[adamdyak875]

I'm unable to use the internet at all on my desktop but the internet strength is full. Not sure if i have a virus or what.

 

 

My desktop is a Dell Vostro, Intel core i7, Windows 7

 

I have access to the internet on my laptop to download anything but it's missing on my desktop.

[Advertisements]

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 

ipconfig  /all

What is the IPv4 address?

 

What is the Default Gateway?

(There will be an IPv6 gateway then an IPv4 gateway.  I want the IPv4 gateway that has the form 192.168.1.1)

 

What is the DNS server?

(There will be an IPv6 gateway then an IPv4 gateway.  I want the IPv4 gateway that has the form 192.168.1.1)

 

Now type:

ipconfig  /release

ipconfig  /renew

ipconfig  /all

Do the three items requested above change?

 

Now type:

ping  (Default Gateway)

Replace (Default Gateway) with the IPv4 version of the Default Gateway you found in the last IPCONFIG /ALL:  EXAMPLE 192.168.1.1

 

You should get something like:
 

 

Pinging 192.168.1.254 with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=5ms TTL=64

Ping statistics for 192.168.1.254:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 5ms, Average = 4ms

 

 

If that works then

nslookup   geekstogo.com

C:\WINDOWS\system32>nslookup geekstogo.com
Server:  homeportal
Address:  2600:1700:f170:9e00::1

Non-authoritative answer:
Name:    geekstogo.com
Addresses:  104.28.29.94
          104.28.28.94

 

Open a browser (IE, Firefox or Chrome) and type

104.28.29.94

in the URL box then hit Enter.  You should get an Error 1003 from Cloud Flare. 

 

I'll stop now.  Tell me which is the first step that doesn't work.

[RKinner]

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 

ipconfig  /all

What is the IPv4 address?

 

What is the Default Gateway?

(There will be an IPv6 gateway then an IPv4 gateway.  I want the IPv4 gateway that has the form 192.168.1.1)

 

What is the DNS server?

(There will be an IPv6 gateway then an IPv4 gateway.  I want the IPv4 gateway that has the form 192.168.1.1)

 

Now type:

ipconfig  /release

ipconfig  /renew

ipconfig  /all

Do the three items requested above change?

 

Now type:

ping  (Default Gateway)

Replace (Default Gateway) with the IPv4 version of the Default Gateway you found in the last IPCONFIG /ALL:  EXAMPLE 192.168.1.1

 

You should get something like:
 

 

Pinging 192.168.1.254 with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=5ms TTL=64

Ping statistics for 192.168.1.254:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 5ms, Average = 4ms

 

 

If that works then

nslookup   geekstogo.com

C:\WINDOWS\system32>nslookup geekstogo.com
Server:  homeportal
Address:  2600:1700:f170:9e00::1

Non-authoritative answer:
Name:    geekstogo.com
Addresses:  104.28.29.94
          104.28.28.94

 

Open a browser (IE, Firefox or Chrome) and type

104.28.29.94

in the URL box then hit Enter.  You should get an Error 1003 from Cloud Flare. 

 

I'll stop now.  Tell me which is the first step that doesn't work.

[adamdyak875]

Have tried what was written and these are the results to both your questions and the commands.

===============================================================

 

Microsoft Windows [Version 6.1.7601]

Copyright © 2009 Microsoft Corporation.  All rights reserved.

 

C:\Windows\system32>ipconfig  /all

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : ADyjak-PC

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

 

Wireless LAN adapter Wireless Network Connection 2:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Compact Wireless-G USB Network Adapter

   Physical Address. . . . . . . . . : 00-23-69-0D-5C-25

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.21(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 13 May 2019 15:12:36

   Lease Expires . . . . . . . . . . : 14 May 2019 17:03:24

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 369107817

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-BA-BF-56-A4-BA-DB-FB-BB-9D

 

   DNS Servers . . . . . . . . . . . : 194.168.4.100

                                       194.168.8.100

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet

   Physical Address. . . . . . . . . : A4-BA-DB-FB-BB-9D

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

C:\Windows\system32>ipconfig  /release

 

Windows IP Configuration

 

No operation can be performed on Local Area Connection while it has its media di

sconnected.

 

Wireless LAN adapter Wireless Network Connection 2:

 

   Connection-specific DNS Suffix  . :

   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13

   Default Gateway . . . . . . . . . :

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

 

C:\Windows\system32>ipconfig  /renew

 

Windows IP Configuration

 

No operation can be performed on Local Area Connection while it has its media di

sconnected.

 

Wireless LAN adapter Wireless Network Connection 2:

 

   Connection-specific DNS Suffix  . :

   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13

   IPv4 Address. . . . . . . . . . . : 192.168.0.21

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Default Gateway . . . . . . . . . : 192.168.0.1

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

 

C:\Windows\system32>ipconfig  /all

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : ADyjak-PC

   Primary Dns Suffix  . . . . . . . :

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

 

Wireless LAN adapter Wireless Network Connection 2:

 

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Compact Wireless-G USB Network Adapter

   Physical Address. . . . . . . . . : 00-23-69-0D-5C-25

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13(Preferred)

   IPv4 Address. . . . . . . . . . . : 192.168.0.21(Preferred)

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 13 May 2019 17:11:40

   Lease Expires . . . . . . . . . . : 14 May 2019 17:11:40

   Default Gateway . . . . . . . . . : 192.168.0.1

   DHCP Server . . . . . . . . . . . : 192.168.0.1

   DHCPv6 IAID . . . . . . . . . . . : 369107817

   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-BA-BF-56-A4-BA-DB-FB-BB-9D

 

   DNS Servers . . . . . . . . . . . : 194.168.4.100

                                       194.168.8.100

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Local Area Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . :

   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet

   Physical Address. . . . . . . . . : A4-BA-DB-FB-BB-9D

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

C:\Windows\system32>ping 192.169.0.21

 

Pinging 192.169.0.21 with 32 bytes of data:

Request timed out.

Request timed out.

Request timed out.

Request timed out.

 

Ping statistics for 192.169.0.21:

    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

 

C:\Windows\system32>

Edited by adamdyak875, 13 May 2019 - 10:18 AM.

[RKinner]

Do you have a firewall like Zone Alarm or an antivirus with its own firewall? 

 

Since you can transfer files via the laptop let's run FRST and see if it shows what is going on:

 

• Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
• Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
• Check the Addition.txt box
• Press Scan button.
• It will produce a log called FRST.txt in the same directory the tool is run from.  
• Please copy and paste log back here.
• It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

 

[adamdyak875]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05.2019 01

Ran by A Dyjak (administrator) on ADYJAK-PC (Dell Inc. Vostro 430) (14-05-2019 17:36:05)

Running from C:\Users\A Dyjak\Desktop

Loaded Profiles: A Dyjak (Available Profiles: A Dyjak & Guest)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe

(Broadcom Corporation -> Broadcom Corp.) C:\Program Files\Broadcom\BPowMon\BPowMon.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe

(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe

(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe

(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAConsole.exe

(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe

(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe

(PC Tools -> PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe

(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe

 

==================== Registry (Whitelisted) ===========================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153808 2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)

HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f

HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f

HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)

HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)

HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-09] (Google LLC -> Google Inc.)

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache

HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-11-06] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)

HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

GroupPolicy\User: Restriction ? <==== ATTENTION

GroupPolicyScripts: Restriction <==== ATTENTION

GroupPolicyScripts-x32: Restriction <==== ATTENTION

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0397F81A-353B-4639-8CE6-78961B055D41} - \{F30739CD-BD81-4B7C-B386-493979BA79E0} -> No File <==== ATTENTION

Task: {08C98CDC-61C0-4CF9-91FF-3E0301196668} - \{DAEE9E43-CB92-4DE7-824F-FE35363D5A80} -> No File <==== ATTENTION

Task: {0F472DD0-DF38-441C-84C3-7596729B3602} - \{D0761BF3-AFC4-4EC2-80A5-FED7C68CE413} -> No File <==== ATTENTION

Task: {0FE1ACB2-8A93-4FE4-957D-7C5F251646A3} - \SidebarExecute -> No File <==== ATTENTION

Task: {198B03AF-D025-4FAB-9484-4291A6118D9E} - \{AFA7033C-298D-4151-B68E-A2DA18FC45F5} -> No File <==== ATTENTION

Task: {1EFA6694-2F79-4784-BA6C-8DDBB21AA59E} - \RMSmartUpdate -> No File <==== ATTENTION

Task: {2156636C-0C80-4C50-A7C6-C157468C05E4} - \AdobeFlashPlayerUpdate 2 -> No File <==== ATTENTION

Task: {242F46A0-3B63-4551-A7F3-EBF9344BD96B} - \AdobeFlashPlayerUpdate -> No File <==== ATTENTION

Task: {29F9DC69-6BE4-4F2E-BD9C-88473F7A15FD} - \{6B92380B-0DC7-42C2-88E7-76C36747A72C} -> No File <==== ATTENTION

Task: {2A2D53AA-1081-4BF0-B16E-88D51B2A7CE5} - \RealPlayerRealUpgradeScheduledTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION

Task: {379219B4-9A2E-4DBD-A0AB-ECD803B1B19D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [708152 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {3AAB35E2-B7CF-49D7-889C-94B07A40292F} - \RealUpgradeLogonTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION

Task: {3B150271-1046-4F9E-8113-4CBB66BF7783} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3264378072-1544195980-3192037237-1001

Task: {46EA5CE0-3BE2-4FD6-AC03-C8C6E96A2743} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [631352 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5725F1E1-4172-47F1-B0E9-72FD6BB3590D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-07] (AVAST Software s.r.o. -> AVAST Software)

Task: {5A6D8ED3-CB58-4E07-8E2E-FF4A06F89AE8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5C5743E5-FB18-4A85-8E96-861AA78DE26F} - \RealDownloaderRealUpgradeLogonTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION

Task: {5EFC622D-8972-429A-B504-D2E49419B044} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [708152 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {711F0AC7-81A1-467C-B6B1-0135F5F04338} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [631352 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {769509D9-DE89-446F-BE85-CF602DECF527} - \{7DD592E3-DE39-4891-B09B-53ED70A96821} -> No File <==== ATTENTION

Task: {77B478A3-BA04-4459-B349-3C42A322D8E1} - \Microsoft_Hardware_Launch_IPoint_exe -> No File <==== ATTENTION

Task: {88B1DC26-C658-43FB-A895-9F847E7AE980} - \{53D65DE4-9D28-4F31-AFD0-41E44BDC55E1} -> No File <==== ATTENTION

Task: {89F9C45A-6743-4EF1-AF8D-CFB23B5C9DEA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [784440 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {8C78B004-0946-478E-849A-817CE2B705E7} - \{63EC310D-2F38-4C81-8B91-5EE2242F43DA} -> No File <==== ATTENTION

Task: {8D02D5EB-9F09-4485-B674-F93B81C974FE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {9ED12FB4-D57A-45A2-86CE-F7F74CE507ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)

Task: {A2EE8EBE-A36D-42AD-B576-7670113431D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {A6B6B643-CAED-4925-8714-A641A9053031} - \{9BF3F5CC-D937-4356-BA62-F57590782532} -> No File <==== ATTENTION

Task: {A7A1C5CA-44F4-45A7-8CCC-310EF94E1DD0} - \{27C4BBC5-E03A-4F4F-9586-668A9413CD6C} -> No File <==== ATTENTION

Task: {AF9DCA96-DFE7-4CA1-88EE-3DAE818201A4} - \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION

Task: {B80ACD4C-50BC-43E3-8B41-23D45332A9E0} - \{705C60DC-B54B-4D2D-A26D-83F418E6A4B8} -> No File <==== ATTENTION

Task: {C533A0CC-C1C7-4C6F-9227-11C874D570D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

Task: {C9E742A9-11AB-45F6-949F-20BFD7870F43} - \RealUpgradeScheduledTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION

Task: {CD241C3F-9793-4554-9C6C-C57E36DCE522} - \RealPlayerRealUpgradeLogonTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION

Task: {CFE29F90-E987-45D7-8DA3-4BD9189C96B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)

Task: {D2B1E54A-4209-451D-AFC2-CFACD8EB3FD1} - \{0B9D520B-B4F2-41BA-AF8A-F12EB2D5C04F} -> No File <==== ATTENTION

Task: {E015A95E-4B60-4CE9-B391-D809EAAF6240} - \{BAAE649E-5D6C-425B-AB20-1DC4F13761E3} -> No File <==== ATTENTION

Task: {E622FC44-864A-4078-9FFD-F5D669A4C7A2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2018-11-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {E8A58E59-7FE0-4EC3-9D55-AB5C67A5122A} - \{C6C585E9-9F4C-4AE3-AD1B-89EBBA8B12E1} -> No File <==== ATTENTION

Task: {EEB15C27-B089-455E-ADC5-FFDF2A421F39} - \{B5EC42D0-69A2-482F-B724-4DA4449EE018} -> No File <==== ATTENTION

Task: {F37E076B-98C8-458A-81EA-61246F0464C2} - \{3CD1F665-349F-4795-B922-3C69217E23A3} -> No File <==== ATTENTION

 

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

 

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip\..\Interfaces\{976C883F-2501-4100-94F8-2C2DE9D044F4}: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip\..\Interfaces\{ADB328DF-2596-4E12-8258-495DFECAD877}: [DhcpNameServer] 192.168.2.1

 

Internet Explorer:

==================

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.yahoo.com?fr=hp-avast&type=avastbcl

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 

HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.yahoo.com/?fr=hp-avast&type=avastbcl

URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File

URLSearchHook: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File

SearchScopes: HKLM -> DefaultScope {03C94B17-8EC0-42A1-A021-82549C143946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox

SearchScopes: HKLM -> {03C94B17-8EC0-42A1-A021-82549C143946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 -> {3EC59E45-838C-4A14-8587-EA3A9CE12EDF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox

SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> DefaultScope {7226ABBB-809B-47E5-AB7B-3245F2E5E972} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20140911&p={SearchTerms}

SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {03C94B17-8EC0-42A1-A021-82549C143946} URL = 

SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {3EC59E45-838C-4A14-8587-EA3A9CE12EDF} URL = 

SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {7226ABBB-809B-47E5-AB7B-3245F2E5E972} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20140911&p={SearchTerms}

SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File

BHO-x32: No Name -> {51a86bb3-6602-4c85-92a5-130ee4864f13} -> No File

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)

BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)

BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File

Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File

Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File

Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File

Toolbar: HKLM-x32 - No Name - {51a86bb3-6602-4c85-92a5-130ee4864f13} -  No File

Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File

Toolbar: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File

Toolbar: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File

 

