My computer seems to be having some issues. Anytime I try to open specifically mozilla firefox my computer begins to go into thinking mode and basically freezes up my ability to click on anything (though i can move my mouse around).
I tried to run my avast smart scan and when that didnt work (it didnt get passed the add-ons portion) i came to these forums and started downloading and trying a number of junk removal programs including combofix, junk removal, adcleaner, panda, avg. Ive finally given in though as the problem still persists.
-I can work in Google Chrome for some reason.
Your help would be much appreciated.
Here is my FRST/addition log
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-05-2016
Ran by Leah (administrator) on LEAH-PC (21-05-2016 08:41:25)
Running from C:\Users\Leah\Desktop
Loaded Profiles: Leah (Available Profiles: Leah)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Safe Mode (with Networking)
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\Leah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leah\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Leah\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [IntelWirelessWiMAX] => C:\Program Files\Intel\WiMAX\Bin\WiMAXCU.exe [1626112 2011-12-01] (Intel® Corporation)
HKLM\...\Run: [TUCCDUtil] => C:\Program Files (x86)\Mct Corp\UVTP100\Driver\TUCCDUTIL\TUCCD.exe [1896656 2016-01-11] (Magic Control Technology Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-03-18] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [640376 2008-10-01] (Adobe Systems Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6133520 2015-11-08] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-08-06] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2015-04-10] (Oracle Corporation)
HKLM-x32\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-04-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [107520 2016-03-18] (Panda Security, S.L.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-176779348-953494555-136863877-1000\...\Run: [Fitbit Connect] => C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe [4567720 2015-10-28] (Fitbit, Inc.)
HKU\S-1-5-21-176779348-953494555-136863877-1000\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
HKU\S-1-5-21-176779348-953494555-136863877-1000\...\Run: [Google Update] => C:\Users\Leah\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-10-26] (Google Inc.)
HKU\S-1-5-18\...\Run: [KSS] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-26] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Kaspersky Software Updater Beta.lnk [2016-04-26]
ShortcutTarget: Kaspersky Software Updater Beta.lnk -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Software Updater Beta\ksu.exe (AO Kaspersky Lab)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{52CE0747-8895-4849-B152-EEBEC8D4F82B}: [DhcpNameServer] 75.75.76.76 75.75.75.75
Tcpip\..\Interfaces\{5F778D39-3EDB-4894-B6FD-25373D063BA7}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A2B969B0-A4F4-4EF7-9AC6-AE51A85E54D9}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-176779348-953494555-136863877-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-176779348-953494555-136863877-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-176779348-953494555-136863877-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_tb
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-26] (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-10-26] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-26] (AVAST Software)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-10-26] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-28] (Google Inc.)
Toolbar: HKU\S-1-5-21-176779348-953494555-136863877-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-28] (Google Inc.)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} hxxps://juniper.net/dana-cached/sc/JuniperSetupClient.cab
FireFox:
========
FF ProfilePath: C:\Users\Leah\AppData\Roaming\Mozilla\Firefox\Profiles\p9t3a6rl.default
FF DefaultSearchEngine: Yahoo
FF SearchEngineOrder.1: Yahoo
FF SearchEngineOrder.2:
FF SelectedSearchEngine: Yahoo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_242.dll [2016-05-20] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll [2016-05-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-10-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-176779348-953494555-136863877-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\Leah\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-176779348-953494555-136863877-1000: @talk.google.com/O1DPlugin -> C:\Users\Leah\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-176779348-953494555-136863877-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-176779348-953494555-136863877-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Leah\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Leah\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=840_pr__alt__ddc_dsssyc_bd_com"
CHR Plugin: (Shockwave Flash) - C:\Users\Leah\AppData\Local\Google\Chrome\Application\21.0.1180.83\PepperFlash\pepflashplayer.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Users\Leah\AppData\Local\Google\Chrome\Application\50.0.2661.102\gcswf32.dll => No File
CHR Plugin: (Native Client) - C:\Users\Leah\AppData\Local\Google\Chrome\Application\50.0.2661.102\ppGoogleNaClPluginChrome.dll => No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Leah\AppData\Local\Google\Chrome\Application\50.0.2661.102\pdf.dll => No File
CHR Plugin: (Google Update) - C:\Users\Leah\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll => No File
CHR Profile: C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-05]
CHR Extension: (YouTube) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-27]
CHR Extension: (Google Search) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Avast SafePrice) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-02-09]
CHR Extension: (Google Docs Offline) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07]
CHR Extension: (Avast Online Security) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-05-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Extension: (Todo.ly) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\obhefmbclkekanpjjpkbciloojcmpkap [2012-08-31]
CHR Extension: (Gmail) - C:\Users\Leah\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-10-26]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-10-26]
StartMenuInternet: Google Chrome.BMIN4BP3UXMWY3K5UM55SOK5Q4 - C:\Users\Leah\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-26] (AVAST Software)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-10-26] (Avast Software)
S2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1078544 2016-04-22] (AVG Technologies CZ, s.r.o.)
S2 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [514048 2011-11-30] (Red Bend Ltd.) [File not signed]
S2 Fitbit Connect; C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe [5906088 2015-10-28] (Fitbit, Inc.)
S2 GManager; C:\Windows\system32\GManager.exe [313432 2012-08-28] ()
S2 kss; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\kss.exe [1556448 2015-12-15] (AO Kaspersky Lab)
S2 MlPatch; C:\Windows\system32\MlPatch.exe [2244912 2014-08-22] ()
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [150528 2016-03-18] (Panda Security, S.L.)
S2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73176 2016-02-22] (Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2016-03-17] (Panda Security, S.L.)
S2 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [979456 2011-11-30] (Intel® Corporation) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-26] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-26] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-26] (AVAST Software)
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-08] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-26] (AVAST Software)
S0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-26] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
U5 GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [33240 2012-08-21] (GEAR Software Inc.)
S3 mctkmd; C:\Windows\system32\drivers\mctkmd64.sys [172752 2016-01-12] (Magic Control Technology Corporation)
R0 mctkmdldr; C:\Windows\System32\drivers\mctkmdldr64.sys [19584 2011-04-08] (Magic Control Technology Corporation)
S3 MctUsbAudio; C:\Windows\System32\DRIVERS\MctFlt.sys [22320 2015-03-10] (Windows ® Win 7 DDK provider)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-10-26] (AVAST Software)
S1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [94456 2015-12-04] (Panda Security, S.L.)
S1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [201464 2015-12-04] (Panda Security, S.L.)
S1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [110840 2015-12-04] (Panda Security, S.L.)
S1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [110840 2015-12-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [48912 2015-04-27] (Panda Security, S.L.)
S1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [103160 2015-12-04] (Panda Security, S.L.)
S1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [80592 2016-03-14] (Panda Security, S.L.)
S1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [124152 2015-12-04] (Panda Security, S.L.)
S1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [300280 2015-12-04] (Panda Security, S.L.)
S1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [177424 2016-02-17] (Panda Security, S.L.)
S1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [113400 2015-12-04] (Panda Security, S.L.)
S1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [264976 2016-02-17] (Panda Security, S.L.)
S1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [106232 2015-12-04] (Panda Security, S.L.)
S2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [171792 2016-02-16] (Panda Security, S.L.)
S2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [127248 2016-02-16] (Panda Security, S.L.)
S1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [205072 2016-02-16] (Panda Security, S.L.)
S2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [131344 2016-02-16] (Panda Security, S.L.)
S2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [144656 2016-02-23] (Panda Security, S.L.)
S2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [114960 2016-02-16] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [61712 2015-05-22] (Panda Security, S.L.)
S3 t5usb64; C:\Windows\System32\drivers\t5usb64.sys [141064 2016-01-19] (Magic Control Technology Corporation)
S2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-10-26] (Avast Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-21 08:41 - 2016-05-21 08:42 - 00021817 _____ C:\Users\Leah\Desktop\FRST.txt
2016-05-21 08:40 - 2016-05-21 08:40 - 02382336 _____ (Farbar) C:\Users\Leah\Desktop\FRST64.exe
2016-05-21 08:37 - 2016-05-21 08:41 - 00000000 ____D C:\FRST
2016-05-21 08:37 - 2016-05-21 08:37 - 02382336 _____ (Farbar) C:\Users\Leah\Downloads\FRST64.exe
2016-05-20 08:51 - 2016-05-20 08:51 - 05995712 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2016-05-19 21:45 - 2016-05-19 21:45 - 00000000 ____D C:\Users\Leah\AppData\Roaming\Panda Security
2016-05-19 21:45 - 2015-05-22 04:45 - 00061712 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2016-05-19 21:44 - 2016-05-19 21:45 - 00002199 _____ C:\Users\Public\Desktop\Panda Free Antivirus.lnk
2016-05-19 21:44 - 2016-05-19 21:45 - 00000000 ____D C:\Program Files (x86)\Panda Security
2016-05-19 21:44 - 2016-05-19 21:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Free Antivirus
2016-05-19 21:42 - 2016-05-19 21:45 - 00000000 ____D C:\ProgramData\Panda Security
2016-05-19 21:42 - 2016-05-19 21:42 - 02252720 _____ (Panda Security, S.L.) C:\Users\Leah\Downloads\PANDAFREEAV.exe
2016-04-26 23:36 - 2016-04-26 23:36 - 00003444 _____ C:\Users\Leah\Desktop\JRT.txt
2016-04-26 23:34 - 2016-04-26 23:34 - 01610008 _____ (Malwarebytes) C:\Users\Leah\Downloads\JRT.exe
2016-04-26 23:25 - 2016-04-26 23:25 - 00000000 ____D C:\Users\Leah\AppData\Local\CEF
2016-04-26 23:15 - 2016-04-26 23:15 - 00001101 _____ C:\Users\Public\Desktop\Kaspersky Software Updater Beta.lnk
2016-04-26 23:15 - 2016-04-26 23:15 - 00001061 _____ C:\Users\Public\Desktop\Kaspersky Security Scan.lnk
2016-04-26 23:15 - 2016-04-26 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Software Updater Beta
2016-04-26 23:15 - 2016-04-26 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Security Scan
2016-04-26 23:15 - 2016-04-26 23:15 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-04-26 23:15 - 2016-04-26 23:15 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2016-04-26 23:14 - 2016-04-26 23:14 - 00000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2016-04-26 23:13 - 2016-04-26 23:13 - 02622792 _____ (Kaspersky Lab) C:\Users\Leah\Downloads\kss16.0.0.1344en_ru_de_fr_es_pt_it_zh-hans_nl_pl_tr_cs_ko_id_vi_ar_fa_zh-hant_9328.exe
2016-04-26 22:48 - 2016-04-26 22:48 - 00000000 ____D C:\KVRT_Data
2016-04-26 22:47 - 2016-04-26 22:48 - 94827432 _____ (Kaspersky Lab ZAO) C:\Users\Leah\Downloads\KVRT.exe
2016-04-23 09:58 - 2016-04-23 09:58 - 00023957 _____ C:\ComboFix.txt
2016-04-23 09:46 - 2011-06-26 02:45 - 00256000 _____ C:\Windows\PEV.exe
2016-04-23 09:46 - 2010-11-07 13:20 - 00208896 _____ C:\Windows\MBR.exe
2016-04-23 09:46 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2016-04-23 09:46 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2016-04-23 09:46 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2016-04-23 09:46 - 2000-08-30 20:00 - 00098816 _____ C:\Windows\sed.exe
2016-04-23 09:46 - 2000-08-30 20:00 - 00080412 _____ C:\Windows\grep.exe
2016-04-23 09:46 - 2000-08-30 20:00 - 00068096 _____ C:\Windows\zip.exe
2016-04-23 09:44 - 2016-04-23 09:58 - 00000000 ____D C:\Qoobox
2016-04-23 09:43 - 2016-04-23 09:56 - 00000000 ____D C:\Windows\erdnt
2016-04-23 09:43 - 2016-04-23 09:43 - 05660058 ____R (Swearware) C:\Users\Leah\Downloads\ComboFix.exe
2016-04-23 09:42 - 2016-04-23 09:42 - 37409400 _____ (Malwarebytes ) C:\Users\Leah\Downloads\MBARW_Setup.exe
2016-04-23 09:05 - 2016-04-23 09:08 - 00000000 ____D C:\AdwCleaner
2016-04-23 09:05 - 2016-04-23 09:05 - 03683904 _____ C:\Users\Leah\Downloads\AdwCleaner.exe
2016-04-23 08:25 - 2016-04-23 08:25 - 00000862 _____ C:\Users\Public\Desktop\AVG.lnk
2016-04-23 08:25 - 2016-04-23 08:25 - 00000000 ____D C:\Users\Leah\AppData\Local\MFAData
2016-04-23 08:25 - 2016-04-23 08:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-04-23 08:25 - 2016-04-23 08:25 - 00000000 ____D C:\ProgramData\MFAData
2016-04-23 08:23 - 2016-04-23 08:25 - 00000000 ____D C:\ProgramData\Avg
2016-04-23 08:23 - 2016-04-23 08:25 - 00000000 ____D C:\Program Files (x86)\AVG
2016-04-23 08:22 - 2016-04-23 08:25 - 00000000 ____D C:\Users\Leah\AppData\Local\AvgSetupLog
2016-04-23 08:22 - 2016-04-23 08:22 - 02946480 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Leah\Downloads\AVG_Protection_1472.exe
2016-04-23 08:22 - 2016-04-23 08:22 - 00000000 ____D C:\Users\Leah\AppData\Local\Avg
