Hi JS! I ran MBAR and no Malware found....so I closed the window.
FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-09-2017
Ran by Owner (administrator) on OWNER-PC (20-09-2017 05:03:01)
Running from C:\Users\Owner\Desktop
Loaded Profiles: Owner (Available Profiles: Owner & Guest)
Platform: Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(ABBYY) C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\RacAgent.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27716568 2017-05-05] (Skype Technologies S.A.)
HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\Policies\Explorer: [NoDesktopCleanupWizard] 1
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{6FBD5B69-E619-4515-84DD-5ACB9E1CE4DC}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.yahoo.com/
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
FireFox:
========
FF DefaultProfile: fitzik06.default-1406886426275
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fitzik06.default-1406886426275 [2017-09-20]
FF Homepage: Mozilla\Firefox\Profiles\fitzik06.default-1406886426275 -> hxxps://mail.yahoo.com/
FF Extension: (YouTube mp3) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fitzik06.default-1406886426275\Extensions\[email protected] [2017-09-07]
FF Extension: (Didier Lafleur) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fitzik06.default-1406886426275\Extensions\[email protected] [2017-09-18]
FF Extension: (Yahoo Mail Hide Ad Panel) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fitzik06.default-1406886426275\Extensions\{c37bac34-849a-4d28-be41-549b2c76c64e}.xpi [2017-09-08]
FF Extension: (Adblock Plus) - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\fitzik06.default-1406886426275\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-09-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-19] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2012\FFExt\[email protected] => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll [2013-03-20] (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [272384 2017-09-12] (Adobe Systems Incorporated) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-07] () [File not signed]
S2 SkypeUpdate; C:\Program Files\Skype\Updater\Updater.exe [317400 2017-04-05] (Skype Technologies) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BVRPMPR5; C:\Windows\system32\drivers\BVRPMPR5.SYS [44224 2006-10-06] (BVRP Software) [File not signed]
R0 giveio; C:\Windows\System32\giveio.sys [5248 1996-04-03] () [File not signed]
R3 RTL85n86; C:\Windows\System32\DRIVERS\RTL85n86.sys [311808 2006-11-02] (Realtek)
R0 speedfan; C:\Windows\System32\speedfan.sys [24184 2012-12-29] (Almico Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [691696 2013-11-07] () [File not signed]
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-20 04:59 - 2017-09-20 04:59 - 013290179 _____ C:\Users\Owner\Desktop\mbar-1.10.1.1002-nr.exe
2017-09-18 10:29 - 2017-09-18 10:30 - 068408664 _____ (Malwarebytes ) C:\Users\Owner\Desktop\mb3-setup-consumer-3.2.2.2029.exe
2017-09-18 10:26 - 2017-09-18 10:26 - 000566128 _____ (Malwarebytes) C:\Users\Owner\Desktop\mbam-clean-2.3.0.1001.exe
2017-09-17 15:37 - 2017-09-17 15:42 - 000000436 _____ C:\Users\Owner\Desktop\Search.txt
2017-09-16 20:52 - 2017-09-16 20:59 - 000000000 ____D C:\AdwCleaner
2017-09-16 03:38 - 2017-09-16 03:38 - 000002361 _____ C:\Users\Owner\Desktop\JRT.txt
2017-09-16 03:07 - 2017-09-20 05:02 - 000000000 ____D C:\Users\Owner\Desktop\FRST-OlderVersion
2017-09-16 03:07 - 2017-09-16 03:09 - 000009940 _____ C:\Users\Owner\Desktop\Fixlog.txt
2017-09-16 03:04 - 2017-09-16 03:04 - 008182736 _____ (Malwarebytes) C:\Users\Owner\Desktop\adwcleaner_7.0.2.1.exe
2017-09-16 02:59 - 2017-09-16 02:59 - 001790024 _____ (Malwarebytes) C:\Users\Owner\Desktop\JRT.exe
2017-09-13 06:20 - 2017-09-13 07:45 - 000043324 _____ C:\Users\Owner\Desktop\Addition.txt
2017-09-13 06:18 - 2017-09-20 05:06 - 000007207 _____ C:\Users\Owner\Desktop\FRST.txt
2017-09-13 06:17 - 2017-09-20 05:03 - 000000000 ____D C:\FRST
2017-09-13 06:01 - 2017-09-20 05:02 - 001795584 _____ (Farbar) C:\Users\Owner\Desktop\FRST.exe
2017-09-09 02:56 - 2017-09-18 11:22 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-08 17:48 - 2017-09-20 04:49 - 000000000 ____D C:\Users\Owner\AppData\LocalLow\Mozilla
2017-09-08 13:57 - 2017-09-08 13:57 - 000000000 ____D C:\Users\Owner\Tracing
2017-09-08 13:56 - 2017-09-09 19:50 - 000002377 _____ C:\Users\Public\Desktop\Skype.lnk
2017-09-08 13:56 - 2017-09-08 13:56 - 000000000 ___RD C:\Program Files\Skype
2017-09-08 13:56 - 2017-09-08 13:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-09-08 13:56 - 2017-09-08 13:56 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-09-08 13:54 - 2017-09-08 13:54 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-08 04:28 - 2017-09-08 17:47 - 000000000 ____D C:\Program Files\Mozilla Firefox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-20 04:48 - 2014-12-20 18:41 - 000000000 ____D C:\Users\Owner\AppData\Roaming\Skype
2017-09-20 04:47 - 2006-11-02 05:58 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-20 04:47 - 2006-11-02 05:45 - 000004048 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-20 04:47 - 2006-11-02 05:45 - 000004048 _____ C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-19 07:27 - 2006-11-02 05:58 - 000032542 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-09-18 11:14 - 2007-10-12 03:26 - 025374736 _____ C:\Windows\ntbtlog.txt
2017-09-18 10:24 - 2013-11-14 22:02 - 000000510 _____ C:\Windows\WORDPAD.INI
2017-09-16 07:49 - 2013-03-10 04:59 - 000703388 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-16 07:49 - 2006-11-02 04:18 - 000000000 ____D C:\Windows\inf
2017-09-16 03:14 - 2013-10-02 17:16 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-09-16 03:07 - 2006-11-02 04:18 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2017-09-12 20:39 - 2012-04-05 19:15 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-09-12 20:39 - 2012-04-05 19:15 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-09-12 20:39 - 2007-10-08 13:16 - 000000000 ____D C:\Windows\system32\Macromed
2017-09-12 08:02 - 2008-12-23 21:52 - 000000000 ____D C:\Windows\Minidump
2017-09-08 21:47 - 2014-05-22 05:45 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-09-08 17:47 - 2014-05-22 05:45 - 000000846 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-09-08 13:57 - 2007-10-08 13:05 - 000000000 ____D C:\Users\Owner
2017-09-08 13:56 - 2014-12-20 18:40 - 000000000 ____D C:\ProgramData\Skype
2017-09-08 13:37 - 2008-04-05 17:25 - 000000000 ____D C:\Program Files\Kaspersky Lab
2017-09-07 13:05 - 2008-12-13 14:34 - 000149006 _____ C:\Windows\system32\LexFiles.ulf
2017-09-07 13:04 - 2013-04-05 02:41 - 000000000 ____D C:\Program Files\Lexmark
==================== Files in the root of some directories =======
2013-11-07 10:26 - 2013-11-07 14:10 - 000000100 _____ () C:\Users\Owner\AppData\Roaming\Camdata.ini
2013-11-07 10:26 - 2013-11-07 14:10 - 000000408 _____ () C:\Users\Owner\AppData\Roaming\CamLayout.ini
2013-11-07 10:26 - 2013-11-07 14:10 - 000000408 _____ () C:\Users\Owner\AppData\Roaming\CamShapes.ini
2013-11-07 10:20 - 2013-11-07 14:01 - 000000096 _____ () C:\Users\Owner\AppData\Roaming\version2.xml
2007-10-11 02:04 - 2015-07-20 10:00 - 000000682 _____ () C:\Users\Owner\AppData\Roaming\wklnhst.dat
2010-01-26 14:22 - 2015-07-08 04:50 - 000001356 _____ () C:\Users\Owner\AppData\Local\d3d9caps.dat
2007-10-14 19:26 - 2013-01-17 08:25 - 000005632 _____ () C:\Users\Owner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-06-22 20:58 - 2010-12-12 22:22 - 000000114 ____H () C:\Users\Owner\AppData\Local\tokdet56.dat
2011-08-20 22:57 - 2011-08-20 22:57 - 000017408 _____ () C:\Users\Owner\AppData\Local\WebpageIcons.db
2013-04-20 00:27 - 2015-04-29 21:35 - 000004290 _____ () C:\ProgramData\LMADIscan.log
2008-12-13 14:59 - 2009-09-30 01:28 - 000000560 _____ () C:\ProgramData\lxdf
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\sptd.sys -> MD5 = D41D8CD98F00B204E9800998ECF8427E (0-byte MD5) <======= ATTENTION
LastRegBack: 2017-09-20 04:54
==================== End of FRST.txt ============================
ADDITION TXT
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-09-2017
Ran by Owner (20-09-2017 05:07:12)
Running from C:\Users\Owner\Desktop
Microsoft® Windows Vista™ Home Basic Service Pack 2 (X86) (2007-10-08 19:57:24)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2753939306-2592966707-3986022943-500 - Administrator - Disabled)
Guest (S-1-5-21-2753939306-2592966707-3986022943-501 - Limited - Disabled) => C:\Users\Guest
Owner (S-1-5-21-2753939306-2592966707-3986022943-1000 - Administrator - Enabled) => C:\Users\Owner
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1990.41618 - ABBYY Software House)
ABBYY FineReader 9.0 Sprint (HKLM\...\{F9000000-0018-0000-0000-074957833700}) (Version: 9.00.595.5857 - ABBYY) Hidden
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.00.595.5857 - ABBYY)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.99 - NOS Microsystems Ltd.)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
CameraHelperMsi (HKLM\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
DVD Suite (HKLM\...\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: - )
erLT (HKLM\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
File Association Helper (HKLM\...\{936B9029-265A-45CB-88DA-B00EAB4DD14C}) (Version: 1.1.6.53763 - WinZip Computing International, LLC)
Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Digital Image Starter Edition 2006 (HKLM\...\PictureItSuiteTrial_v12) (Version: 11.0.2018 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 52.3.0 ESR (x86 en-US) (HKLM\...\Mozilla Firefox 52.3.0 ESR (x86 en-US)) (Version: 52.3.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.3.0 - Mozilla)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Power2Go 5.0 (HKLM\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: - )
PowerDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2407.0 - CyberLink Corporation)
Skype™ 7.36 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.36.150 - Skype Technologies S.A.)
Speccy (HKLM\...\Speccy) (Version: 1.24 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.3.0 - Synaptics)
VC 9.0 Runtime (HKLM\...\{02E89EFC-7B07-4D5A-AA03-9EC0902914EE}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
VC 9.0 Runtime (HKLM\...\{A040AC77-C1AA-4CC9-8931-9F648AF178F6}) (Version: 1.0.0 - Check Point Software Technologies Ltd) Hidden
Yahoo! Detect (HKLM\...\YTdetect) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{4662DAB0-D393-11D0-9A56-00C04FB68B66}\InprocServer32 -> C:\Windows\system32\hhctrl.ocx (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{7B8A2D94-0AC9-11D1-896C-00C04FB6BFC4}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{7EBDAAE0-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\Windows\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{7EBDAAE1-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\Windows\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{7EBDAAE2-8120-11CF-899F-00AA00688B10}\InprocServer32 -> C:\Windows\system32\msstkprp.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{C90250F3-4D7D-4991-9B69-A5C5BC1C2AE6}\InprocServer32 -> C:\Windows\system32\actxprxy.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{DF2FCE13-25EC-45BB-9D4C-CECD47C2430C}\InprocServer32 -> C:\Windows\system32\urlmon.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000_Classes\CLSID\{F76812F0-44A9-C582-41AC-C3484F5D58AA}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
ContextMenuHandlers1: [FileAssociationHelper] -> {D5CF14A2-B3CA-49DC-8E3E-0BB233B26D09} => C:\Program Files\File Association Helper\FAHDll.dll [2013-09-26] (WinZip Computing International, LLC)
ContextMenuHandlers1: [Sprint.ExplorerIntegration] -> {6F5C0F40-1419-4DC8-8D2F-D5EC5FCF07AB} => C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Integration\SprintIntegration.dll [2010-09-14] (ABBYY)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {20D4FFF1-3DC5-413C-BDBE-2C5FC4964EDD} - C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => Command(1): %systemroot%\system32\netsh.exe -> interface tcp set heuristic wsh=default
Task: {20D4FFF1-3DC5-413C-BDBE-2C5FC4964EDD} - C:\Windows\System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => Command(2): %systemroot%\system32\schtasks.exe -> /delete /tn "\Microsoft\Windows\Tcpip\WSHReset" /f
Task: {3CCE3500-3535-4D3C-8D17-622428EF09A6} - System32\Tasks\{05734DEB-4D1E-4AA1-B07D-56C1132012F9} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.0.0.102/en/abandoninstall?source=lightinstaller&page=tsInstall
Task: {5CB197ED-456C-4E00-A110-6E52063BCB13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {6150EADC-D274-4AA2-A692-4E95699CE917} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {AC9B7645-4712-4248-998D-C7975DCDCE5A} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {C1589470-37C7-4695-85C8-C7202E9ED941} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {E207AF04-F765-4C45-8114-465EDF713F42} - System32\Tasks\LexmarkPUDCTask => C:\Program Files\Lexmark\ProductUpdate\LMprodupdate.exe
Task: {ED301A62-27FF-4617-8C13-B026C47AD28E} - System32\Tasks\{A3FFDBAF-6F3A-4B4B-BFA8-141C3CF2BB87} => C:\Windows\system32\pcalua.exe -a C:\Users\Owner\Desktop\cdex_151.exe -d C:\Users\Owner\Desktop
Task: {ED83284D-EAAF-44B9-83EA-A3A292494E9D} - System32\Tasks\{DD73897A-DD92-4BDC-8F7F-8ED3679D10E8} => "c:\program files\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/7.3.0.101/en/go/help.faq.installer?LastError=1601
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2006-11-02 03:25 - 2007-01-25 21:11 - 000159744 _____ () C:\Windows\system32\atitmmxx.dll
2007-06-05 13:20 - 2007-06-05 13:20 - 000177704 _____ () C:\Windows\system32\PSIService.exe
2007-10-08 13:43 - 2005-08-07 06:54 - 000167936 _____ () C:\Program Files\CyberLink\Shared Files\RichVideo.exe
2017-04-26 15:19 - 2017-04-26 15:19 - 002005976 ____R () C:\Program Files\Skype\Phone\skypert.dll
2013-04-19 23:35 - 2012-09-19 06:06 - 000431104 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\LMADIQ4A.DLL
2013-04-19 23:35 - 2012-09-19 06:06 - 000025600 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\LMADIQ40.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34 [127]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
There are 7799 more sites.