FireFox:

========

FF ProfilePath: C:\Users\A Dyjak\AppData\Roaming\Netscape\Navigator\Profiles\5rwpib19.default [2012-08-14]

FF Extension: (No Name) - C:\Program Files (x86)\Netscape\Navigator 9\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3} [not found]

FF ProfilePath: C:\Users\A Dyjak\AppData\Roaming\Mozilla\Firefox\Profiles\lyt5Ta2b.default [2018-08-13]

FF Extension: (Avira Browser Safety) - C:\Users\A Dyjak\AppData\Roaming\Mozilla\Firefox\Profiles\lyt5Ta2b.default\Extensions\[email protected] [2018-08-13] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]

FF Extension: (Avira Password Manager) - C:\Users\A Dyjak\AppData\Roaming\Mozilla\Firefox\Profiles\lyt5Ta2b.default\Extensions\[email protected] [2018-08-13] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]

FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-11-10] (Adobe Systems Incorporated -> )

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-11-10] (Adobe Systems Incorporated -> )

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-07-04] (RealNetworks, Inc.) [File not signed]

FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-07-04] (RealNetworks, Inc.) [File not signed]

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-06] (Google Inc -> Google LLC)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-06] (Google Inc -> Google LLC)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-3264378072-1544195980-3192037237-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\A Dyjak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)

 

Chrome: 

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxps://plus.google.com/u/0/

CHR StartupUrls: Default -> "hxxps://news.google.co.uk/nwshp?hl=en&ei=zF8eVpmjEIOtU8KkvFg&ved=0CAkQqS4oBw&pog=false"

CHR DefaultSearchKeyword: Default -> hxxp://www.google.co.uk/ig___

CHR Profile: C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default [2019-05-14]

CHR Extension: (AdGuard AdBlocker) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2019-05-09]

CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2019-04-15]

CHR Extension: (Back to Backspace) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldokedgmomhbifmiiogjjkgffhcbaec [2017-11-16]

CHR Extension: (Audio editor & music editor AudioStudio) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfmpaemifkgbnlgcccccnfjjkeiikeie [2019-05-09]

CHR Extension: (Panda Smart Shopping) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcbhdhpamoencpdogjnmnbjddipfkpad [2019-05-13]

CHR Extension: (Google Docs Offline) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-08]

CHR Extension: (Avast Online Security) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-09]

CHR Extension: (Grammarly for Chrome) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-05-14]

CHR Extension: (McAfee SECURE Safe Browsing) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkdiimaiohgpacfbgedcipmgigppaofn [2019-05-09]

CHR Extension: (Google Drawings) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2019-04-13]

CHR Extension: (Chrome Web Store Payments) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-13]

CHR Extension: (English Audio Books - Librivox) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfienbacanaedlmflmbcmcndakahgjd [2015-10-17]

CHR Extension: (Chrome Media Router) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-13]

CHR Profile: C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-17]

CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx

 

==================== Services (Whitelisted) ====================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [92160 2009-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-16] (Electronic Arts, Inc. -> Electronic Arts)

S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-16] (Electronic Arts, Inc. -> Electronic Arts)

S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> )

R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)

R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [246256 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)

R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-02-03] (PC Tools -> PC Tools)

R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000

S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000

S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]

R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

 

===================== Drivers (Whitelisted) ======================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-08-09] (Tages SA -> )

S3 dc3d; C:\Windows\System32\DRIVERS\dc3d.sys [47616 2011-04-08] (Hardware Group Test Cert -> Microsoft Corporation)

R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [320040 2009-08-21] (Broadcom Corporation -> Broadcom Corporation)

S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows ® Codename Longhorn DDK provider)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-08-09] (Tages SA -> )

R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-13] (Malwarebytes Corporation -> Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-05-14] (Malwarebytes Corporation -> Malwarebytes)

R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [111456 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSDNS; C:\Windows\System32\DRIVERS\NNSDns.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [125864 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [133056 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [99680 2018-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Panda Security, S.L.)

R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [150048 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [89296 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [347832 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [291152 2019-03-25] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [296320 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [132544 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)

S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)

R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc. -> Visicom Media Inc.)

S0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [51680 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)

R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [197720 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [159832 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [214616 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146520 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [158808 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [128600 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)

R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)

R3 WUSB54GCv3; C:\Windows\System32\DRIVERS\WUSB54GCv3.sys [797184 2008-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Ralink Technology Corp.)

U1 aswbdisk; no ImagePath

 

==================== NetSvcs (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

 

==================== One month (created) ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2019-05-14 17:36 - 2019-05-14 17:37 - 000034534 _____ C:\Users\A Dyjak\Desktop\FRST.txt

2019-05-14 17:35 - 2019-05-14 17:36 - 000000000 ____D C:\FRST

2019-05-14 17:32 - 2018-01-30 13:05 - 000051680 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PsBoot.sys

2019-05-14 17:31 - 2019-05-14 17:32 - 002434048 ____N (Farbar) C:\Users\A Dyjak\Desktop\FRST64.exe

2019-05-14 17:25 - 2019-05-14 17:25 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys

2019-05-13 17:22 - 2019-05-13 17:23 - 000002210 _____ C:\Users\Public\Desktop\Panda Dome.lnk

2019-05-13 17:22 - 2019-05-13 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome

2019-05-13 17:22 - 2019-05-13 17:22 - 000000000 ____D C:\Program Files (x86)\Panda Security

2019-05-13 17:22 - 2017-05-22 11:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys

2019-05-13 15:37 - 2019-05-13 17:24 - 000000000 ____D C:\Windows\System32\Tasks\Remediation

2019-05-09 18:34 - 2019-05-09 18:34 - 000000000 ____D C:\Program Files\Common Files\AV

2019-05-09 17:25 - 2019-05-09 17:25 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum

 

==================== One month (modified) ========

 

(If an entry is included in the fixlist, the file/folder will be moved.)

 

2019-05-14 17:30 - 2010-06-28 21:33 - 000000000 ____D C:\ProgramData\NVIDIA

2019-05-14 17:29 - 2009-07-14 06:13 - 000783464 _____ C:\Windows\system32\PerfStringBackup.INI

2019-05-14 17:29 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf

2019-05-14 17:25 - 2016-01-23 17:40 - 000000000 ____D C:\Program Files\Panda Security URL Filtering

2019-05-14 17:24 - 2013-03-18 17:49 - 000361824 _____ C:\Windows\system32\FNTCACHE.DAT

2019-05-14 17:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT

2019-05-14 17:23 - 2012-01-15 13:04 - 000000000 ____D C:\ProgramData\Norton

2019-05-13 17:22 - 2015-07-15 12:26 - 000000000 ____D C:\Users\A Dyjak\AppData\Roaming\Panda Security

2019-05-13 17:22 - 2015-07-15 12:22 - 000000000 ____D C:\ProgramData\Panda Security

2019-05-13 17:22 - 2013-03-10 15:58 - 000071208 _____ C:\Users\A Dyjak\AppData\Local\GDIPFONTCACHEV1.DAT

2019-05-13 15:23 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2019-05-13 15:23 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2019-05-09 18:50 - 2019-04-10 12:40 - 000000000 ____D C:\Users\A Dyjak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton

2019-05-09 17:44 - 2018-08-13 12:55 - 000000000 ____D C:\Users\A Dyjak\AppData\Local\AVAST Software

2019-05-09 17:44 - 2011-07-15 15:23 - 000000000 ____D C:\ProgramData\AVAST Software

2019-05-09 17:36 - 2013-07-30 10:38 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2019-04-15 17:59 - 2018-09-14 18:48 - 000004468 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier

2019-04-15 17:59 - 2017-01-07 14:25 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-04-15 17:59 - 2016-09-24 18:39 - 000003742 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-04-15 17:59 - 2016-09-24 18:39 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-04-15 17:59 - 2016-09-24 18:39 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-04-15 17:59 - 2016-09-24 18:39 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-04-15 17:59 - 2016-09-24 18:39 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-04-15 17:59 - 2016-09-24 18:39 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}

2019-04-15 17:59 - 2015-07-26 11:53 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2019-04-15 17:59 - 2015-07-26 11:53 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2019-04-15 17:59 - 2015-07-15 10:47 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

2019-04-15 17:59 - 2012-04-14 13:41 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2019-04-15 17:59 - 2010-07-10 17:06 - 000003542 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask

2019-04-15 17:58 - 2018-08-13 12:54 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software

2019-04-14 10:35 - 2015-12-21 14:55 - 000000000 ____D C:\Users\A Dyjak\AppData\Local\CrashDumps

2019-04-14 10:35 - 2014-05-27 12:36 - 000000000 ____D C:\Users\A Dyjak\AppData\Local\Adobe

 

==================== Files in the root of some directories =======

 

2019-04-10 11:25 - 2019-04-11 08:34 - 000000000 _____ () C:\Users\A Dyjak\AppData\Roaming\MCVi2UserDetail.ini

2013-07-31 14:56 - 2013-12-17 15:56 - 000000095 _____ () C:\Users\A Dyjak\AppData\Roaming\WB.CFG

2013-07-31 14:56 - 2013-12-17 15:56 - 000000006 _____ () C:\Users\A Dyjak\AppData\Roaming\WBPU-TTL.DAT

 

==================== SigCheck ===============================

 

(There is no automatic fix for files that do not pass verification.)

