient buffer space or because a queue was full)
 
Error: (05/23/2015 11:53:32 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
 
Error: (05/23/2015 04:05:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd10\Activate.exe
 
Error: (05/22/2015 07:29:08 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd10\Activate.exe
 
Error: (05/22/2015 03:54:50 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd10\Activate.exe
 
Error: (05/20/2015 06:55:59 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd10\Activate.exe
 
Error: (05/19/2015 06:48:37 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd10\Activate.exe
 
Error: (05/18/2015 03:30:55 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd10\Activate.exe
 
Error: (05/17/2015 08:09:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd10\Activate.exe
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 58%
Total physical RAM: 3797.53 MB
Available physical RAM: 1589.56 MB
Total Pagefile: 4629.54 MB
Available Pagefile: 1974.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:672.73 GB) (Free:459.46 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: A630F053)
 
Partition: GPT Partition Type.
 
==================== End of log ============================

 


  • 0

Advertisements

#2
zep516
Posted 23 May 2015 - 12:36 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions! :)

Be with you with instructions shortly
  • 0

#3
Ice205
Posted 23 May 2015 - 02:47 PM

Ice205

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts

Thank you very much


  • 0

#4
zep516
Posted 23 May 2015 - 05:17 PM

zep516

    Trusted Helper

  • Malware Removal
  • 8,093 posts
Hello,

First do this:
Farber Recovery Scanner needs to be running from the desktop. You have it in the downloads folder. Please move to desktop
To do that:
  • Navagate to your downloads folder--> C:\Users\BeaJames\Downloads
  • In the downloads folder find FRST (Farber recovery scan tool)
  • Right click on it,Choose cut.
  • Go back to the desktop.
  • On an empty space right click, choose paste.
  • Farber will now have been successfully moved to desktop.
  • No need to another scan after doing that.

    Please remove these programs from your programs an features list, Start > Control panel > Programs an features. (Windows 8 users: Learn how to access the Control Panel) In the list find the program listed below and uninstall it.
Whilokii 1.0.0
If a program will not remove, skip it and keep following instructions please.

Next
A few items to fix

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.
 
start
CloseProcesses:
CreateRestorePoint:
C:\Program Files (x86)\Common Files\AVG Secure Search
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
HKU\S-1-5-21-3602199943-3102315252-1166656674-1002\Software\Microsoft\Internet Explorer\Main,Start Page = https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.3.0.885&pid=safeguard&sg=&sap=hp
URLSearchHook: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 - (No Name) - {D8278076-BC68-4484-9233-6E7F1628B56C} - No File
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {247500F5-A4C4-4D41-9F76-9B0F81EDE707} URL = http://search.condui...6092158030&UM=2
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.as...q={searchTerms}
Toolbar: HKU\S-1-5-21-3602199943-3102315252-1166656674-1002 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
FF DefaultSearchEngine: sweet-page
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: sweet-page
FF Keyword.URL: 
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.3.0\\npsitesafety.dll No File
FF Plugin HKU\S-1-5-21-3602199943-3102315252-1166656674-1001: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Plugin HKU\S-1-5-21-3602199943-3102315252-1166656674-1002: @lightspark.github.com/Lightspark;version=1 -> C:\Program Files (x86)\Lightspark 0.5.3-git\nplightsparkplugin.dll No File
FF Extension: Whilokii - C:\Users\BeaJames\AppData\Roaming\Mozilla\Firefox\Profiles\2p3n2739.default\Extensions\{fed5e6b2-4fc4-43ba-8e95-001d959d8008}.xpi [2014-02-04]
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://home.sweetim.com/?crg=3.1010000.10011&barid={FD65F796-194C-11E2-A4CB-B8AC6F6546A7}", "https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=hp"
CHR DefaultSearchKeyword: Default -> mysearch.avg.com
CHR DefaultSearchURL: Default -> https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=&sap=dsp&q={searchTerms}
CHR DefaultNewTabURL: Default -> https://mysearch.avg...sa&d=2014-02-0819:57:02&v=18.1.9.799&pid=safeguard&sg=
CHR DefaultSuggestURL: Default -> http://toolbar.avg.c...earchTerms}&o=1
CHR Profile: C:\Users\BeaJames\AppData\Local\Google\Chrome\User Data\Default
S3 ew_hwusbdev; \SystemRoot\system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; \SystemRoot\System32\drivers\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; \SystemRoot\system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_cdcecm; \SystemRoot\system32\DRIVERS\ew_jucdcecm.sys [X]
S3 huawei_enumerator; \SystemRoot\System32\drivers\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; \SystemRoot\System32\drivers\ew_juextctrl.sys [X]
S3 huawei_wwanecm; \SystemRoot\system32\DRIVERS\ew_juwwanecm.sys [X]
2015-05-22 15:01 - 2013-08-30 18:37 - 00000310 _____ () C:\WINDOWS\Tasks\Registry Optimizer_DEFAULT.job
2015-05-20 09:37 - 2013-08-30 18:37 - 00000318 _____ () C:\WINDOWS\Tasks\Registry Optimizer_UPDATES.job 
2015-05-15 17:00 - 2013-11-08 19:27 - 00000416 _____ () C:\WINDOWS\Tasks\Wise Turbo Checker.job
Task: {1DCDDC31-DC5A-44D0-A5CA-31D072D3BC6A} - System32\Tasks\{60F6B94B-4F23-4696-B8FC-DF3488941EE4} => pcalua.exe -a C:\Users\BeaJames\AppData\Roaming\VOPackage\uninstall.exe
C:\Users\BeaJames\AppData\Roaming\VOPackage
Task: {824D50E7-D75A-4231-850F-067840B6F25C} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe
C:\Program Files (x86)\Norton Internet Security\Engine
Task: {D5CF1342-8D30-45ED-B02B-5ED4BB52F112} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
C:\Program Files (x86)\RegClean Pro
Task: {E6064CF0-8D4A-47ED-A11F-61AD6F3EC7F3} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D346F792
CMD: ipconfig /flushdns
hosts:
Emptytemp:
end
Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

Next

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the logfile button and the log will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner
  • Next

    thisisujrt.gif Please download Junkware Removal Tool to your Desktop.
    Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
    Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
    The tool will open and start scanning your system.
    Please be patient as this can take a while to complete, depending on your system's specifications.
    On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
    Please post the contents of JRT.txt into your reply.

    In your next reply post;
    • Fixlog.txt, that log will be found on the desktop after fix has finished
    • The AdwCleaner [SO].txt Log
    • The JRT.txt Log

  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP