Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

just checking


  • Please log in to reply

#1
jeffcaissie

jeffcaissie

    Member

  • Member
  • PipPipPip
  • 160 posts

just tinking i should chek if my laptop can run smoother 

it's a vista 32 bit

 

u might not want to help me but i like torrent-ing

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-10-2016
Ran by Levy (administrator) on LEVY-PC (01-11-2016 13:05:41)
Running from C:\Users\Levy\Desktop
Loaded Profiles: Levy (Available Profiles: Levy)
Platform: Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_559ad4ac\stacsv.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_559ad4ac\AEstSrv.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(the sz development) C:\Program Files\DoroPDFWriter\DoroServer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(BitTorrent Inc.) C:\Users\Levy\AppData\Roaming\uTorrent\uTorrent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(BitTorrent Inc.) C:\Users\Levy\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
(BitTorrent Inc.) C:\Users\Levy\AppData\Roaming\uTorrent\updates\3.4.9_42606\utorrentie.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ====================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9083840 2016-10-15] (AVAST Software)
HKLM\...\Run: [DoroServer] => C:\Program Files\DoroPDFWriter\DoroServer.exe [208896 2016-02-20] (the sz development)
HKLM\...\RunOnce: [20161024] => "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" "C:\Program Files\AVAST Software\Avast\0ba91ced-92c5-4fda-a031-c0015f54a1c8\dba9e6df-1d09-447b-8e91-cbe18717b826.dll",[email protected]
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => C:\Windows\system32\oobefldr.dll [2153472 2009-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\Run: [uTorrent] => C:\Users\Levy\AppData\Roaming\uTorrent\uTorrent.exe [1977536 2016-10-06] (BitTorrent Inc.)
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [5503768 2015-02-19] (Piriform Ltd)
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-19] (Microsoft Corporation)
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\Run: [GoogleChromeAutoLaunch_8E86D586736E8EDBAAA0A5E83C2D4956] => C:\Users\Levy\AppData\Local\Chromium\Application\chrome.exe [667136 2015-08-11] (The Chromium Authors)
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\AvastSS.scr [53208 2016-08-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2016-08-30] (AVAST Software)
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Restriction ? <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{DDD3BB7E-442A-42B6-9826-E9A611AB1239}: [DhcpNameServer] 192.168.2.1 192.168.2.1
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_39&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzy0B0DyBtA0AyEyCyD0BtC0DtN0D0Tzu0StCyBtAtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAzz0D0C0D0AyCyCtGyBtB0BzytG0Fzy0F0FtGyD0DtD0AtGtDyEtDtCtB0FyDyByD0EtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyC0BtB0ByEyByEtGyByB0FyCtGyEtAtDyDtG0BtCyCtDtGyCyD0CtD0EzyzzyD0CtDzztD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtDyD%26cr%3D528312090%26a%3Dwbf_fsvideosft_16_39%26os_ver%3D6%26os%3DWindows%2BVista%2B™%2BHome%2BBasic