 

 

LastRegBack: 2018-12-05 17:10

==================== End of FRST.txt ============================

[adamdyak875]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05.2019 01

Ran by A Dyjak (14-05-2019 17:38:08)

Running from C:\Users\A Dyjak\Desktop

Windows 7 Home Premium Service Pack 1 (X64) (2010-07-05 14:20:43)

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

A Dyjak (S-1-5-21-3264378072-1544195980-3192037237-1001 - Administrator - Enabled) => C:\Users\A Dyjak

Administrator (S-1-5-21-3264378072-1544195980-3192037237-500 - Administrator - Disabled)

Guest (S-1-5-21-3264378072-1544195980-3192037237-501 - Limited - Disabled) => C:\Users\Guest

HomeGroupUser$ (S-1-5-21-3264378072-1544195980-3192037237-1043 - Limited - Enabled)

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}

 

==================== Installed Programs ======================

 

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)

Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.108 - Adobe Systems Incorporated)

Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)

Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ARCON 3D Home Designer Expert (HKLM-x32\...\{A7FFA07C-144F-409D-9F5C-135B2C73C849}) (Version: 1.00.0000 - Eleco)

Broadcom Management Programs (HKLM\...\{5DB87A63-9420-48CC-9F9A-B8801D38D6B5}) (Version: 12.35.01 - Broadcom Corporation)

D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Backup and Recovery Manager (HKLM\...\{7C7F3A28-70C0-4CA7-AAE1-5AB118823840}) (Version: 1.2.3 - Dell Inc.)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)

Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden

Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden

Grammarly (HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\GrammarlyForWindows) (Version: 1.5.45 - Grammarly)

Grammarly for Microsoft® Office Suite (HKLM\...\{C42F31A9-9B72-4F6A-A28D-82F8BDE5FF3E}) (Version: 6.7.139 - Grammarly) Hidden

Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\{bb18e955-50c6-42a1-9219-168db073252a}) (Version: 6.7.139 - Grammarly)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Macromedia Shockwave Player (HKLM-x32\...\Macromedia Shockwave Player) (Version:  - )

Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)

Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

MS Access 97 SP2 (HKLM-x32\...\MS Access 97 SP2) (Version:  - )

NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)

NVIDIA GeForce Experience 3.2.2.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.2.49 - NVIDIA Corporation)

NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden

NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.0.2.1 - NVIDIA Corporation) Hidden

NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.2 - NVIDIA Corporation) Hidden

Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)

Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden

Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden

Panda Dome (HKLM\...\{4267D299-85AB-4BD5-9D6D-225648567F59}) (Version: 10.07.30 - Panda Security) Hidden

Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.07.03.0000 - Panda Security)

PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)

PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)

Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1201.94 - Trusteer) Hidden

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)

SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden

SL-6555-SBK (HKLM-x32\...\{7AB86D35-DF3B-407F-B43E-468345DABF29}) (Version: 1.00.0000 - GASIA)

swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)

The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)

The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)

The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)

The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)

The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)

The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)

Unity Web Player (HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\A Dyjak\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.139\51285CF134\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)

CustomCLSID: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\A Dyjak\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.139\51285CF134\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File

ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

 

==================== Loaded Modules (Whitelisted) ==============

 

2010-06-28 12:50 - 2010-03-03 19:08 - 000058880 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2019-02-22 19:46 - 2019-02-22 19:46 - 000170496 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ebd8a5f043a644ac17ab173ef4778748\IsdiInterop.ni.dll

2010-06-28 12:50 - 2010-03-03 18:53 - 000280064 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll

2019-02-22 19:46 - 2019-02-22 19:46 - 000176640 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\6dab6aa5661a6da623fec90ec620842d\IAStorDataMgr.ni.dll

2019-02-22 19:46 - 2019-02-22 19:46 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\e86250b65cfaaf70c5bbbc482493e49b\IAStorDataMgrSvc.ni.exe

2019-02-22 19:46 - 2019-02-22 19:46 - 000452608 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\32ff7dbad2975193fe8c2ab36e79e5a6\IAStorUtil.ni.dll

2011-07-16 18:28 - 2011-07-16 18:28 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll

2017-01-07 14:39 - 2016-11-14 10:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll

2019-04-13 08:51 - 2019-04-13 09:55 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll

2018-08-13 11:46 - 2019-04-13 09:55 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

2019-04-13 09:55 - 2019-04-13 09:55 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll

2019-04-13 08:51 - 2019-04-13 09:55 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [234]

 

==================== Safe Mode (Whitelisted) ===================

 

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"

 

==================== Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 03:34 - 2019-02-22 17:52 - 000000843 _____ C:\Windows\system32\drivers\etc\hosts

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared

HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\A Dyjak\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 194.168.4.100 - 194.168.8.100

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

If an entry is included in the fixlist, it will be removed.

 

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: DBRMTray => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe

MSCONFIG\startupreg: GoogleChromeAutoLaunch_D5B33DCE02A0B3B7A3332115FF1D026B => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5

MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"

MSCONFIG\startupreg: Panda Security URL Filtering => "C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe"

MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

MSCONFIG\startupreg: RMAlert => "C:\Program Files (x86)\PC Tools Registry Mechanic\Alert.exe" /PRODUCT=RM /R

MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{6AF1C15C-971E-4EB6-A438-B9B7B95D5485}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{F0C7D3DC-2C73-484F-9D3B-22D003153315}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)

FirewallRules: [{AF468AEE-3E56-4DE3-B500-97552E23D4C4}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{2E0DBF1E-9C1B-4262-9A98-6B42FA378249}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe (CyberLink -> CyberLink Corp.)

