here is a copy of the file


Results of screen317's Security Check version 0.99.96
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Ad-Aware Antivirus
AVG AntiVirus Free Edition 2015
Antivirus out of date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Out of date HijackThis installed!
HijackThis 2.0.2
CCleaner
Java 8 Update 31
Java(TM) SE Runtime Environment 6
Java(TM) 6 Update 3
Java(TM) 6 Update 5
Java 2 Runtime Environment, SE v1.4.2_03
Java version 32-bit out of Date!
Java 64-bit 8 Update 31
Adobe Flash Player 16.0.0.305
Adobe Reader XI
Mozilla Firefox (35.0.1)
````````Process Check: objlist.exe by Laurent````````
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
AVG avgwdsvc.exe
AVG avgrsx.exe
AVG avgnsx.exe
AVG avgemc.exe
Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.5.202.7299\AdAwareService.exe
Lavasoft Ad-Aware Antivirus Ad-Aware Antivirus 11.5.202.7299\AdAwareTray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 14% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````

Okay, posting for my dad as his computer started reporting registry errors a month ago.
Now, Windows won't start and we just get black screen.
Can only boot to Safe Mode
Already tried Windows Repair Disc Startup Repair and Memory Check, both reported no problems
MalwareBytes scan done, quarantined around 300 non-threat items but log file didn't copy.

Any Ideas? Thanks!

Computer Details:
Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Professional, Service Pack 1, 64 bit
Processor: Intel(R) Pentium(R) CPU G640 @ 2.80GHz, Intel64 Family 6 Model 42 Stepping 7
Processor Count: 2
RAM: 3979 Mb
Graphics Card: Intel(R) HD Graphics, 1797 Mb
Hard Drives: C: Total - 467491 MB, Free - 282616 MB; E: Total - 9244 MB, Free - 1028 MB;
Motherboard: Hewlett-Packard, 2ADE
Antivirus: Microsoft Security Essentials, Disabled

HiJack This Reported Problem:
Error #52: Bad File Name Or Number
modMain_CheckOther4Item()

HJT Log:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 4:29:32 PM, on 2/14/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17631)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Rick\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPCOM13/19
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.0.5.7\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [RemoteControl10] "c:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Carbonite Backup] C:\Program Files (x86)\Carbonite\Carbonite Backup\CarboniteUI.exe
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2015\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (cleanup)] "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Broadcom Management Agent (BrcmMgmtAgent) - Broadcom Corporation - C:\Program Files\Broadcom\MgmtAgent\BrcmMgmtAgent.exe
O23 - Service: CarboniteService - Carbonite, Inc. (www.carbonite.com) - C:\Program Files\Carbonite\Carbonite Backup\carboniteservice.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater18.2.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.2.0\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 10637 bytes

My laptop is very slow and constantly says drivers have failed or certain things have stopped working. I have ran various anti virus programs in the past including Eset, AVG and Avira. I have tried to remove the version of Avira to allow another installation of a new anti virus program but it doesnt seem to be able to delete, even when I try and use Hijack this...i'm not clued up with PC technology so any help would be greatly appreciated.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft® Windows Vista™ Home Premium, Service Pack 2, 64 bit
Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz, Intel64 Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 3934 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family, 1839 Mb
Hard Drives: C: Total - 295183 MB, Free - 171722 MB;
Motherboard: Sony Corporation, VAIO
Antivirus: None

My RM gave me an old laptop of his after breaking mine problem is it's likely very badly infected with adware, malware, and other things (He let me know this ahead of time.) I got the computer about two weeks ago now and I've taken a few preliminary steps that enabled it to function passably, so far I've tried; re-installing/resetting to defualts of the browsers, malwarebytes, and registry mechanic (Is this program even worth my time? It came on the computer and it seemed legit so I ran it.) It had a version of McAffee trial, or was trially activated (or something, I don't pay much attention to McAffe since it costs money) prior to my recieving it that I removed since it was expired but was likely on most of the computers life prior to this week (and when it got the adware).