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_39&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzy0B0DyBtA0AyEyCyD0BtC0DtN0D0Tzu0StCyBtAtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAzz0D0C0D0AyCyCtGyBtB0BzytG0Fzy0F0FtGyD0DtD0AtGtDyEtDtCtB0FyDyByD0EtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyC0BtB0ByEyByEtGyByB0FyCtGyEtAtDyDtG0BtCyCtDtGyCyD0CtD0EzyzzyD0CtDzztD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtDyD%26cr%3D528312090%26a%3Dwbf_fsvideosft_16_39%26os_ver%3D6%26os%3DWindows%2BVista%2B™%2BHome%2BBasic
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_39&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzy0B0DyBtA0AyEyCyD0BtC0DtN0D0Tzu0StCyBtAtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAzz0D0C0D0AyCyCtGyBtB0BzytG0Fzy0F0FtGyD0DtD0AtGtDyEtDtCtB0FyDyByD0EtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyC0BtB0ByEyByEtGyByB0FyCtGyEtAtDyDtG0BtCyCtDtGyCyD0CtD0EzyzzyD0CtDzztD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtDyD%26cr%3D528312090%26a%3Dwbf_fsvideosft_16_39%26os_ver%3D6%26os%3DWindows%2BVista%2B™%2BHome%2BBasic&p={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_39&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzy0B0DyBtA0AyEyCyD0BtC0DtN0D0Tzu0StCyBtAtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAzz0D0C0D0AyCyCtGyBtB0BzytG0Fzy0F0FtGyD0DtD0AtGtDyEtDtCtB0FyDyByD0EtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyC0BtB0ByEyByEtGyByB0FyCtGyEtAtDyDtG0BtCyCtDtGyCyD0CtD0EzyzzyD0CtDzztD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtDyD%26cr%3D528312090%26a%3Dwbf_fsvideosft_16_39%26os_ver%3D6%26os%3DWindows%2BVista%2B™%2BHome%2BBasic&p={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_39&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzy0B0DyBtA0AyEyCyD0BtC0DtN0D0Tzu0StCyBtAtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAzz0D0C0D0AyCyCtGyBtB0BzytG0Fzy0F0FtGyD0DtD0AtGtDyEtDtCtB0FyDyByD0EtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyC0BtB0ByEyByEtGyByB0FyCtGyEtAtDyDtG0BtCyCtDtGyCyD0CtD0EzyzzyD0CtDzztD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtDyD%26cr%3D528312090%26a%3Dwbf_fsvideosft_16_39%26os_ver%3D6%26os%3DWindows%2BVista%2B™%2BHome%2BBasic&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_fsvideosft_16_39&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtBtCzy0B0DyBtA0AyEyCyD0BtC0DtN0D0Tzu0StCyBtAtAtN1L2XzutAtFtByEtFtByDtFyDtDtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2StAzz0D0C0D0AyCyCtGyBtB0BzytG0Fzy0F0FtGyD0DtD0AtGtDyEtDtCtB0FyDyByD0EtD0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2StDyC0BtB0ByEyByEtGyByB0FyCtGyEtAtDyDtG0BtCyCtDtGyCyD0CtD0EzyzzyD0CtDzztD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtDyEtDyD%26cr%3D528312090%26a%3Dwbf_fsvideosft_16_39%26os_ver%3D6%26os%3DWindows%2BVista%2B™%2BHome%2BBasic&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-30] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2015-02-25] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-10]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-10]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
 