FirewallRules: [{8432235F-26B9-4919-A54C-E66CAD3F2ED7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink -> CyberLink Corp.)

FirewallRules: [{C77B4CFD-2295-41B8-9886-AFC4F64A4F9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{F913EFDF-406E-463A-B8CD-A5215112234A}] => (Allow) LPort=2869

FirewallRules: [{3E53E4BE-741E-4FD3-894C-76D9C603D525}] => (Allow) LPort=1900

FirewallRules: [{C5C63C5B-E033-4720-AF9E-2127DBAA1A77}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{6FE53B17-5847-4DF6-9129-6827D7B1DD05}] => (Allow) C:\Program Files (x86)\1701 A.D\1701-AddOn.exe No File

FirewallRules: [{5D9466EE-1954-4826-8CFF-EFC9B416FEFA}] => (Allow) C:\Program Files (x86)\1701 A.D\1701-AddOn.exe No File

FirewallRules: [{D4751FF8-A22A-4181-9643-7276542CC80F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe No File

FirewallRules: [{DFB70C41-9769-4B57-AEC0-37786E7D6425}] => (Allow) C:\Program Files (x86)\Opera\opera.exe No File

FirewallRules: [{8400677F-4868-4EFD-92CC-634B518B2BF9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [TCP Query User{1ECA3872-B425-4D5A-8D71-E8D2BCC206FB}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe No File

FirewallRules: [UDP Query User{08B12271-6F59-483A-B6CD-67621CDA9C79}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe No File

FirewallRules: [{909AB76C-D209-43F1-B957-CB7257370EC3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File

FirewallRules: [{47D4BAEF-AF1E-4840-AFA8-2ECCCE0C65F1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File

FirewallRules: [{60070FE2-EE18-4FF7-AA7D-1894027B7263}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File

FirewallRules: [{C195CA2F-ACB2-40E6-A18C-0AD2B5E38998}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File

FirewallRules: [{AE86A544-965C-4B94-9AF2-F54CBA1973DB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File

FirewallRules: [{68BFAB35-42D9-47D1-B1A6-9B1B384BC3BD}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File

FirewallRules: [{5E0FF8D3-DB6D-46F6-9301-8CF7AD7A7DCD}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe No File

FirewallRules: [{7DC8AFBA-8BAD-4A36-9E25-6D69C07EEFD7}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe No File

FirewallRules: [{C066A170-6425-4F49-8583-7A23B189335E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{E5AE53F0-1ACF-4FF9-A5A6-4C460A6D556F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{6132E497-7800-4A58-A1BD-4D5D158F176B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{5C326AFB-EEF3-4036-B40C-B8349247F6DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{E03130C0-B0B8-424B-A3B6-40531E8292DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{FD9CA847-BB90-4988-A205-B5CDD0B13CED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe No File

FirewallRules: [{6B80C789-CE2D-4B08-9C4A-10018634F86E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe No File

FirewallRules: [{5289590C-343A-4B90-AE77-446266566DDE}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe No File

FirewallRules: [{DCD46C15-9606-48D9-B73F-C7C2844580D9}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe No File

FirewallRules: [{263C5E24-4C96-41DA-B28C-750D260C7DB0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File

FirewallRules: [{83DBDE3D-BADA-4FCC-81FC-124C6300D94F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File

FirewallRules: [{D07FCB72-65C8-456E-87CD-C9A8389D2265}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File

FirewallRules: [{47546A9A-D464-449B-8A4C-FC84999D1EA3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File

FirewallRules: [{BCD138C2-2CB0-4389-B334-7B79F9C9F0C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

 

==================== Restore Points =========================

 

05-12-2018 16:01:04 Windows Update

05-12-2018 16:29:18 Windows Update

22-02-2019 19:06:12 Windows Update

07-04-2019 17:41:31 Windows Update

13-04-2019 09:19:27 Windows Update

13-04-2019 16:00:44 Windows Update

13-05-2019 15:23:22 Windows Update

 

==================== Faulty Device Manager Devices =============

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Teredo Tunneling Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (05/13/2019 03:27:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

 

Error: (05/13/2019 03:13:15 PM) (Source: PerfNet) (EventID: 2005) (User: )

Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.

 

Error: (05/09/2019 05:55:40 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved

 

Error: (05/09/2019 05:30:16 PM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

 

Error: (04/15/2019 04:01:07 PM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).

 

Error: (04/14/2019 10:35:06 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x57c44cc4

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0xff0df613

Faulting process id: 0x1f84

Faulting application start time: 0x01d4f2a54fee3ca9

Faulting application path: C:\Windows\SysWOW64\explorer.exe

Faulting module path: unknown

Report Id: 962b3def-5e98-11e9-bb2f-a4badbfbbb9d

 

Error: (04/11/2019 10:09:31 AM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

 ErrorCode: 14007(0x36b7).