2016-04-23 07:08 - 2016-04-26 22:32 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-23 07:08 - 2016-04-23 07:08 - 00001104 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-23 07:08 - 2016-04-23 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-23 07:08 - 2016-04-23 07:08 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-23 07:08 - 2016-04-23 07:08 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-23 07:08 - 2016-03-10 14:09 - 00064896 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-23 07:08 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-23 07:08 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-23 07:07 - 2016-04-23 07:07 - 22851472 _____ (Malwarebytes ) C:\Users\Leah\Downloads\mbam-setup-2.2.1.1043.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-05-21 08:32 - 2015-10-27 07:22 - 03076606 _____ C:\Windows\ntbtlog.txt
2016-05-21 08:13 - 2012-08-21 18:42 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-05-21 08:11 - 2015-10-26 18:54 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-21 08:11 - 2012-08-21 19:31 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000UA.job
2016-05-21 03:59 - 2009-07-14 00:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-05-21 03:59 - 2009-07-14 00:45 - 00021088 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-05-20 21:11 - 2015-10-26 18:53 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-20 17:37 - 2015-11-06 20:04 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-05-20 17:30 - 2015-12-09 22:27 - 00002812 _____ C:\Windows\system32\GManager.ini
2016-05-20 17:29 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-05-20 17:23 - 2012-08-21 19:32 - 00002370 _____ C:\Users\Leah\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-20 10:55 - 2015-10-26 18:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2016-05-20 08:54 - 2012-08-21 18:42 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-05-20 08:53 - 2012-08-21 18:42 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-05-20 08:53 - 2012-08-21 18:42 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-05-20 07:41 - 2009-07-14 00:45 - 00531656 _____ C:\Windows\system32\FNTCACHE.DAT
2016-05-19 21:45 - 2012-08-20 20:57 - 00133664 _____ C:\Users\Leah\AppData\Local\GDIPFONTCACHEV1.DAT
2016-05-19 21:45 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-05-19 21:21 - 2012-08-21 19:31 - 00000000 ____D C:\Users\Leah\AppData\Local\Google
2016-05-19 21:06 - 2015-10-26 18:54 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-05-19 21:06 - 2015-10-26 18:53 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-05-19 21:06 - 2012-08-21 19:31 - 00003872 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000UA
2016-05-19 21:06 - 2012-08-21 19:31 - 00003476 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000Core
2016-05-19 21:06 - 2012-08-21 19:31 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000Core.job
2016-04-23 09:54 - 2009-07-13 22:34 - 00000215 _____ C:\Windows\system.ini
2016-04-23 09:08 - 2014-07-10 08:34 - 00000000 ____D C:\Users\Leah\AppData\Roaming\Yahoo!
2016-04-23 09:08 - 2014-07-10 08:34 - 00000000 ____D C:\Users\Leah\AppData\LocalLow\Yahoo!
2016-04-23 09:08 - 2014-07-10 08:34 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-04-23 07:27 - 2010-11-21 03:17 - 00000000 ____D C:\Windows\CSC
2016-04-21 22:03 - 2012-08-21 21:35 - 00000000 ____D C:\Users\Leah\AppData\Roaming\vlc
2016-04-21 15:05 - 2010-11-20 23:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Files to move or delete:
====================
C:\Users\Leah\KENPAVE.exe
Some files in TEMP:
====================
C:\Users\Leah\AppData\Local\Temp\avguirn_08248499285.exe
C:\Users\Leah\AppData\Local\Temp\{13066A6E-1E0A-4A84-8329-F6F80CED133A}.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-04-29 00:29
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:21-05-2016
Ran by Leah (2016-05-21 08:42:24)
Running from C:\Users\Leah\Desktop
Windows 7 Professional Service Pack 1 (X64) (2012-08-21 00:46:03)
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-176779348-953494555-136863877-500 - Administrator - Disabled)
Guest (S-1-5-21-176779348-953494555-136863877-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-176779348-953494555-136863877-1002 - Limited - Enabled)
Leah (S-1-5-21-176779348-953494555-136863877-1000 - Administrator - Enabled) => C:\Users\Leah
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Reader X (10.1.4) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.4 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.4.2233 - AVAST Software)
AVG (HKLM\...\AvgZen) (Version: 1.51.2.3593 - AVG Technologies)
AVG Zen (Version: 1.51.58 - AVG Technologies) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Fitbit Connect (HKLM-x32\...\{6EB73D9D-645E-415B-8008-83C3CB865968}) (Version: 2.0.1.6742 - Fitbit Inc.)
FMW 1 (Version: 1.73.2 - AVG Technologies) Hidden
Google Chrome (HKU\S-1-5-21-176779348-953494555-136863877-1000\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.)
Google Earth Pro (HKLM-x32\...\{35DAA04C-1720-4BE3-A920-A03731EC6A1D}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.7619.1252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2696 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5F588B19-C575-4750-86FD-6ED2B76E61F1}) (Version: 7.00.0000 - Intel Corporation)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Java 7 Update 80 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417080FF}) (Version: 7.0.800 - Oracle)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Juniper Networks Network Connect 7.4.0 (HKLM-x32\...\Juniper Network Connect 7.4.0) (Version: 7.4.0.30611 - Juniper Networks)
Juniper Networks Network Connect 8.0 (HKLM-x32\...\Juniper Network Connect 8.0) (Version: 8.0.8.33771 - Juniper Networks)
Juniper Networks Setup Client (HKU\S-1-5-21-176779348-953494555-136863877-1000\...\Juniper_Setup_Client) (Version: 8.0.8.52215 - Juniper Networks)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Terminal Services Client (HKU\S-1-5-21-176779348-953494555-136863877-1000\...\Juniper_Term_Services) (Version: 8.0.8.33771 - Juniper Networks)
Kaspersky Security Scan (HKLM-x32\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C5}) (Version: 16.0.0.1344 - Kaspersky Lab)
Kaspersky Security Scan (x32 Version: 16.0.0.1344 - Kaspersky Lab) Hidden
Kaspersky Software Updater Beta (HKLM-x32\...\InstallWIX_{A19807B6-6057-456E-A560-A2A04862C1C6}) (Version: 1.5.1.202 - Kaspersky Lab)
Kaspersky Software Updater Beta (x32 Version: 1.5.1.202 - Kaspersky Lab) Hidden
KENPAVE (HKLM-x32\...\ST6UNST #1) (Version: - )
K-Lite Codec Pack 9.2.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.2.0 - )
Logos 5 Prerequisites (HKLM-x32\...\{6DA1E579-2E4D-4AF4-85F5-FB73C6531610}) (Version: 5.16.0880 - Logos Bible Software)
Logos Bible Software 5 (HKLM-x32\...\{BC8CB361-6566-4EDB-87BE-4B470AE664A0}) (Version: 5.16.950 - Logos Bible Software)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mathcad 15 M010 (HKLM-x32\...\{8FD0167F-A752-467A-86BE-3728D71F68B8}) (Version: 15.0.1.0 - PTC)
Mathcad PDSi viewable support (HKLM-x32\...\Mathcad PDSi viewable support) (Version: 9.0.0 - Adobe Systems)
Mathcad PDSi viewable support (x32 Version: 9.0.0 - Adobe Systems) Hidden
Mathcad Prime 2.0 (HKLM\...\{1D9A78F1-FDC7-45D8-8145-B6462CA82240}) (Version: 2.0 - PTC)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
On-Screen Takeoff (HKLM-x32\...\{8BF3AF44-C518-4236-BD62-E637D86C6C16}) (Version: 3.8.3.203 - On Center Software, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.01.02.0000 - Panda Security)
Panda Free Antivirus (Version: 8.21.00 - Panda Security) Hidden
QuickTime 7 (HKLM-x32\...\{80CEEB1E-0A6C-45B9-A312-37A1D25FDEBC}) (Version: 7.78.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.54.309.2012 - Realtek)
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-176779348-953494555-136863877-1000\...\Spotify) (Version: 0.8.4.124.ga3559d86 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Trigger External Graphics Family 16.01.0113.0179 (HKLM-x32\...\{81C5AD1D-C7C6-48AC-AC85-8F04293B1780}) (Version: 16.01.0113.0179 - MCT Corp)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-176779348-953494555-136863877-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Leah\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {14EDAF2D-AA23-4475-9725-0B97892641AB} - \Yahoo! Search -> No File <==== ATTENTION
Task: {177BDA36-E75B-47AE-BD4D-709D4E38E157} - System32\Tasks\{60293089-BBCD-460D-8DDA-A5538FF0A636} => pcalua.exe -a "C:\Users\Leah\Downloads\setup (1).exe" -d C:\Users\Leah\Downloads
Task: {1B71C1F6-8417-421E-BC2A-0CFC742746B5} - \DriverRestore_ScheduledScan -> No File <==== ATTENTION
Task: {1D7A18BF-579C-4D1D-9CF6-DA836609EF9D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000UA => C:\Users\Leah\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-26] (Google Inc.)