Chrome: 
=======
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Default -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default [2016-11-01]
CHR Extension: (Google Slides) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-25]
CHR Extension: (Google Docs) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-25]
CHR Extension: (Google Drive) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Google Sheets) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-25]
CHR Extension: (Google Docs Offline) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-18]
CHR Extension: (Spell Checker for Chrome) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfpdnkkdgghlpdgldicfgnnnkhdfhocg [2015-08-04]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR Extension: (Gmail) - C:\Users\Levy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [pilplloabdedfmialnfchjomjmpjcoej] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_559ad4ac\aestsrv.exe [81920 2009-03-02] (Andrea Electronics Corporation) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [223600 2016-08-30] (AVAST Software)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [392168 2016-08-31] (Digital Wave Ltd.) [File not signed]
R2 HFGService; C:\Windows\System32\HFGService.dll [356864 2015-02-28] (CSR, plc)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_559ad4ac\STacSV.exe [221266 2009-06-29] (IDT, Inc.) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [4539392 2010-02-02] (Dell Inc.) [File not signed]
U4 AvastVBoxSvc; "C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe" [X]
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [34008 2016-08-30] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [35096 2016-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [92256 2016-08-30] (AVAST Software)
R0 aswNdis; C:\Windows\System32\DRIVERS\aswNdis.sys [12112 2015-03-20] (ALWIL Software)
R0 aswNdis2; C:\Windows\system32\Drivers\aswNdis2.sys [295840 2016-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64272 2016-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [60424 2016-08-30] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [735488 2016-09-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [433768 2016-09-22] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [184592 2016-08-30] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [66688 2016-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [224752 2016-10-15] (AVAST Software)
R3 BCM42RLY; C:\Windows\System32\drivers\BCM42RLY.sys [18424 2010-02-02] (Broadcom Corporation)
S3 BcmVWL; C:\Windows\System32\DRIVERS\bcmvwl32.sys [17144 2010-02-02] (Broadcom Corporation)
R3 BthAudioHF; C:\Windows\System32\DRIVERS\BthAudioHF.sys [29184 2015-02-28] (CSR, plc)
R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [28048 2010-02-05] (CSR, plc)
R3 BTHFILT; C:\Windows\System32\DRIVERS\BthFilt.sys [13824 2006-11-07] (CSR, plc)
R3 csr_a2dp; C:\Windows\System32\drivers\bthav.sys [66952 2010-02-05] (CSR, plc)
R3 LEqdUsb; C:\Windows\System32\Drivers\LEqdUsb.Sys [42264 2014-03-18] (Logitech, Inc.)
R3 LHidEqd; C:\Windows\System32\Drivers\LHidEqd.Sys [10136 2014-03-18] (Logitech, Inc.)
R3 STHDA; C:\Windows\System32\drivers\stwrt.sys [408576 2009-06-29] (IDT, Inc.) [File not signed]
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 btwaudio; system32\drivers\btwaudio.sys [X]
S3 btwavdt; system32\drivers\btwavdt.sys [X]
S3 btwrchid; system32\DRIVERS\btwrchid.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 tosporte; system32\DRIVERS\tosporte.sys [X]
S3 tosrfbnp; System32\Drivers\tosrfbnp.sys [X]
S3 Tosrfcom; System32\Drivers\tosrfcom.sys [X]
S3 Tosrfhid; system32\DRIVERS\Tosrfhid.sys [X]
S3 TosRfSnd; system32\drivers\tosrfsnd.sys [X]
U4 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-01 13:05 - 2016-11-01 13:06 - 00021106 _____ C:\Users\Levy\Desktop\FRST.txt
2016-11-01 13:02 - 2016-11-01 13:02 - 01758208 _____ (Farbar) C:\Users\Levy\Desktop\FRST.exe
2016-10-17 12:40 - 2016-10-17 12:40 - 00000000 ____D C:\Program Files\Common Files\Skype
2016-10-15 03:36 - 2016-09-10 12:02 - 02072064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-10-15 03:36 - 2016-09-09 12:15 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2016-10-15 03:36 - 2016-09-09 12:15 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2016-10-15 03:36 - 2016-09-09 12:15 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2016-10-15 03:36 - 2016-09-09 12:15 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2016-10-15 03:36 - 2016-09-09 11:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-10-15 03:36 - 2016-09-09 11:32 - 00486912 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2016-10-15 03:36 - 2016-09-09 11:23 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2016-10-15 03:36 - 2016-09-09 11:21 - 01073152 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2016-10-15 03:36 - 2016-09-09 11:21 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2016-10-15 03:35 - 2016-09-14 22:29 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-10-15 03:35 - 2016-09-14 21:01 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\INETRES.dll