 

Error: (04/10/2019 06:58:20 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Users\A Dyjak\Documents\Downloads\esetsmartinstaller_enu.exe".Error in manifest or policy file "" on line .

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

 

 

System errors:

=============

Error: (05/14/2019 05:32:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 40.

 

Error: (05/14/2019 05:32:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

 

Error: (05/14/2019 05:28:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 40.

 

Error: (05/14/2019 05:28:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

 

Error: (05/14/2019 05:25:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 40.

 

Error: (05/14/2019 05:25:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

 

Error: (05/14/2019 05:25:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 40.

 

Error: (05/14/2019 05:25:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)

Description: The following fatal alert was received: 70.

 

 

Windows Defender:

===================================

Date: 2013-12-23 17:44:00.002

Description: 

Windows Defender has detected spyware or other potentially unwanted software.

For more information please see the following:

http://go.microsoft....threatid=200346

Name:Adware:Win32/Yontoo

ID:200346

Severity:Medium

Category:Adware

Path Found:containerfile:C:\Program Files (x86)\Yontoo\YontooLayers.crx;file:C:\Program Files (x86)\Yontoo\YontooLayers.crx->manifest.json

Detection Type:Concrete

Detection Source:User

Status:Unknown

Process Name:C:\Program Files\Windows Defender\MSASCui.exe

 

Date: 2018-08-13 11:39:25.267

Description: 

Windows Defender Real-Time Protection feature has encountered an error and failed.

Feature:On Access

Error Code:0x80501002

Error description:The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. 

Reason:Real Time Monitoring has stopped functioning for an unknown reason. Restart the service in order to recover.

 

Date: 2015-08-30 14:03:56.140

Description: 

Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.

Signatures Attempted:Current

Error Code:0x80070002

Error description:The system cannot find the file specified. 

Signature version:0.0.0.0

Engine version:0.0.0.0

 

Date: 2015-08-30 14:03:56.128

Description: 

Windows Defender has encountered an error trying to update signatures.

New Signature Version:1.191.4500.0

Previous Signature Version:

Update Source:Signature Update Folder

Signature Type:AntiSpyware

Update Type:Full

Current Engine Version:1.1.7104.0

Previous Engine Version:

Error code:0x80070666

Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

Date: 2015-08-30 14:03:56.127

Description: 

Windows Defender has encountered an error trying to update the engine.

New Engine Version:1.1.7104.0

Previous Engine Version:

Update Source:Signature Update Folder

Error Code:0x80070666

Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 

 

CodeIntegrity:

===================================

 

Date: 2011-05-23 14:19:38.483

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2011-05-23 14:19:38.467

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2011-05-22 17:32:25.073

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2011-05-22 17:32:25.058

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2011-05-21 14:11:13.723

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2011-05-21 14:11:13.692

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2011-05-19 12:56:25.685

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

Date: 2011-05-19 12:56:25.670

Description: 

Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

==================== Memory info =========================== 

 

BIOS: Dell Inc. 2.0.3 03/15/2010

Motherboard: Dell Inc. 054KM3

Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz

Percentage of memory in use: 80%

Total physical RAM: 6103.11 MB

Available physical RAM: 1215.63 MB

Total Virtual: 12204.37 MB

Available Virtual: 6965.83 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:139.31 GB) (Free:13.64 GB) NTFS

 

\\?\Volume{3c808932-82f4-11df-90f8-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:9.59 GB) (Free:4.15 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149 GB) (Disk ID: F0000000)

Partition 1: (Not Active) - (Size=110 MB) - (Type=DE)

Partition 2: (Active) - (Size=9.6 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=139.3 GB) - (Type=07 NTFS)

 

==================== End of Addition.txt ============================

[RKinner]

I don't see any obvious infection.

 

I would uninstall Panda Dome (save any account info if you are paying for it) then reboot.

 

If that doesn't help, right click on Computer and select Manage then Device Manager.  Under Network Adapters find your WiFi adapter.  Right click on it and uninstall.  Do not let it remove the drivers if it asks.  Reboot

 

Windows should reinstall the driver.  You will need to choose your wifi network again and probably put in the password for it again.

 

If that doesn't help then try opening an elevated Command Prompt as before

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 

and type:

netsh  winsock  reset

Hit Enter, wait for the prompt to return and then type:

 

netsh int ipv4 reset res4.log

 

repeat for

 

netsh int ipv6 reset res6.log

 

reboot.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

• Flush DNS
• Report IE Proxy Settings
• Reset IE Proxy Settings
• Report FF Proxy Settings
• Reset FF Proxy Settings
• List content of Hosts
• List IP configuration
• List Winsock Entries
• List last 10 Event Viewer Errors
• List Installed Programs
• List Devices
• List Users, Partitions and Memory size.
• List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

[adamdyak875]

Hi,

 

Thanks for the help I think that everything is sorted. I'm able to connect to the internet via a TP Link.

 

Many Thanks

[adamdyak875]

Hi

 

Sorry to disturb you but how would i close this topic?

 

many thanks