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\...\1-2005-search.com -> www.1-2005-search.com
There are 12686 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 03:23 - 2017-09-16 03:08 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2753939306-2592966707-3986022943-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Desktop Background.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: AVP => 2
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Product Registration.lnk => C:\Windows\pss\Logitech . Product Registration.lnk.Startup
MSCONFIG\startupreg: Aimersoft Helper Compact.exe => C:\Program Files\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
MSCONFIG\startupreg: AVP => "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2011\avp.exe"
MSCONFIG\startupreg: BigFix => c:\program files\Bigfix\bigfix.exe /atstartup
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: DW6 => "C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe"
MSCONFIG\startupreg: FAHConsole => C:\Program Files\File Association Helper\FAHConsole.exe
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LMADImon => "C:\Program Files\Lexmark Pro710 Series\LMADImon.exe"
MSCONFIG\startupreg: Logitech Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: LWS => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: lxdfamon => "C:\Program Files\Lexmark 6500 Series\lxdfamon.exe"
MSCONFIG\startupreg: lxdfmon.exe => "C:\Program Files\Lexmark 6500 Series\lxdfmon.exe"
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: NapsterShell => C:\Program Files\Napster\napster.exe /systray
MSCONFIG\startupreg: Power2GoExpress => NA
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: Windows Defender => %ProgramFiles%\Windows Defender\MSASCui.exe -hide
MSCONFIG\startupreg: WMPNSCFG => C:\Program Files\Windows Media Player\WMPNSCFG.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SLSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [SLSVC-In-TCP] => (Allow) %SystemRoot%\system32\slsvc.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-TCP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-Out-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMPNSS-WMP-In-UDP-NoScope-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{F420C54A-C875-4CFA-A154-CAD4EA8A5336}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{8716CBED-F227-419C-97AA-8CC505238109}C:\program files\skype\phone\skype.exe] => (Block) C:\program files\skype\phone\skype.exe
FirewallRules: [TCP Query User{669FF282-B8AC-40DC-94A6-787E2EA3E18F}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{CEC4905D-CC2D-4863-994D-02827F7034C8}C:\program files\skype\phone\skype.exe] => (Allow) C:\program files\skype\phone\skype.exe
==================== Restore Points =========================
16-09-2017 03:34:35 JRT Pre-Junkware Removal
17-09-2017 07:33:09 Scheduled Checkpoint
18-09-2017 07:56:51 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
Name: Microsoft 6to4 Adapter #3
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #4
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #5
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #6
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #7
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #10
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #11
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #13
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #14
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #15
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #16
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #19
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #20
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #23
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #14
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #18
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #20
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (09/18/2017 10:58:07 AM) (Source: EventSystem) (EventID: 4609) (User: )
Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 8007043c from line 45 of d:\longhorn\com\complus\src\events\tier1\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.
Error: (09/18/2017 10:17:49 AM) (Source: EventSystem) (EventID: 4621) (User: )
Description: The COM+ Event System could not remove the EventSystem.EventSubscription object {CEB8B221-89C5-41A8-98CE-79B413BF150B}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The HRESULT was 80070005.
Error: (09/17/2017 02:01:41 AM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FITZIK06.DEFAULT-1406886426275\SAFEBROWSING-TO_DELETE> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/16/2017 11:26:08 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FITZIK06.DEFAULT-1406886426275\SAFEBROWSING> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
Error: (09/16/2017 11:26:08 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\OWNER\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\FITZIK06.DEFAULT-1406886426275\SAFEBROWSING> in the hash map cannot be updated.
Context: Application, SystemIndex Catalog
Details:
A device attached to the system is not functioning. (0x8007001f)
System errors:
=============
Error: (09/19/2017 07:27:17 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
Error: (09/18/2017 02:07:43 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.
Error: (09/18/2017 10:59:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (09/18/2017 10:59:29 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (09/18/2017 10:59:29 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (09/18/2017 10:59:28 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (09/18/2017 10:58:55 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server:
{BA126AD1-2166-11D1-B1D0-00805FC1270E}
Error: (09/18/2017 10:58:50 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
Error: (09/18/2017 10:58:49 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server:
{A47979D2-C419-11D9-A5B4-001185AD2B89}
Error: (09/18/2017 10:58:49 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:
The dependency service or group failed to start.
==================== Memory info ===========================
Processor: Intel® Celeron® M CPU 520 @ 1.60GHz
Percentage of memory in use: 70%
Total physical RAM: 1469.39 MB
Available physical RAM: 438.21 MB
Total Virtual: 3200.23 MB
Available Virtual: 1740.72 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:65.26 GB) (Free:29.89 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:9.27 GB) (Free:3.86 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 74.5 GB) (Disk ID: 9AEED03F)
Partition 1: (Not Active) - (Size=9.3 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=65.3 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by mango_nj, 20 September 2017 - 06:51 AM.