2016-10-15 03:30 - 2016-09-10 13:28 - 01261056 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-10-15 03:30 - 2016-09-10 13:27 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\adsmsext.dll
2016-10-15 03:20 - 2016-09-03 12:50 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-10-15 03:04 - 2016-09-08 11:20 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-10-15 03:04 - 2016-09-08 11:20 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2016-10-15 03:02 - 2016-09-30 13:05 - 03610344 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-10-15 03:02 - 2016-09-30 13:05 - 03557608 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-10-14 17:11 - 2016-09-30 00:39 - 12859392 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-10-14 17:11 - 2016-09-30 00:39 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-10-14 17:11 - 2016-09-30 00:37 - 09731584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-10-14 17:11 - 2016-09-30 00:36 - 01831424 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-10-14 17:11 - 2016-09-30 00:36 - 01436160 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-10-14 17:11 - 2016-09-30 00:36 - 01095168 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-10-14 17:11 - 2016-09-30 00:36 - 01089024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-10-14 17:11 - 2016-09-30 00:36 - 00711168 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-10-14 17:11 - 2016-09-30 00:36 - 00232960 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2016-10-14 17:11 - 2016-09-30 00:36 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-10-14 17:11 - 2016-09-30 00:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-10-14 17:11 - 2016-09-30 00:35 - 01789952 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2016-10-14 17:11 - 2016-09-30 00:35 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2016-10-14 17:11 - 2016-09-30 00:35 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2016-10-11 10:25 - 2016-10-11 10:25 - 01065376 _____ (Google Inc.) C:\Users\Levy\Downloads\ChromeSetup.exe
2016-10-06 15:58 - 2016-10-18 00:11 - 00000000 ____D C:\Users\Levy\AppData\LocalLow\uTorrent
2016-10-06 15:58 - 2016-10-06 16:00 - 02375360 _____ (BitTorrent Inc.) C:\Users\Levy\Desktop\uTorrent.exe
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2016-11-01 13:06 - 2015-02-27 07:57 - 00000000 ____D C:\Users\Levy\AppData\Roaming\uTorrent
2016-11-01 13:05 - 2015-03-17 16:26 - 00000000 ____D C:\FRST
2016-11-01 13:01 - 2015-02-26 18:43 - 00000000 ____D C:\Users\Levy\AppData\Roaming\vlc
2016-11-01 12:15 - 2006-11-02 09:45 - 00004912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2016-11-01 12:15 - 2006-11-02 09:45 - 00004912 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2016-11-01 09:46 - 2015-05-10 00:23 - 00000000 ____D C:\Users\Levy\AppData\Roaming\Skype
2016-11-01 06:03 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\inf
2016-10-30 18:16 - 2015-02-25 19:00 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-10-29 21:15 - 2015-02-25 19:00 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-10-29 03:51 - 2015-02-26 00:04 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2016-10-26 12:42 - 2006-11-02 07:33 - 00758370 _____ C:\Windows\system32\PerfStringBackup.INI
2016-10-21 11:37 - 2015-05-10 00:22 - 00000000 ____D C:\ProgramData\Skype
2016-10-18 00:10 - 2015-02-26 00:04 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2016-10-18 00:09 - 2006-11-02 09:58 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-10-18 00:06 - 2015-02-27 19:57 - 00002140 _____ C:\Windows\bthservsdp.dat
2016-10-18 00:06 - 2006-11-02 09:58 - 00032608 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2016-10-17 12:40 - 2016-06-14 07:29 - 00000000 ___RD C:\Program Files\Skype
2016-10-15 04:16 - 2006-11-02 08:18 - 00000000 ____D C:\Windows\rescache
2016-10-15 04:08 - 2015-03-20 20:37 - 00224752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2016-10-15 03:59 - 2006-11-02 09:44 - 00271704 _____ C:\Windows\system32\FNTCACHE.DAT
2016-10-15 03:57 - 2015-05-09 23:33 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-10-15 03:53 - 2006-11-02 09:35 - 00000000 ____D C:\Windows\system32\XPSViewer
2016-10-15 03:18 - 2015-02-25 22:04 - 00000000 ____D C:\Windows\system32\MRT
2016-10-15 03:06 - 2006-11-02 07:24 - 141042968 ____C (Microsoft Corporation) C:\Windows\system32\mrt.exe
2016-10-15 03:05 - 2015-05-09 23:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-10-11 10:30 - 2015-02-25 19:06 - 00001983 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-11 10:30 - 2015-02-25 19:06 - 00001971 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-02 21:52 - 2016-09-29 18:08 - 00000000 ____D C:\Program Files\ByteFence
 
==================== Files in the root of some directories =======
 
2015-02-25 18:25 - 2016-03-18 09:39 - 0001356 _____ () C:\Users\Levy\AppData\Local\d3d9caps.dat
2015-02-27 04:34 - 2015-05-20 10:40 - 0009216 _____ () C:\Users\Levy\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-10 09:42 - 2015-07-10 09:42 - 0000000 _____ () C:\Users\Levy\AppData\Local\{EDD5840F-39D3-4229-8F37-20FB194DC0AB}
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2016-11-01 02:09
 
==================== End of FRST.txt ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-10-2016
Ran by Levy (01-11-2016 13:07:36)
Running from C:\Users\Levy\Desktop
Microsoft® Windows Vista™ Home Basic  Service Pack 2 (X86) (2015-02-26 01:17:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-3490811228-1277515905-2465933896-500 - Administrator - Disabled)
Guest (S-1-5-21-3490811228-1277515905-2465933896-501 - Limited - Disabled)
Levy (S-1-5-21-3490811228-1277515905-2465933896-1000 - Administrator - Enabled) => C:\Users\Levy
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Avast Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Avast Internet Security (HKLM\...\Avast) (Version: 12.3.2280 - AVAST Software)
Battle.net (HKLM\...\Battle.net) (Version:  - )
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.03 - Piriform)
Chromium (HKLM\...\{B12259E2-E1A2-8862-5022-F8E280A22B62}) (Version:  - )
Cisco EAP-FAST Module (HKLM\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: 7.80.4.0 - Conexant)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Deus Ex Preview Edition (HKLM\...\Deus Ex Preview Edition) (Version:  - )
Diablo (HKLM\...\Diablo) (Version:  - )
Doro 2.07 (HKLM\...\Doro_is1) (Version:  - CompSoft)
DriverIdentifier 4.2.8 (HKLM\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
DriverPack Solution Updater (HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\DRPSu Updater) (Version: 0.0.25 - DriverPack Solution)
DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 5.60.48.35 - Dell Inc.)
erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden
Free Video to DVD Converter (HKLM\...\Free Video to DVD Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - )
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Laptop Integrated Webcam Driver (1.04.01.1011)   (HKLM\...\Creative OEM002) (Version:  - )
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.51.1.9 - Marvell)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
SafeZone Stable 1.48.2066.120 (Version: 1.48.2066.120 - Avast Software) Hidden
Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype™ 7.29 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VistaFeaturePack (HKLM\...\InstallShield_{D7E04009-B191-4E9D-9D2D-1BBE57BD8A42}) (Version: 1.03.0000 - CSR)
VistaFeaturePack (Version: 1.03.0000 - CSR) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Windows Driver Package - IDT MEDIA  (06/29/2009 6.10.0.6217) (HKLM\...\9913AB0467F64967120CD799764C841BE89B4768) (Version: 06/29/2009 6.10.0.6217 - IDT)
Windows Driver Package - Intel hdc  (07/25/2013 9.1.9.1005) (HKLM\...\0AB4E7B45FBEB7D4C4155D1E8A70EEF4945B1BE9) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel hdc  (07/25/2013 9.1.9.1005) (HKLM\...\0FC89EF25B8E7EB4E6DEC68AAB6FC08D970018E8) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel System  (07/25/2013 9.1.9.1005) (HKLM\...\CAC45647A959F237CE25C052FDB9A4A914C34830) (Version: 07/25/2013 9.1.9.1005 - Intel)
Windows Driver Package - Intel USB  (07/31/2013 9.1.9.1006) (HKLM\...\A3F7AD39265BEEC1CC0F1541DC760F6A672AAB94) (Version: 07/31/2013 9.1.9.1006 - Intel)
Windows Driver Package - Marvell (yukonwlh) Net  (03/23/2012 11.45.4.3) (HKLM\...\94D38FD5903796314784FF9A89F2713FA8680500) (Version: 03/23/2012 11.45.4.3 - Marvell)
Windows Driver Package - Microsoft (Point32) Mouse  (11/03/2009 7.10.344.0) (HKLM\...\4FA5AE143C91F759736B26E92BA192C896745D80) (Version: 11/03/2009 7.10.344.0 - Microsoft)
Windows Driver Package - Microsoft (usbccgp) USB  (05/18/2011 8.20.409.0) (HKLM\...\913EF06792A9A7E04985DBEB95759AF12CA05500) (Version: 05/18/2011 8.20.409.0 - Microsoft)
Windows Driver Package - Microsoft HIDClass  (05/18/2011 8.20.409.0) (HKLM\...\028BB615AAC003E1BBAE7E63ED0223164608FB67) (Version: 05/18/2011 8.20.409.0 - Microsoft)
Windows Driver Package - Microsoft HIDClass  (12/14/2010 8.01.239.0) (HKLM\...\CE302C235A190952358CEFAF171E3D5D9AE1B89A) (Version: 12/14/2010 8.01.239.0 - Microsoft)
Windows Driver Package - Microsoft Keyboard  (05/18/2011 8.20.409.0) (HKLM\...\1F69262D55ECF8DF5CD9BE5D89E697FEEE69BE47) (Version: 05/18/2011 8.20.409.0 - Microsoft)
Windows Driver Package - Ricoh Company (rimsptsk) hdc  (10/11/2008 6.10.01.00) (HKLM\...\01091E9A169AB801A5DB477CBFBE7D0FFE0242E2) (Version: 10/11/2008 6.10.01.00 - Ricoh Company)
Windows Driver Package - Ricoh Company (risdptsk) hdc  (05/26/2008 6.03.02.18) (HKLM\...\0CCD9ECDD0B4651B0EF2380C8F1736161391355C) (Version: 05/26/2008 6.03.02.18 - Ricoh Company)
Windows Driver Package - Ricoh Company (rismxdp) hdc  (07/29/2008 6.00.01.17) (HKLM\...\522DE5555B6672A52FA7709827713149D90BD2A7) (Version: 07/29/2008 6.00.01.17 - Ricoh Company)
Windows Driver Package - Ricoh Company MMC Host Controller (11/05/2008 6.10.01.00) (HKLM\...\A9CE23FC0E84DBC97FCFCE40A91F33C2384E1CF5) (Version: 11/05/2008 6.10.01.00 - Ricoh Company)
Windows Driver Package - TOSHIBA Bluetooth USB Controller (06/22/2014 8.1.4222.0) (HKLM\...\123BFF80C76AD62D7E34772F604B87241F661901) (Version: 06/22/2014 8.1.4222.0 - TOSHIBA)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> C:\Users\Levy\AppData\Local\Chromium\Application\46.0.2480.0\delegate_execute.exe (The Chromium Authors) <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0ACE4ADB-9AFB-453E-B0DE-63411512CDD4} - \PCDEventLauncherTask -> No File <==== ATTENTION
Task: {10471CBA-AFAF-4820-9290-E8C0ACFDD7EF} - System32\Tasks\SafeZone scheduled Autoupdate 1448046372 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-12] (Avast Software)
Task: {281EA8BA-3364-4604-80B4-3BC7ACF79C0B} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {4BD67906-02D7-434B-A1BE-10FE441871D2} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\VistaSP1CEIP => C:\Windows\servicing\vsp1ceip.exe [2008-01-19] (Microsoft Corporation)
Task: {4D60633E-3BAB-46F1-912C-EA55C05DD7CA} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {783E2E92-CA76-44DF-9F34-1DF742F5C631} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {9179214D-0D66-42F9-B020-8C250F4F08E3} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {B10534B4-A864-4E32-BEBA-86F79CDF14B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C71840BA-8212-4A7D-8D5F-A83EAE265110} - System32\Tasks\{38B18967-2CAE-4553-9F0B-4DE46817BAEB} => pcalua.exe -a "C:\Program Files\DriverToolkit\Download\f1012d9b2eea3fa05b2a171bbbddf227\sp42716.exe" -d "C:\Program Files\DriverToolkit\Download\f1012d9b2eea3fa05b2a171bbbddf227"
Task: {CA6A8965-3038-45EE-9DA8-3EBD46201227} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-02-19] (Piriform Ltd)
Task: {F01438FA-6945-461F-B060-F723624BB398} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-30] (AVAST Software)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
 