These fixes worked for a week or so and then the browsers (Chrome/I.E.) all slowed way down, specifically when loading any e-mail site (loading would take +5 minutes for any inbox, whereas video-streaming/live gaming loaded as normal.) Shortly after they got adware; various tool bars, ads that replace google results, Video pop-ups, ect. Subsequently I had to reinstal the browsers because they were no longer usable at all, seemingly internet was conected but I think the various malware/adware progroms running at once ground the browsers completely to a stand-still. So at this point my fixes have pretty much completely not worked, though I'm now using Hotspot Shield while surfing the internet and on a fresh browser install/reset, the browser itself is running fine (though I haven't tested this extensively other then reinstalling and googling this forum to get help that can permently solve the problem.)

It's also possible that, this computer being publicly used in a house of five people, sometime over the past week has contracted some form of malware/adware from internet use (again.) So, in addition to help solving the strange browser problems than recur I would like a recomendation for a free browser that is generally less suceptible to these sorts of things, and/or if there is a malware program that is both good and forces users to enter a password to enter infected sites or anything like that would be super nice.

Hi I have a windows 7 32 bit machine. I tried removing the program reg pro cleaner and for the most part got rid of most of it. When I turn on my computer though I get a window that pops up with the Reg Pro Cleaner screen on my desktop. I can close the window in the tray and i'm fine. I'm thinking that something is still in the registry causing this.It's not in the add remove programs anymore and I've run many programs including malwarebytes but nothing finds it any help would be appreciated. I included a log file from hijack this

Attached Files

hijackthis.log (7.4 KB)

At least we can discard problems with the disk. I will try to remove an entry from the Boot Configuration, that refused before.

Download the enclosed file. Save it in the same location FRST is saved. Open FRST as you did before, except that this time around click on the Fix button and wait. The tool will produce a log, fixlog.txt. Please post its contents in a reply.

Try to boot in Normal Mode and let me know the outcome.

Attached Files

fixlist.txt (115 Bytes)

In Chrome, Firefox and IE all attempts to go to google.com and gmail.com time out.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 7 Home Premium, Service Pack
1, 64 bit
Processor: Genuine Intel(R) CPU U7300 @ 1.30GHz, Intel64
Family 6 Model 23 Stepping 10
Processor Count: 2
RAM: 4061 Mb
Graphics Card: Mobile Intel(R) 4 Series Express Chipset Family,
1806 Mb
Hard Drives: C: Total - 119232 MB, Free - 10777 MB; D: Total -
342706 MB, Free - 163001 MB;
Motherboard: ASUSTeK Computer Inc., UL30VT
Antivirus: Avira Desktop, Updated and Enabled

It's not a virus. If you restored to factory settings that should have fixed it.

What is your operating system?