Task: {31E411E0-6C80-4324-B275-0F40508A1228} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-03-05] (AVAST Software)
Task: {48D9219E-76DC-46E3-99AC-9336C34EBF4A} - System32\Tasks\{D9D83C7C-76F5-429E-96A4-84EE10389AC9} => pcalua.exe -a D:\setup.exe -d D:\
Task: {52643C01-CAB1-42AB-83D4-F0141D9F7804} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-26] (Google Inc.)
Task: {57B1480F-8F58-480C-BAB5-7A7F19426118} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-10-26] (AVAST Software)
Task: {8EE5B3E3-0475-4492-A002-A2AE70AF1295} - \BrowserSafeguard Update Task -> No File <==== ATTENTION
Task: {C535B57A-2A7B-4EE1-9DF3-4708229A70FA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-05-20] (Adobe Systems Incorporated)
Task: {E71962A2-68A3-4459-A5CD-7139BA2ECCF9} - \DriverRestore_DailyScan -> No File <==== ATTENTION
Task: {F12D05DF-3C66-4C13-B960-DD87D5212C1F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {F3B136BD-42F1-40EB-9B6B-CB1CD98A03A8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000Core => C:\Users\Leah\AppData\Local\Google\Update\GoogleUpdate.exe [2015-10-26] (Google Inc.)
Task: {FF18F2E3-DF33-4342-8F76-303709083632} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-26] (Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000Core.job => C:\Users\Leah\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-176779348-953494555-136863877-1000UA.job => C:\Users\Leah\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2015-12-15 13:17 - 2015-12-15 13:17 - 00618544 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2016-05-20 17:22 - 2016-05-11 07:48 - 17565848 _____ () C:\Users\Leah\AppData\Local\Google\Chrome\Application\50.0.2661.102\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MSIServer => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2016-04-23 09:54 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-176779348-953494555-136863877-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Leah\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.76.76 - 75.75.75.75
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{9B8C7432-D288-437F-BC22-D7A87AD1685D}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{5D5C6FB7-4839-4C8D-8732-BB95C7CA80F3}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{CC3EC1F1-F333-41E7-8F3F-4979EAAED081}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe
FirewallRules: [{1EE7F594-8D3E-4CF2-BDBF-927623A5DDA9}] => (Allow) C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe
FirewallRules: [{08DA7E6B-FB84-4E53-B500-390B3050532E}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [TCP Query User{5F9B15BF-1CA0-43AB-925A-DC2F649AF886}C:\users\leah\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leah\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{154A8445-0054-4831-BAD7-D4F01F21C7C6}C:\users\leah\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\leah\appdata\roaming\spotify\spotify.exe
FirewallRules: [{D5271DA2-135B-47BE-A499-F36D42F69326}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F72F418C-059E-4451-B879-8401A6886CB1}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{00ADA3E7-6A78-4D17-AC6E-0A5BCEA0068A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3CA5CD24-C610-48D2-B0EE-70B72A8AF767}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C94DDD0E-2B68-4D85-BB9C-4A6052B0E289}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{761CE9E2-81EF-4941-A936-E36EEB743F4F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E7687810-CF0C-493F-B0BC-66BE2A892013}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B39A3BD2-DACB-49B7-9208-72867C07ED20}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7EE82305-AF78-4833-BF7A-8F8F8C888D1D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{7C5C4C04-C1F8-4097-AF47-C7A475590D86}C:\users\leah\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\leah\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{653A7600-49C7-400A-93B6-5BD3F8EFD4F7}C:\users\leah\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\leah\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{D84B72AF-6E17-4740-94F6-56E2D3CD8B1E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{35C3585F-C707-43FC-9883-C77F4FDC140C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{818A7530-C9C2-48E6-AA2D-1A6D12688D17}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Restore Points =========================
21-05-2016 00:00:08 Scheduled Checkpoint
21-05-2016 02:37:55 Windows Update
==================== Faulty Device Manager Devices =============
Name: Universal Serial Bus (USB) Controller
Description: Universal Serial Bus (USB) Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PLDS DVD+-RW DS-8A8SH ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.
Name: avast! Revert
Description: avast! Revert
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswRvrt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft Virtual WiFi Miniport Adapter #3
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: avast! VM Monitor
Description: avast! VM Monitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: aswVmm
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: USB2.0-CRW
Description: USB2.0-CRW
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2016 08:32:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/21/2016 08:27:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2016 05:32:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ZeroConfigService.exe, version: 15.1.1.2, time stamp: 0x4f746f5a
Faulting module name: MurocApi.dll, version: 15.1.1.1, time stamp: 0x4f746e76
Exception code: 0xc0000005
Fault offset: 0x000000000002be1b
Faulting process id: 0x1274
Faulting application start time: 0xZeroConfigService.exe0
Faulting application path: ZeroConfigService.exe1
Faulting module path: ZeroConfigService.exe2
Report Id: ZeroConfigService.exe3
Error: (05/20/2016 05:32:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/20/2016 10:53:31 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Kaspersky Security Scan because of this error.
Program: Kaspersky Security Scan
File: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan\libcef.dll
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
Additional Data
Error value: C0000185
Disk type: 3
Error: (05/20/2016 10:53:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: kss.exe, version: 16.0.0.1344, time stamp: 0x566fed39
Faulting module name: libcef.dll, version: 3.2357.1281.0, time stamp: 0x559bdb75
Exception code: 0xc0000006
Fault offset: 0x0010e60c
Faulting process id: 0x8f4
Faulting application start time: 0xkss.exe0
Faulting application path: kss.exe1
Faulting module path: kss.exe2
Report Id: kss.exe3
Error: (05/20/2016 08:50:33 AM) (Source: ESENT) (EventID: 104) (User: )
Description: wuaueng.dll (1228) SUS20ClientDataStore: The database engine stopped the instance (0) with error (-1090).
Error: (05/20/2016 08:35:57 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1228) SUS20ClientDataStore: An attempt to write to the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 1078788096 (0x00000000404d0000) for 32768 (0x00008000) bytes failed after wuaueng.dll0 seconds with system error 1117 (0x0000045d): "The request could not be performed because of an I/O device error. ". The write operation will fail with error -1022 (0xfffffc02). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (05/20/2016 08:35:57 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1228) SUS20ClientDataStore: An attempt to write to the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 1087799296 (0x0000000040d68000) for 32768 (0x00008000) bytes failed after wuaueng.dll0 seconds with system error 1117 (0x0000045d): "The request could not be performed because of an I/O device error. ". The write operation will fail with error -1022 (0xfffffc02). If this error persists then the file may be damaged and may need to be restored from a previous backup.
Error: (05/20/2016 08:35:57 AM) (Source: ESENT) (EventID: 482) (User: )
Description: wuaueng.dll (1228) SUS20ClientDataStore: An attempt to write to the file "C:\Windows\SoftwareDistribution\DataStore\DataStore.edb" at offset 1087766528 (0x0000000040d60000) for 32768 (0x00008000) bytes failed after wuaueng.dll0 seconds with system error 1117 (0x0000045d): "The request could not be performed because of an I/O device error. ". The write operation will fail with error -1022 (0xfffffc02). If this error persists then the file may be damaged and may need to be restored from a previous backup.
System errors:
=============
Error: (05/21/2016 08:42:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
Error: (05/21/2016 08:42:29 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068
CodeIntegrity:
===================================
Date: 2016-04-23 09:54:04.378
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-04-23 09:54:04.316
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i7-3612QM CPU @ 2.10GHz
Percentage of memory in use: 16%
Total physical RAM: 8094.36 MB
Available physical RAM: 6789.46 MB
Total Virtual: 16186.9 MB
Available Virtual: 14954.93 MB
==================== Drives ================================
Drive c: (OSDisk) (Fixed) (Total:917.84 GB) (Free:633.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: E75DA0BD)
Partition 1: (Not Active) - (Size=917.8 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=13.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================