==================== Shortcuts =============================
 
(The entries could be listed to be restored or removed.)
 
==================== Loaded Modules (Whitelisted) ==============
 
2016-06-30 12:21 - 2016-08-30 03:52 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-06-30 12:21 - 2016-08-30 03:52 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-11-01 09:18 - 2016-11-01 09:18 - 03126160 _____ () C:\Program Files\AVAST Software\Avast\defs\16110100\algo.dll
2016-09-29 18:08 - 2016-08-31 19:56 - 00114664 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\zlib1.dll
2016-09-29 18:08 - 2016-08-31 19:56 - 00108008 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2016-09-29 18:08 - 2016-08-31 19:56 - 00024040 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2016-09-29 18:08 - 2016-08-31 19:56 - 00048104 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2015-02-26 00:03 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-02-26 00:03 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2015-02-26 00:03 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-02-26 00:03 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2015-02-26 00:03 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-06-30 12:21 - 2016-06-30 12:21 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-07-12 19:16 - 2016-07-06 18:01 - 17602240 _____ () C:\Users\Levy\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll
2016-09-06 19:30 - 2016-09-06 12:00 - 05197312 _____ () C:\Users\Levy\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libglesv2.dll
2016-09-06 19:30 - 2016-09-06 12:00 - 00147456 _____ () C:\Users\Levy\AppData\Local\Google\Chrome\User Data\SwiftShader\3.3.0.1\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
IE trusted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\dell.com -> dell.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\...\123simsen.com -> www.123simsen.com
 
There are 7914 more sites.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 07:23 - 2016-10-02 21:51 - 00453183 ____R C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1 localhost
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com
 
There are 15554 more lines.
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3490811228-1277515905-2465933896-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\Wallpaper\img11.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is disabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth Manager.lnk => C:\Windows\pss\Bluetooth Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Levy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
MSCONFIG\startupreg: DellSystemDetect => C:\Users\Levy\AppData\Local\Apps\2.0\3P78V84N.XTZ\1ZHMV723.BMA\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
MSCONFIG\startupreg: DrvUpdater => C:\Users\Levy\AppData\Roaming\DRPSu\DrvUpdater.exe
MSCONFIG\startupreg: EvtMgr6 => C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: ITSecMng => %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
MSCONFIG\startupreg: LWS => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: OEM02Mon.exe => C:\Windows\OEM02Mon.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SDTray => "C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SigmatelSysTrayApp => %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
MSCONFIG\startupreg: SpybotPostWindows10UpgradeReInstall => "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray.exe
MSCONFIG\startupreg: uTorrent => "C:\Users\Levy\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [{5844F69E-4F5A-4F42-A9D6-FEEC5394C2B7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{B4376FCD-92A7-4BF6-884C-29F02C10D911}] => (Allow) LPort=80
FirewallRules: [{6845D270-EDB5-4A5C-86C2-679F28B09A91}] => (Allow) LPort=80
FirewallRules: [{AD0F1AAA-DD45-49CC-B1F5-6458B83AFC23}] => (Allow) LPort=80
FirewallRules: [{A3ED5C7F-3D29-4B45-A624-A16B043D334C}] => (Allow) C:\Users\Levy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{387786B2-9204-4F48-AF83-08BF1573A9E3}] => (Allow) C:\Users\Levy\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C43766F3-4724-4F2F-801A-3D5B791F5571}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{595FE4CB-27DD-4E31-B0B8-13070FB8DBF4}] => (Allow) LPort=2869
FirewallRules: [{B470372B-D7FF-427B-B2CA-4DFEDE5B638F}] => (Allow) LPort=1900
FirewallRules: [{E11D96E8-0BFF-4564-8EFC-E1422F662D27}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D1DD85C9-DF23-42E4-8149-AD27C86234AB}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{1322F58D-64A3-4C2B-8FE6-B0414D14EAD5}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{9B1B12EF-43E4-4753-91AD-A485417D45FF}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{EAED07FA-75F6-410D-950E-27F72B8C81CE}] => (Allow) C:\Users\Levy\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{EFC5E0BB-3999-4295-908E-8D43CD9A17D4}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
 
