sorry for replying late computer is working so slow that i cant access any thing it took me 1 hour to reply you
cant able to find log file
frst.txt file is not getting attached so i am copy pasting it
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24.10.2018
Ran by lenovo (administrator) on LENOVO-PC (27-10-2018 12:12:53)
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(BitTorrent Inc.) C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\FAHWindow32.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZUpdateNotifier.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzPreloader.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BitTorrent Inc.) C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
(BitTorrent Inc.) C:\Users\lenovo\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Foxit Software Inc.) C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe
(Dropbox, Inc.) C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(Hewlett-Packard Company) C:\Program Files\HP\HPBDSService\HPBDSService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Copyright 2017.) C:\Program Files\Zemana AntiMalware\ZAM.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WzBGTools.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_30_0_0_134.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_30_0_0_134.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe
(Google Inc.) C:\Users\lenovo\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-07-17] (AVAST Software)
HKLM\...\Run: [ZAM] => C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [uTorrent] => C:\Users\lenovo\AppData\Roaming\uTorrent\uTorrent.exe [1987768 2018-10-22] (BitTorrent Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Dropbox Update] => C:\Users\lenovo\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Google Update] => C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-22] (Google Inc.)
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\Run: [Web Companion] => C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_30_0_0_134_pepper.exe [1447936 2018-07-12] (Adobe Systems Incorporated)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-11-29]
ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Notifier.lnk [2016-11-29]
ShortcutTarget: Update Notifier.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (WinZip Computing, S.L.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinZip Preloader.lnk [2016-11-29]
ShortcutTarget: WinZip Preloader.lnk -> C:\Program Files\WinZip\WzPreloader.exe (WinZip Computing, S.L.)
Startup: C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2018-10-22]
ShortcutTarget: Dropbox.lnk -> C:\Users\lenovo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * bootdelete
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{91159599-D312-46D2-B512-3DA51681A45C}: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{96A1187B-2A35-49D8-B44A-7BA8556D531D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{B5589E53-4647-4589-839D-1C9F84919F9D}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{C057E2E2-FA66-4793-8023-576C456030EC}: [DhcpNameServer] 192.168.225.1 192.168.225.1
Tcpip\..\Interfaces\{CD510772-EDFB-4137-932D-16DA47E82156}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{CDFA3976-0D4A-4547-8644-8382C04C398F}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E4937AE7-06F0-4B5C-A903-4D6CDD1167AE}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{E59173B5-8FB8-4C2D-8ADD-ACE5E9DFFB22}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1450707365-3114357019-3030383042-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180524__yaie
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1450707365-3114357019-3030383042-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://in.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10420__180524__yaie&p={searchTerms}
BHO: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-28] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2018-07-17] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Foxit PhantomPDF Create PDF ToolBar Helper -> {A5DD10F7-5ABB-4EEF-B4C8-6748D44DAF2A} -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2016-12-30] ()
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-28] (Oracle Corporation)
Toolbar: HKLM - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Foxit PhantomPDF Create PDF ToolBar - {BFD9D8A8-57FF-488A-B919-065EC77CF82F} - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\IEAddin\IEAddin.dll [2016-12-30] ()
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: sq39mbzn.default-1496470462934-1510904037715
FF ProfilePath: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715 [2018-10-27]
FF Homepage: Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715 -> hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180524__yaff
FF NewTab: Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715 -> hxxps://in.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10420__180524__yaff
FF Extension: (Avast Online Security) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715\Extensions\[email protected] [2018-10-22]
FF Extension: (Telemetry coverage) - C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715\features\{9e3c6454-f535-42bd-b22c-323614f0bff5}\[email protected] [2018-10-27] [Legacy]
FF SearchPlugin: C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\sq39mbzn.default-1496470462934-1510904037715\searchplugins\yahoo-lavasoft-ff59.xml [2018-05-24]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on
FF Extension: (E-Web Print) - C:\Program Files\Epson Software\E-Web Print\Firefox Add-on [2017-06-14] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi
FF Extension: (Foxit PDF Creator) - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\FirefoxAddin\FFExtnHTML2PDF.xpi [2016-12-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_30_0_0_134.dll [2018-07-11] ()
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2016-12-22] (Foxit Corporation)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-28] (Oracle Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-24] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-24] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\lenovo\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\lenovo\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @talk.google.com/O1DPlugin -> C:\Users\lenovo\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @tools.google.com/Google Update;version=3 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)
FF Plugin HKU\S-1-5-21-1450707365-3114357019-3030383042-1000: @tools.google.com/Google Update;version=9 -> C:\Users\lenovo\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-22] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2009-09-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\lenovo\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [cifnddnffldieaamihfkhkdgnbhfmaci] - C:\Program Files\Foxit Software\Foxit PhantomPDF\plugins\Creator\ChromeAddin\ChromeAddin.crx [2016-11-22]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6341888 2018-07-17] (AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-02] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [322464 2018-07-17] (AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-02] (AVAST Software)
S4 Change Modem Device Service; C:\Windows\System32\ChgService.exe [135168 2012-11-19] () [File not signed]
S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [280680 2017-10-12] (Intel Corporation)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-12] (Seiko Epson Corporation)
R2 FoxitPhantomService; C:\Program Files\Foxit Software\Foxit PhantomPDF\FoxitConnectedPDFService.exe [1659080 2016-12-30] (Foxit Software Inc.)
R2 HP DS Service; C:\Program Files\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
S2 HP LaserJet Service; C:\Program Files\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
S4 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [167936 2018-06-28] () [File not signed]
S2 StarWindServiceAE; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2018-06-19] (StarWind Software) [File not signed]
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10942704 2017-10-20] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ACPIVPC; C:\Windows\System32\DRIVERS\AcpiVpc.sys [23136 2010-10-25] (Lenovo Corporation)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [167552 2018-07-17] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriverx.sys [188352 2018-07-17] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidshx.sys [164944 2018-07-17] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblogx.sys [284328 2018-07-17] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbunivx.sys [57976 2018-07-17] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [189240 2018-07-17] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [42808 2018-07-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [133680 2018-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [101056 2018-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71848 2018-07-17] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [784120 2018-07-17] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [394928 2018-09-25] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [162704 2018-07-17] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [310784 2018-07-17] (AVAST Software)
R3 Btcsrusb; C:\Windows\System32\Drivers\btcusb.sys [47504 2017-10-12] (IVT Corporation.)
S3 cmnsusbser; C:\Windows\System32\DRIVERS\cmnsusbser.sys [105984 2012-11-19] (QUALCOMM Incorporated)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2017-10-12] (Samsung Electronics Co., Ltd.)
R1 funfrm; C:\Windows\system32\Drivers\funfrm.sys [54800 2012-01-25] ()
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43376 2016-04-21] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2017-10-12] (REALiX)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x86.sys [110280 2017-10-12] (Qualcomm Atheros Co., Ltd.)
R0 LHDmgr; C:\Windows\System32\DRIVERS\LhdX86.sys [32352 2010-01-15] (Lenovo.)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [178904 2017-05-13] (Malwarebytes)
R3 MEI; C:\Windows\System32\DRIVERS\HECI.sys [41088 2011-03-02] (Intel Corporation)
R0 PxHelp20; C:\Windows\System32\Drivers\PxHelp20.sys [20640 2005-03-12] (Sonic Solutions) [File not signed]
S3 RSUSBVSTOR; C:\Windows\System32\Drivers\RtsUVStor.sys [218624 2011-03-02] (Realtek Semiconductor Corp.)
R3 SPUVCbv; C:\Windows\System32\Drivers\usbvideo.sys [146816 2013-07-12] (Microsoft Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [24688 2018-07-10] ()
S3 wsvd; C:\Windows\System32\DRIVERS\wsvd.sys [81704 2009-07-21] (CyberLink)
R1 ZAM; C:\Windows\System32\drivers\zam32.sys [181496 2017-05-08] (Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard32.sys [181496 2017-05-08] (Zemana Ltd.)
S4 sptd; System32\Drivers\sptd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-27 12:15 - 2018-10-27 12:15 - 020768768 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2018-10-27 12:12 - 2018-10-27 12:19 - 000022388 _____ C:\Users\lenovo\Desktop\FRST.txt
2018-10-27 12:11 - 2018-10-27 12:12 - 001774592 ____C (Farbar) C:\Users\lenovo\Desktop\FRST.exe
2018-10-27 11:39 - 2018-10-27 11:39 - 000000000 ___DC C:\Users\lenovo\AppData\LocalLow\uTorrent
2018-10-22 16:47 - 2018-10-22 16:47 - 000564630 _____ C:\Users\lenovo\Desktop\worms.txt
2018-10-22 12:22 - 2018-10-22 12:22 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-10-27 12:19 - 2016-12-29 11:08 - 000055872 _____ C:\Windows\ZAM.krnl.trace
2018-10-27 12:19 - 2016-12-29 11:08 - 000030145 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-10-27 12:17 - 2012-05-01 23:39 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\uTorrent
2018-10-27 12:15 - 2012-05-01 15:14 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2018-10-27 12:15 - 2012-05-01 15:14 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2018-10-27 12:15 - 2012-05-01 15:14 - 000000000 ____D C:\Windows\system32\Macromed
2018-10-27 12:12 - 2017-04-13 15:51 - 000000000 ___DC C:\FRST
2018-10-27 12:03 - 2014-10-03 13:04 - 000000000 ____D C:\Users\lenovo\AppData\Roaming\Dropbox
2018-10-27 11:58 - 2009-07-14 10:04 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-27 11:58 - 2009-07-14 10:04 - 000014192 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-27 11:47 - 2017-06-07 18:37 - 000000000 ___DC C:\Users\lenovo\AppData\LocalLow\Mozilla
2018-10-27 11:45 - 2017-08-26 11:39 - 000000000 ___DC C:\Program Files\Mozilla Firefox
2018-10-27 11:45 - 2017-02-04 13:05 - 000000000 ___DC C:\Program Files\Mozilla Maintenance Service
2018-10-27 11:41 - 2018-04-02 13:14 - 000000000 ___DC C:\Users\lenovo\AppData\Local\AVAST Software
2018-10-27 11:40 - 2018-09-25 13:35 - 000000922 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000UA.job
2018-10-27 11:40 - 2012-10-14 07:47 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2018-10-27 11:39 - 2009-07-14 10:23 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-10-22 13:40 - 2018-09-25 13:35 - 000000870 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1450707365-3114357019-3030383042-1000Core.job
2018-10-21 12:26 - 2012-01-25 22:05 - 000785794 _____ C:\Windows\system32\PerfStringBackup.INI
2018-10-21 12:26 - 2009-07-14 08:07 - 000000000 ____D C:\Windows\inf
==================== Files in the root of some directories =======
2017-05-10 12:14 - 2017-06-03 11:41 - 000007613 ____C () C:\Users\lenovo\AppData\Local\Resmon.ResmonCfg
Some files in TEMP:
====================
2018-07-10 11:09 - 2017-09-13 20:40 - 001310528 ____C (Microsoft Corporation) C:\Users\lenovo\AppData\Local\temp\dllnt_dump.dll
2018-07-11 11:31 - 2018-07-21 10:43 - 000391024 ____C (adaware) C:\Users\lenovo\AppData\Local\temp\wcupdater.exe
2018-07-10 12:58 - 2018-07-10 15:49 - 009436676 ____C () C:\Users\lenovo\AppData\Local\temp\{2F35C9B4-D106-40CB-A785-943471D2C156}-67.0.3396.99_chrome_installer.exe
2018-09-25 12:36 - 2018-09-25 12:36 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{4F4DA23E-4088-45C8-B096-9172C78215D9}-DropboxClient_57.4.89.exe
2018-07-12 18:19 - 2018-07-12 18:25 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{64305A12-D24C-44EB-9BE0-ACB63B776496}-DropboxClient_53.4.66.exe
2018-10-21 12:29 - 2018-10-21 12:29 - 000000000 ____C () C:\Users\lenovo\AppData\Local\temp\{B211B3FC-16C3-49CC-970B-0D87CBD0881C}-DropboxClient_59.4.93.exe
Some zero byte size files/folders:
==========================
C:\Windows\System32\Drivers\axhyrhmw.sys
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-10-22 11:58
==================== End of FRST.txt ============================