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015 Ran by Kiki at 2015-02-16 15:31:56 Running from C:\Users\Kiki\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-580036346-627319681-1680345914-1000\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) 64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0.1 - Adobe Systems Incorporated) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated) Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.) Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ATI Catalyst Install Manager (HKLM\...\{DA0D8FDA-D538-1145-8BA2-6F22C4EB4F75}) (Version: 3.0.816.0 - ATI Technologies, Inc.) AuthenTec TrueAPI (Version: 1.2.1.33 - AuthenTec, Inc.) Hidden Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software) Beat Hazard (HKLM-x32\...\Steam App 49600) (Version: - Cold Beam Games) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Blasterball 3 (x32 Version: 2.2.0.95 - WildTangent) Hidden Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Bounce Symphony (x32 Version: 2.2.0.95 - WildTangent) Hidden Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.61 - Broadcom Corporation) Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden CCleaner (HKLM\...\CCleaner) (Version: 4.02 - Piriform) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3.2714 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.3908 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden Dora's World Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden Dropbox (HKU\S-1-5-21-580036346-627319681-1680345914-1000\...\Dropbox) (Version: 3.2.6 - Dropbox, Inc.) Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard) ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard) Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden FATE - The Traitor Soul (x32 Version: 2.2.0.95 - WildTangent) Hidden Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{5601F151-A69F-4E30-8C60-37928124CD07}) (Version: 4.1.9.1 - Hewlett-Packard Company) HP Connection Manager (HKLM-x32\...\{795AADBF-58C2-42D0-B779-E730702A247E}) (Version: 4.0.45.1 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{83A375B6-6FC2-4F8A-948E-E506DB9DCDF0}) (Version: 1.1.0.0 - Hewlett-Packard) HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.4 - WildTangent) HP MovieStore (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard) HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company) HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP) HP Power Manager (HKLM-x32\...\{E44578C7-4667-4124-8BC2-1161BCA54978}) (Version: 1.4.4 - Hewlett-Packard Company) HP Quick Launch (HKLM-x32\...\{285F722C-0E45-47DE-B38E-5B3B10FA4A7C}) (Version: 2.5.2 - Hewlett-Packard Company) HP Setup (HKLM-x32\...\{210A03F5-B2ED-4947-B27E-516F50CBB292}) (Version: 8.6.4530.3651 - Hewlett-Packard Company) HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13231.3673 - Hewlett-Packard Company) HP SimplePass 2011 (HKLM-x32\...\{BCFAA37D-A6DB-43BF-A351-43F183E52D07}) (Version: 5.1.0.495 - Hewlett-Packard) HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company) HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company) IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6345.0 - IDT) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation) Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.0.1002 - Intel Corporation) iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.) Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden jZip (HKU\S-1-5-21-580036346-627319681-1680345914-1000\...\jZip) (Version: 2.0.0.129577 - Bandoo Media Inc) C:\Users\Kiki\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-580036346-627319681-1680345914-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Kiki\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Restore Points ========================= 03-02-2015 11:32:03 Windows Update 06-02-2015 11:44:24 Windows Update 10-02-2015 18:16:00 Windows Update 11-02-2015 08:04:41 Windows Update 12-02-2015 09:41:57 Removed Google Drive 12-02-2015 09:46:11 Removed League of Legends 16-02-2015 13:00:44 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 18:34 - 2014-10-07 17:43 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {08F6AD92-D0A7-4646-B2C9-B8D5E3C5B7E1} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\SymErr.exe Task: {29FAAD32-4D9D-4B03-AC29-C90C7DA3EAA8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated) Task: {359AB406-A2DF-4686-8BB5-8B12380A1F1D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-25] (AVAST Software) Task: {4ACC6AD2-3CB8-4D8A-8459-A72EDFF20B5D} - System32\Tasks\Symantec\Norton Error Processor 18.5.0.125 => C:\Program Files (x86)\Norton Internet Security\Engine\18.5.0.125\SymErr.exe Task: {5172D77C-2450-4B7F-B9C5-EC099C88FD5A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {53348BE5-E898-4674-909E-0DE421228A9B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {55239295-5478-4305-B21A-C404D0D14DF3} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8F268689-F5EF-4AD1-8392-9C772CFC579D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2015-02-03] (Microsoft) Task: {92EAA20D-9CB1-4714-9AB1-CFCCE2FCA41B} - System32\Tasks\HPCeeScheduleForKIKI-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {9D42CB41-11D9-4581-B8BD-AA880D4D2180} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard) Task: {A1AB5C42-41F7-4BF9-B2CA-C0DD9879DD66} - System32\Tasks\GPUP => C:\Program Files (x86)\GetPrivate\gpup.exe C:\Users\Kiki\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-09] (Google Inc.) Task: {B3A1AADC-4FED-433F-A029-4E68A016BDCC} - System32\Tasks\Vosteran_helper => C:\Users\Kiki\AppData\Local\Vosteran\APPLIC~1\Vosteran\helper.exe C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-03-08] (CyberLink) Task: {BF11B480-7895-4784-9011-EA658304AAD5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd) Task: {CCA59145-E633-4351-90EB-AC644FBC81F5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated) Task: {CE039AB3-A5AF-413F-A762-068CEA967393} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CNBCDB4036 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-01-21] (Hewlett-Packard) Task: {DA14AE0A-8CA0-4E3C-94FE-620F15E3B6EB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {DAD6909C-7A30-4899-9C03-C69C682E4F75} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company) Task: {DF94E712-241F-4997-A307-189C7B2F73E1} - System32\Tasks\Chrome Launcher => C:\Program Files (x86)\Techsnab\Chrome Launcher\chrome-links.exe [2014-10-02] (Techsnab) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {E9C4678F-E031-49E0-8063-87F2BBF7E4BD} - System32\Tasks\HPCeeScheduleForKiki => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard) Task: {FEA07C5A-3F9A-4C93-971B-BA6FC9670808} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-580036346-627319681-1680345914-1000UA => C:\Users\Kiki\AppData\Local\Google\Update\GoogleUpdate.exe [2013-12-09] (Google Inc.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-580036346-627319681-1680345914-1000Core.job => C:\Users\Kiki\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-580036346-627319681-1680345914-1000UA.job => C:\Users\Kiki\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForKIKI-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\HPCeeScheduleForKiki.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\Vosteran_helper.job => C:\Users\Kiki\AppData\Local\Vosteran\APPLIC~1\Vosteran\helper.exe ""="service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-580036346-627319681-1680345914-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Kiki\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper. jpg DNS Servers: 192.168.1.1 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== Accounts: ============================= Administrator (S-1-5-21-580036346-627319681-1680345914-500 - Administrator - Disabled) Guest (S-1-5-21-580036346-627319681-1680345914-501 - Limited - Disabled) Kiki (S-1-5-21-580036346-627319681-1680345914-1000 - Administrator - Enabled) => C:\Users\Kiki ==================== Faulty Device Manager Devices ============= Name: bbnfd_1_10_0_6 Description: bbnfd_1_10_0_6 Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: bbnfd_1_10_0_6 Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: HP Service: StillCam Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Photosmart D110 series Description: Photosmart D110 series Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318} Manufacturer: HP Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (02/16/2015 00:59:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program SoftwareUpdate.exe version 2.1.3.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: b90 Start Time: 01d04a2a0264f25f Termination Time: 4 Application Path: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe Report Id: a94cb3cb-b61e-11e4-8b76-2c27d7b305f5 Error: (02/11/2015 07:15:38 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server returned an invalid or unrecognized response Error: (02/11/2015 07:08:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x5487dce3 Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception code: 0xc0000005 Fault offset: 0x00056b1d Faulting process id: 0xa6c Faulting application start time: 0xUA.exe0 Faulting application path: UA.exe1 Faulting module path: UA.exe2 Report Id: UA.exe3 Error: (02/11/2015 07:05:32 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 01:51:56 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server returned an invalid or unrecognized response Error: (02/11/2015 01:47:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x5487dce3 Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception code: 0xc0000005 Fault offset: 0x00056b1d Faulting process id: 0x13b4 Faulting application start time: 0xUA.exe0 Faulting application path: UA.exe1 Faulting module path: UA.exe2 Report Id: UA.exe3 Error: (02/11/2015 01:41:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 01:04:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 09:03:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: UA.exe, version: 1.0.0.1, time stamp: 0x5487dce3 Faulting module name: MSVCR90.dll, version: 9.0.30729.6161, time stamp: 0x4dace5b9 Exception code: 0xc0000005 Fault offset: 0x00056b1d Faulting process id: 0xfc4 Faulting application start time: 0xUA.exe0 Faulting application path: UA.exe1 Faulting module path: UA.exe2 Report Id: UA.exe3 Error: (02/05/2015 08:07:38 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (02/11/2015 07:05:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: bbnfd_1_10_0_6 Error: (02/11/2015 07:05:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect. Error: (02/11/2015 07:04:52 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: The previous system shutdown at 7:01:07 PM on ‎2/‎11/‎2015 was unexpected. Error: (02/11/2015 01:41:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: bbnfd_1_10_0_6 Error: (02/11/2015 01:41:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect. Error: (02/11/2015 01:04:24 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: bbnfd_1_10_0_6 Error: (02/11/2015 01:03:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect. Error: (02/11/2015 08:02:50 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service. Error: (02/05/2015 08:07:40 AM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: bbnfd_1_10_0_6 Error: (02/05/2015 08:07:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Optimizer Pro Crash Monitor service to connect. Microsoft Office Sessions: ========================= Error: (02/16/2015 00:59:28 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: SoftwareUpdate.exe2.1.3.127b9001d04a2a0264f25f4C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exea94cb3cb-b61e-11e4-8b76-2c27d7b305f5 Error: (02/11/2015 07:15:38 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server returned an invalid or unrecognized response Error: (02/11/2015 07:08:23 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: UA.exe1.0.0.15487dce3MSVCR90.dll9.0.30729.61614dace5b9c000000500056b1da6c01 d04670f791855aC:\Users\Kiki\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\Windows\ WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2e bcb7eb57\MSVCR90.dll674da038-b264-11e4-8b76-2c27d7b305f5 Error: (02/11/2015 07:05:32 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 01:51:56 PM) (Source: CVHSVC) (EventID: 100) (User: ) Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server returned an invalid or unrecognized response Error: (02/11/2015 01:47:57 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: UA.exe1.0.0.15487dce3MSVCR90.dll9.0.30729.61614dace5b9c000000500056b1d13b40 1d0464432e07f1dC:\Users\Kiki\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\Windows \WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2 ebcb7eb57\MSVCR90.dlla3913b10-b237-11e4-ade0-2c27d7b305f5 Error: (02/11/2015 01:41:41 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 01:04:11 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (02/11/2015 09:03:55 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: UA.exe1.0.0.15487dce3MSVCR90.dll9.0.30729.61614dace5b9c000000500056b1dfc401 d0415e0f236927C:\Users\Kiki\AppData\Roaming\VERIZON\UA_ar\UA.exeC:\Windows\ WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2e bcb7eb57\MSVCR90.dllf5d6d22d-b20f-11e4-a2ff-2c27d7b305f5 Error: (02/05/2015 08:07:38 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i7-2630QM CPU @ 2.00GHz Percentage of memory in use: 60% Total physical RAM: 8139.86 MB Available physical RAM: 3210.8 MB Total Pagefile: 16277.91 MB Available Pagefile: 12464.23 MB Total Virtual: 8192 MB Available Virtual: 8191.83 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:684.02 GB) (Free:62.5 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive d: () (Fixed) (Total:698.63 GB) (Free:5.08 GB) NTFS Drive e: (RECOVERY) (Fixed) (Total:14.32 GB) (Free:1.59 GB) NTFS ==>[System with boot components (obtained from reading drive)] Drive g: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.08 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 1A3F0DFB) Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=684 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=14.3 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=103 MB) - (Type=0C) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 912F6315) Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS) ==================== End Of Log ============================

It will take a while to analyze the logs.
probably respond in the morning my time.

A couple of weeks ago I installed a "music dowloader" (I can't remember the name- something to do with "smiles" or "happy" or something), which, of course, ended up being a hugely virus-ridden file. McAfee caught something like 27 trojans (though my subscription is up so I have no idea what's going on with that), and I installed Avast and AVG virus removers immediately after to catch the rest, and ran a ShouldIRemoveIt scan to help me get rid of some of the files. I also went into the control panel and uninstalled anything else I could find that didn't look like it should be there- including the music downloader and I think two other nasty little files.

I didn't actually see any effects from any of these things, aside from the occasional ad page opening in a new tab whenever I was on Chrome, which stopped happening after Avast and AVG did their thing and I rebooted.

For a while, everything was fine. Then a few days later, Facebook wouldn't open on Chrome, and it instead showed me an error page that looked like this:



Which started happening for Tumblr as well, soon after.

I disabled all of Chrome's add-ons (which did nothing), cleared my cookies for Facebook (nothing), uninstalled Chrome, then reinstalled Chrome (worked for a while then stopped), tried restarting the computer (worked for a while then stopped), and then installed HerdProtect, which found something like 21 viruses and got rid of them. The problem stopped for a while.... and then continued. I installed Tor (a browser), which let me use Facebook and Tumblr again for a while, and then finally stopped working as well, with the same error. I tried IE, too, which had the same result. Yesterday I replaced the host file, which worked, until I restarted the computer again.

I have an Acer Aspire V5 running Windows 8.something, and aside from HerdProtect, I don't think I've installed anything new since the music downloader. I have uninstalled AVG, though.

I've also been having Yahoo hijack Google searches on and off for the last couple of months, but I'm not sure that's related, and I honestly can't even remember what was going on when that even started happening.

Thank you so much for reading, and stuff.

Hijackthis log attached.

Attached Files

log 2-16-15.txt (13.4 KB)

Hi,

Ok so I had a virus on my old computer so I did my standard fix of wiping and re installing windows. And after installing windows on initial start up, randomly my middle and left mouse button would spam/ghost press extremely fast. This would cause anything my mouse came across to open x10+ instances of whatever my mouse came across, cause all my tabs in browser to open in new tab and close when i click on them, also it would happen in game. So after trying a lot of things I was told on here i had the money and wanted to upgrade so I built a new computer. I bought all new parts (didn't use any pieces from my old pc, not even keyboard or mouse), installed windows, installed drivers, then the first time i connected to the internet BAM there it goes same thing as the old computer middle and left click button being spammed/ghost clicked rapidly. I am using a new mouse.keyboard, I moved so now i have a new internet service provider (had charter now have at&t), and a whole new pc. I can't do anything on my computer, sometimes i can't even turn it off with out pulling the plug. I have no idea what it is or how its possible I've been told by everyone i asked that they have no idea what it is.with the exception of this forum every time i put this out there all i get is "stop trolling" and "this is not possible Noob". I'm begining to think is some kind of something allowing someone to mess with my computer but i have no idea. By the way I'm Using Windows 8.1 64. Hope someone can help. Thanks


Not sure if this is allowed, if not sorry I'll delete it. The link is to a youtube video i just posted of what happens when it "goes crazy". It's kinda hard to see since soo much is happening. So what happens is the mouse starts ghost clicking and I don't touch anything just move the mouse around. What happens is it opens 100+ tabs of google chrome, 25+ tabs for the file icon. and a bunch of others. The screen keeps going black because it keeps loading Diablo 3. Hope this helps.

https://www.youtube.com/watch?v=0ZmX8mnX01w

Hello and welcome to TSG,

Use the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tuto...es-in-windows/

Next,

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it's always wise to create a backup before doing so.

• Please download ERUNT from one of the following links: Link1 | Link2 | Link3
• ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
• Double click on erunt-setup.exe to Install ERUNT by following the prompts.
• NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
• Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
• Choose a location for the backup.
  
• Note: the default location is C:\Windows\ERDNT which is acceptable.
  
• Make sure that at least the first two check boxes are selected.
  
  
  
• Click on OK
• Then click on YES to create the folder.
• Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Next,

Run the following scans and post the produced logs:

Step 1

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
• Press Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Step 2

Please download RogueKiller and save it to your desktop from the following link: http://www.bleepingcomputer.com/download/roguekiller/

• Quit all running programs.
• For Windows XP, double-click to start.
• For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
• Read and accept the EULA (End User Licene Agreement)
• Click Scan to scan the system.
• When the scan completes select "Report", log will open. Close the program > Don't Fix anything!
• Post back the report which should also be located here:

C:\Programdata\RogueKiller\Logs <-------- W7/8
C:\Documents and Settings\All Users\Application Data\RogueKiller\Logs <------XP

Thank you,

Kevin...

Barbaranna,
This next step is vital for any anti-malware help.
Nobody can help without knowing what system you have.
-------------------------------------------------------------------------
Download this utility and save it on your desktop.
http://static.techguy.org/download/SysInfo.exe
Run Sysinfo.exe and post the content of the brief log that results.

It tells you at the top of this forum that it's necessary.
" Everyone MUST read this BEFORE posting for help in this forum"

Tell me also whether you know how to download files to your desktop
Thanks,
askey127

Hi Nevan.

Here are the logs:

Thanks for your help.

Attached Files

	Addition.txt (20.7 KB)
	FRST.txt (71.5 KB)

If Asky127 is no longer available, anybody that can help is more than welcome to reply.

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: AMD E-300 APU with Radeon(tm) HD Graphics, AMD64 Family 20 Model 2 Stepping 0
Processor Count: 2
RAM: 1634 Mb
Graphics Card: AMD Radeon HD 6310 Graphics, 384 Mb
Hard Drives: C: Total - 279705 MB, Free - 122509 MB; D: Total - 23949 MB, Free - 2844 MB;
Motherboard: Hewlett-Packard, 188B
Antivirus: Windows Defender, Disabled

Help please bobrowser took over my laptop and I can't uninstall it,when I go to program removal it says to close all bobrowser windows but all browsers are closed. I also tried turning off bobrowser from my system tray so it wouldn't run in the background but it will not let me do anything when I right click on it nothing opens. Windows defender is enabled even though sysinfo says it is disabled I am running complete scan now. Can anyone help PLEASE!

Any remaining issues or concerns?

We were e-mailing some pictures to our daughter in NC when alerts kept popping up about viruses and malware. The pop-ups wouldn't close, so I decided to shut-down via the desktop. (at that point I realized the alerts were malware, see attachment)

When I shut-down via the desktop, a windows message came up asking if I wanted to update system files upon re-start, and I said yes. It appeared to be a valid windows message unlike the previous malware alerts I was getting.

Nothing has changed, and the pop-ups continue. I ran a full scan on Kaspersky and no issues were found.

Would appreciate your assistance,
Mike

Attached Files

	Tech Support Guy System Info Utility version 1.docx (11.7 KB)
	Screenshot 1 malware-virus .docx (128.9 KB)
	Screenshot 2 malware-virus .docx (163.9 KB)

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows XP Professional, Service Pack 3, 32 bit
Processor: Genuine Intel(R) CPU 2140 @ 1.60GHz, x86 Family 6 Model 15 Stepping 2
Processor Count: 2
RAM: 2046 Mb
Graphics Card: ATI Radeon X1050, 1 Mb
Hard Drives: C: Total - 49999 MB, Free - 15907 MB; E: Total - 39997 MB, Free - 8277 MB; F: Total - 62628 MB, Free - 27931 MB;
Motherboard: Gigabyte Technology Co., Ltd., P35-DS3L
Antivirus: AVG update module, Updated: Yes, On-Demand Scanner: Enabled

Hello! It seems my computer has been infected with the Cryptowall 3.0 virus. I've ran several scanners: AVG, Malwarebytes, Microsoft Safety Scanner, JRT, and Adwcleaner, and when I run the computer on a regular boot-up I still receive the help_decrypt popups. I also have the help_decrypt files all over the various drives. Any help in removing this virus is appreciated. At the moment, I'm not concerned with decrypting any files. I just want the computer to be clean of it. Thank you!