==================== Restore Points =========================
 
29-10-2016 02:18:45 Scheduled Checkpoint
30-10-2016 16:11:31 Scheduled Checkpoint
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/15/2016 03:17:23 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (10/15/2016 03:17:23 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
 
Error: (09/29/2016 06:19:10 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (09/29/2016 06:19:01 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
 
Error: (09/23/2016 02:45:22 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10007) (User: NT AUTHORITY)
Description: Event-ID 10007
 
Error: (09/20/2016 03:25:57 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (09/20/2016 03:25:56 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
 
Error: (08/12/2016 03:17:49 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
Error: (08/12/2016 03:17:48 AM) (Source: Perflib) (EventID: 1010) (User: )
Description: The Collect Procedure for the "EmdCache" service in DLL "C:\Windows\system32\emdmgmt.dll" generated an exception or returned an invalid status. The performance data returned by the counter DLL will not be returned in the Perf Data Block. The first four bytes (DWORD) of the Data section contains the exception code or status code.
 
Error: (07/30/2016 03:14:00 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "PNRPsvc" in DLL "C:\Windows\system32\pnrpperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
 
 
System errors:
=============
Error: (11/01/2016 11:01:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 11:00:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 11:00:45 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 11:00:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 10:59:47 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 10:59:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 10:58:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 10:58:48 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 10:57:41 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The UPnP Device Host service depends on the SSDP Discovery service which failed to start because of the following error: 
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
 
Error: (11/01/2016 09:46:25 AM) (Source: Dhcp) (EventID: 1002) (User: )
Description: The IP address lease 192.168.2.12 for the Network Card with network address 001FE1C313A4 has been denied by the DHCP server 192.168.2.1 (The DHCP Server sent a DHCPNACK message).
 
 
CodeIntegrity:
===================================
  Date: 2016-09-24 12:50:14.880
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:14.166
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:13.440
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:12.706
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:11.843
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:10.952
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:10.107
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:09.278
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:08.449
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-09-24 12:50:07.600
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Pentium® Dual CPU T2390 @ 1.86GHz
Percentage of memory in use: 90%
Total physical RAM: 2037.31 MB
Available physical RAM: 196.94 MB
Total Virtual: 4871.85 MB
Available Virtual: 1163.17 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:136.74 GB) (Free:90.91 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:9.77 GB) (Free:9.66 GB) NTFS
Drive e: () (Fixed) (Total:2.5 GB) (Free:2.43 GB) NTFS
Drive g: (My Passport) (Fixed) (Total:931.48 GB) (Free:86 GB) NTFS
Drive i: (My Passport) (Fixed) (Total:931.48 GB) (Free:220.27 GB) NTFS
Drive j: (Seagate Backup Plus Drive) (Fixed) (Total:931.51 GB) (Free:635.12 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149.1 GB) (Disk ID: 00000080)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=136.7 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 931.5 GB) (Disk ID: B93FCA86)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 00023F15)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 562AF0D8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 

 


  • 0

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP