Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

internet down, but i still have max internet signal

internet virus

  • This topic is locked This topic is locked

#1
adamdyak875

adamdyak875

    Member

  • Member
  • PipPip
  • 47 posts

I'm unable to use the internet at all on my desktop but the internet strength is full. Not sure if i have a virus or what.

 

 

My desktop is a Dell Vostro, Intel core i7, Windows 7

 

I have access to the internet on my laptop to download anything but it's missing on my desktop.


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,939 posts
  • MVP

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator.  Then type (with an Enter after each line).
 

ipconfig  /all

What is the IPv4 address?

 

What is the Default Gateway?

(There will be an IPv6 gateway then an IPv4 gateway.  I want the IPv4 gateway that has the form 192.168.1.1)

 

What is the DNS server?

(There will be an IPv6 gateway then an IPv4 gateway.  I want the IPv4 gateway that has the form 192.168.1.1)

 

Now type:

ipconfig  /release
ipconfig  /renew
ipconfig  /all

Do the three items requested above change?

 

Now type:

ping  (Default Gateway)

Replace (Default Gateway) with the IPv4 version of the Default Gateway you found in the last IPCONFIG /ALL:  EXAMPLE 192.168.1.1

 

You should get something like:
 

 

Pinging 192.168.1.254 with 32 bytes of data:
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=4ms TTL=64
Reply from 192.168.1.254: bytes=32 time=5ms TTL=64

Ping statistics for 192.168.1.254:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 4ms, Maximum = 5ms, Average = 4ms

 

 

If that works then

nslookup   geekstogo.com

C:\WINDOWS\system32>nslookup geekstogo.com
Server:  homeportal
Address:  2600:1700:f170:9e00::1

Non-authoritative answer:
Name:    geekstogo.com
Addresses:  104.28.29.94
          104.28.28.94

 

Open a browser (IE, Firefox or Chrome) and type

104.28.29.94

in the URL box then hit Enter.  You should get an Error 1003 from Cloud Flare. 

 

I'll stop now.  Tell me which is the first step that doesn't work.


  • 0

#3
adamdyak875

adamdyak875

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Have tried what was written and these are the results to both your questions and the commands.
===============================================================
 
Microsoft Windows [Version 6.1.7601]
Copyright © 2009 Microsoft Corporation.  All rights reserved.
 
C:\Windows\system32>ipconfig  /all
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : ADyjak-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Compact Wireless-G USB Network Adapter
   Physical Address. . . . . . . . . : 00-23-69-0D-5C-25
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.21(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 13 May 2019 15:12:36
   Lease Expires . . . . . . . . . . : 14 May 2019 17:03:24
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 369107817
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-BA-BF-56-A4-BA-DB-FB-BB-9D
 
   DNS Servers . . . . . . . . . . . : 194.168.4.100
                                       194.168.8.100
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : A4-BA-DB-FB-BB-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
C:\Windows\system32>ipconfig  /release
 
Windows IP Configuration
 
No operation can be performed on Local Area Connection while it has its media di
sconnected.
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13
   Default Gateway . . . . . . . . . :
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
 
C:\Windows\system32>ipconfig  /renew
 
Windows IP Configuration
 
No operation can be performed on Local Area Connection while it has its media di
sconnected.
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . :
   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13
   IPv4 Address. . . . . . . . . . . : 192.168.0.21
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
 
C:\Windows\system32>ipconfig  /all
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : ADyjak-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
 
Wireless LAN adapter Wireless Network Connection 2:
 
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Compact Wireless-G USB Network Adapter
   Physical Address. . . . . . . . . : 00-23-69-0D-5C-25
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::90b8:ba2f:60f3:32d6%13(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.0.21(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : 13 May 2019 17:11:40
   Lease Expires . . . . . . . . . . : 14 May 2019 17:11:40
   Default Gateway . . . . . . . . . : 192.168.0.1
   DHCP Server . . . . . . . . . . . : 192.168.0.1
   DHCPv6 IAID . . . . . . . . . . . : 369107817
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-13-BA-BF-56-A4-BA-DB-FB-BB-9D
 
   DNS Servers . . . . . . . . . . . : 194.168.4.100
                                       194.168.8.100
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Ethernet adapter Local Area Connection:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Broadcom NetLink ™ Gigabit Ethernet
   Physical Address. . . . . . . . . : A4-BA-DB-FB-BB-9D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
C:\Windows\system32>ping 192.169.0.21
 
Pinging 192.169.0.21 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
 
Ping statistics for 192.169.0.21:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
 
C:\Windows\system32>

Edited by adamdyak875, 13 May 2019 - 10:18 AM.

  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,939 posts
  • MVP

Do you have a firewall like Zone Alarm or an antivirus with its own firewall? 

 

Since you can transfer files via the laptop let's run FRST and see if it shows what is going on:

 

  • Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC.  If you don't know if you have a 32 or 64 bit system get them both.  Only one will work and that's the right one.
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Check the Addition.txt box
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here.
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


 


  • 0

#5
adamdyak875

adamdyak875

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05.2019 01
Ran by A Dyjak (administrator) on ADYJAK-PC (Dell Inc. Vostro 430) (14-05-2019 17:36:05)
Running from C:\Users\A Dyjak\Desktop
Loaded Profiles: A Dyjak (Available Profiles: A Dyjak & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe
(Broadcom Corporation -> Broadcom Corp.) C:\Program Files\Broadcom\BPowMon\BPowMon.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAConsole.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Panda Security S.L. -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(PC Tools -> PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(Visicom Media Inc. -> Visicom Media Inc.) C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [153808 2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\...\RunOnce: [panda] => reg.exe delete "HKCU\Software\AppDataLow\Software\panda" /f
HKU\S-1-5-18\...\RunOnce: [panda_XP] => reg.exe delete "HKCU\Software\panda" /f
HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2008-09-04] (Electronic Arts -> On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-09] (Google LLC -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-11-06] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyScripts: Restriction <==== ATTENTION
GroupPolicyScripts-x32: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0397F81A-353B-4639-8CE6-78961B055D41} - \{F30739CD-BD81-4B7C-B386-493979BA79E0} -> No File <==== ATTENTION
Task: {08C98CDC-61C0-4CF9-91FF-3E0301196668} - \{DAEE9E43-CB92-4DE7-824F-FE35363D5A80} -> No File <==== ATTENTION
Task: {0F472DD0-DF38-441C-84C3-7596729B3602} - \{D0761BF3-AFC4-4EC2-80A5-FED7C68CE413} -> No File <==== ATTENTION
Task: {0FE1ACB2-8A93-4FE4-957D-7C5F251646A3} - \SidebarExecute -> No File <==== ATTENTION
Task: {198B03AF-D025-4FAB-9484-4291A6118D9E} - \{AFA7033C-298D-4151-B68E-A2DA18FC45F5} -> No File <==== ATTENTION
Task: {1EFA6694-2F79-4784-BA6C-8DDBB21AA59E} - \RMSmartUpdate -> No File <==== ATTENTION
Task: {2156636C-0C80-4C50-A7C6-C157468C05E4} - \AdobeFlashPlayerUpdate 2 -> No File <==== ATTENTION
Task: {242F46A0-3B63-4551-A7F3-EBF9344BD96B} - \AdobeFlashPlayerUpdate -> No File <==== ATTENTION
Task: {29F9DC69-6BE4-4F2E-BD9C-88473F7A15FD} - \{6B92380B-0DC7-42C2-88E7-76C36747A72C} -> No File <==== ATTENTION
Task: {2A2D53AA-1081-4BF0-B16E-88D51B2A7CE5} - \RealPlayerRealUpgradeScheduledTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION
Task: {379219B4-9A2E-4DBD-A0AB-ECD803B1B19D} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [708152 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {3AAB35E2-B7CF-49D7-889C-94B07A40292F} - \RealUpgradeLogonTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION
Task: {3B150271-1046-4F9E-8113-4CBB66BF7783} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3264378072-1544195980-3192037237-1001
Task: {46EA5CE0-3BE2-4FD6-AC03-C8C6E96A2743} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [631352 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5725F1E1-4172-47F1-B0E9-72FD6BB3590D} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-04-07] (AVAST Software s.r.o. -> AVAST Software)
Task: {5A6D8ED3-CB58-4E07-8E2E-FF4A06F89AE8} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [437816 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5C5743E5-FB18-4A85-8E96-861AA78DE26F} - \RealDownloaderRealUpgradeLogonTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION
Task: {5EFC622D-8972-429A-B504-D2E49419B044} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [708152 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {711F0AC7-81A1-467C-B6B1-0135F5F04338} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [631352 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {769509D9-DE89-446F-BE85-CF602DECF527} - \{7DD592E3-DE39-4891-B09B-53ED70A96821} -> No File <==== ATTENTION
Task: {77B478A3-BA04-4459-B349-3C42A322D8E1} - \Microsoft_Hardware_Launch_IPoint_exe -> No File <==== ATTENTION
Task: {88B1DC26-C658-43FB-A895-9F847E7AE980} - \{53D65DE4-9D28-4F31-AFD0-41E44BDC55E1} -> No File <==== ATTENTION
Task: {89F9C45A-6743-4EF1-AF8D-CFB23B5C9DEA} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [784440 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {8C78B004-0946-478E-849A-817CE2B705E7} - \{63EC310D-2F38-4C81-8B91-5EE2242F43DA} -> No File <==== ATTENTION
Task: {8D02D5EB-9F09-4485-B674-F93B81C974FE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [464440 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9ED12FB4-D57A-45A2-86CE-F7F74CE507ED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)
Task: {A2EE8EBE-A36D-42AD-B576-7670113431D3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2018-11-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {A6B6B643-CAED-4925-8714-A641A9053031} - \{9BF3F5CC-D937-4356-BA62-F57590782532} -> No File <==== ATTENTION
Task: {A7A1C5CA-44F4-45A7-8CCC-310EF94E1DD0} - \{27C4BBC5-E03A-4F4F-9586-668A9413CD6C} -> No File <==== ATTENTION
Task: {AF9DCA96-DFE7-4CA1-88EE-3DAE818201A4} - \RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION
Task: {B80ACD4C-50BC-43E3-8B41-23D45332A9E0} - \{705C60DC-B54B-4D2D-A26D-83F418E6A4B8} -> No File <==== ATTENTION
Task: {C533A0CC-C1C7-4C6F-9227-11C874D570D8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C9E742A9-11AB-45F6-949F-20BFD7870F43} - \RealUpgradeScheduledTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION
Task: {CD241C3F-9793-4554-9C6C-C57E36DCE522} - \RealPlayerRealUpgradeLogonTaskS-1-5-21-3264378072-1544195980-3192037237-1001 -> No File <==== ATTENTION
Task: {CFE29F90-E987-45D7-8DA3-4BD9189C96B9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-10-17] (Google Inc -> Google Inc.)
Task: {D2B1E54A-4209-451D-AFC2-CFACD8EB3FD1} - \{0B9D520B-B4F2-41BA-AF8A-F12EB2D5C04F} -> No File <==== ATTENTION
Task: {E015A95E-4B60-4CE9-B391-D809EAAF6240} - \{BAAE649E-5D6C-425B-AB20-1DC4F13761E3} -> No File <==== ATTENTION
Task: {E622FC44-864A-4078-9FFD-F5D669A4C7A2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [1454592 2018-11-10] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E8A58E59-7FE0-4EC3-9D55-AB5C67A5122A} - \{C6C585E9-9F4C-4AE3-AD1B-89EBBA8B12E1} -> No File <==== ATTENTION
Task: {EEB15C27-B089-455E-ADC5-FFDF2A421F39} - \{B5EC42D0-69A2-482F-B724-4DA4449EE018} -> No File <==== ATTENTION
Task: {F37E076B-98C8-458A-81EA-61246F0464C2} - \{3CD1F665-349F-4795-B922-3C69217E23A3} -> No File <==== ATTENTION
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{976C883F-2501-4100-94F8-2C2DE9D044F4}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{ADB328DF-2596-4E12-8258-495DFECAD877}: [DhcpNameServer] 192.168.2.1
 
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.yahoo.com?fr=hp-avast&type=avastbcl
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://uk.yahoo.com/?fr=hp-avast&type=avastbcl
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
URLSearchHook: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
SearchScopes: HKLM -> DefaultScope {03C94B17-8EC0-42A1-A021-82549C143946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {03C94B17-8EC0-42A1-A021-82549C143946} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {3EC59E45-838C-4A14-8587-EA3A9CE12EDF} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> DefaultScope {7226ABBB-809B-47E5-AB7B-3245F2E5E972} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20140911&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {03C94B17-8EC0-42A1-A021-82549C143946} URL = 
SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {3EC59E45-838C-4A14-8587-EA3A9CE12EDF} URL = 
SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {7226ABBB-809B-47E5-AB7B-3245F2E5E972} URL = hxxps://uk.search.yahoo.com/search?fr=mcafee&type=B010GB0D20140911&p={SearchTerms}
SearchScopes: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxp://uk.yhs4.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll => No File
BHO-x32: No Name -> {51a86bb3-6602-4c85-92a5-130ee4864f13} -> No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Panda Safe Web -> {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} -> C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll => No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx64.dll No File
Toolbar: HKLM-x32 - No Name - {51a86bb3-6602-4c85-92a5-130ee4864f13} -  No File
Toolbar: HKLM-x32 - Panda Safe Web - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File
Toolbar: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001 -> No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File
 
FireFox:
========
FF ProfilePath: C:\Users\A Dyjak\AppData\Roaming\Netscape\Navigator\Profiles\5rwpib19.default [2012-08-14]
FF Extension: (No Name) - C:\Program Files (x86)\Netscape\Navigator 9\extensions\{3EC9C995-8072-4fc0-953E-4F30620D17F3} [not found]
FF ProfilePath: C:\Users\A Dyjak\AppData\Roaming\Mozilla\Firefox\Profiles\lyt5Ta2b.default [2018-08-13]
FF Extension: (Avira Browser Safety) - C:\Users\A Dyjak\AppData\Roaming\Mozilla\Firefox\Profiles\lyt5Ta2b.default\Extensions\[email protected] [2018-08-13] [hxxps://download.avira.com/package/absnooffers/firefox/update_webext_no_offers.rdf]
FF Extension: (Avira Password Manager) - C:\Users\A Dyjak\AppData\Roaming\Mozilla\Firefox\Profiles\lyt5Ta2b.default\Extensions\[email protected] [2018-08-13] [hxxps://s3.eu-central-1.amazonaws.com/avira-pwm-extensions/update.rdf]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-11-10] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-11-10] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.) [File not signed]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-07-04] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.5.109 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-07-04] (RealNetworks, Inc.) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-06] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-04-06] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3264378072-1544195980-3192037237-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\A Dyjak\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)
 
Chrome: 
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://plus.google.com/u/0/
CHR StartupUrls: Default -> "hxxps://news.google.co.uk/nwshp?hl=en&ei=zF8eVpmjEIOtU8KkvFg&ved=0CAkQqS4oBw&pog=false"
CHR DefaultSearchKeyword: Default -> hxxp://www.google.co.uk/ig___
CHR Profile: C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default [2019-05-14]
CHR Extension: (AdGuard AdBlocker) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2019-05-09]
CHR Extension: (WOT Web of Trust, Website Reputation Ratings) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2019-04-15]
CHR Extension: (Back to Backspace) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\cldokedgmomhbifmiiogjjkgffhcbaec [2017-11-16]
CHR Extension: (Audio editor & music editor AudioStudio) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfmpaemifkgbnlgcccccnfjjkeiikeie [2019-05-09]
CHR Extension: (Panda Smart Shopping) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcbhdhpamoencpdogjnmnbjddipfkpad [2019-05-13]
CHR Extension: (Google Docs Offline) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-08]
CHR Extension: (Avast Online Security) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2019-05-09]
CHR Extension: (Grammarly for Chrome) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-05-14]
CHR Extension: (McAfee SECURE Safe Browsing) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkdiimaiohgpacfbgedcipmgigppaofn [2019-05-09]
CHR Extension: (Google Drawings) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2019-04-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-13]
CHR Extension: (English Audio Books - Librivox) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\npfienbacanaedlmflmbcmcndakahgjd [2015-10-17]
CHR Extension: (Chrome Media Router) - C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-13]
CHR Profile: C:\Users\A Dyjak\AppData\Local\Google\Chrome\User Data\System Profile [2018-08-17]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fcbhdhpamoencpdogjnmnbjddipfkpad] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [92160 2009-03-31] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109536 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123104 2017-11-16] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3002728 2017-11-16] (Electronic Arts, Inc. -> Electronic Arts)
S3 Panda VPN Service; C:\Program Files (x86)\Panda Security\Panda Security Protection\Hydra.Sdk.Windows.Service.exe [320848 2017-11-20] (AnchorFree Inc -> )
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [84176 2019-02-19] (Panda Security S.L. -> Panda Security, S.L.)
R2 panda_url_filtering; C:\Program Files\Panda Security URL Filtering\Panda_URL_Filteringb.exe [246256 2016-11-22] (Visicom Media Inc. -> Visicom Media Inc.)
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [793048 2012-02-03] (PC Tools -> PC Tools)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
S2 NVIDIA Wireless Controller Service; "C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe" [X]
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-08-09] (Tages SA -> )
S3 dc3d; C:\Windows\System32\DRIVERS\dc3d.sys [47616 2011-04-08] (Hardware Group Test Cert -> Microsoft Corporation)
R3 k57nd60a; C:\Windows\System32\DRIVERS\k57nd60a.sys [320040 2009-08-21] (Broadcom Corporation -> Broadcom Corporation)
S3 KMWDFILTER; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows ® Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-08-09] (Tages SA -> )
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-13] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-05-14] (Malwarebytes Corporation -> Malwarebytes)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [111456 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSDNS; C:\Windows\System32\DRIVERS\NNSDns.sys [104728 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [212360 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [125864 2019-03-06] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [133056 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\System32\DRIVERS\NNSNAHSL.sys [99680 2018-07-25] (Microsoft Windows Hardware Compatibility Publisher -> Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [150048 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [89296 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [135640 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [347832 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [291152 2019-03-25] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [123304 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [296320 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [132544 2019-03-05] (Panda Security S.L. -> Panda Security, S.L.)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [29240 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47672 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [59448 2017-01-06] (NVIDIA Corporation -> NVIDIA Corporation)
R3 panda_url_filteringd; C:\Program Files\Panda Security URL Filtering\panda_url_filteringd.sys [51288 2014-03-19] (Visicom Media Inc. -> Visicom Media Inc.)
S0 PsBoot; C:\Windows\System32\Drivers\PsBoot.sys [51680 2018-01-30] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [197720 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [159832 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [214616 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [146520 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [158808 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [128600 2019-03-04] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72280 2017-05-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 WUSB54GCv3; C:\Windows\System32\DRIVERS\WUSB54GCv3.sys [797184 2008-12-04] (Microsoft Windows Hardware Compatibility Publisher -> Ralink Technology Corp.)
U1 aswbdisk; no ImagePath
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-14 17:36 - 2019-05-14 17:37 - 000034534 _____ C:\Users\A Dyjak\Desktop\FRST.txt
2019-05-14 17:35 - 2019-05-14 17:36 - 000000000 ____D C:\FRST
2019-05-14 17:32 - 2018-01-30 13:05 - 000051680 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PsBoot.sys
2019-05-14 17:31 - 2019-05-14 17:32 - 002434048 ____N (Farbar) C:\Users\A Dyjak\Desktop\FRST64.exe
2019-05-14 17:25 - 2019-05-14 17:25 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-13 17:22 - 2019-05-13 17:23 - 000002210 _____ C:\Users\Public\Desktop\Panda Dome.lnk
2019-05-13 17:22 - 2019-05-13 17:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Dome
2019-05-13 17:22 - 2019-05-13 17:22 - 000000000 ____D C:\Program Files (x86)\Panda Security
2019-05-13 17:22 - 2017-05-22 11:29 - 000072280 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2019-05-13 15:37 - 2019-05-13 17:24 - 000000000 ____D C:\Windows\System32\Tasks\Remediation
2019-05-09 18:34 - 2019-05-09 18:34 - 000000000 ____D C:\Program Files\Common Files\AV
2019-05-09 17:25 - 2019-05-09 17:25 - 000000077 _____ C:\Windows\system32\Drivers\aswSP.sys.sum
 
==================== One month (modified) ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2019-05-14 17:30 - 2010-06-28 21:33 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-14 17:29 - 2009-07-14 06:13 - 000783464 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-14 17:29 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-05-14 17:25 - 2016-01-23 17:40 - 000000000 ____D C:\Program Files\Panda Security URL Filtering
2019-05-14 17:24 - 2013-03-18 17:49 - 000361824 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-14 17:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-14 17:23 - 2012-01-15 13:04 - 000000000 ____D C:\ProgramData\Norton
2019-05-13 17:22 - 2015-07-15 12:26 - 000000000 ____D C:\Users\A Dyjak\AppData\Roaming\Panda Security
2019-05-13 17:22 - 2015-07-15 12:22 - 000000000 ____D C:\ProgramData\Panda Security
2019-05-13 17:22 - 2013-03-10 15:58 - 000071208 _____ C:\Users\A Dyjak\AppData\Local\GDIPFONTCACHEV1.DAT
2019-05-13 15:23 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-05-13 15:23 - 2009-07-14 05:45 - 000022464 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-05-09 18:50 - 2019-04-10 12:40 - 000000000 ____D C:\Users\A Dyjak\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2019-05-09 17:44 - 2018-08-13 12:55 - 000000000 ____D C:\Users\A Dyjak\AppData\Local\AVAST Software
2019-05-09 17:44 - 2011-07-15 15:23 - 000000000 ____D C:\ProgramData\AVAST Software
2019-05-09 17:36 - 2013-07-30 10:38 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-15 17:59 - 2018-09-14 18:48 - 000004468 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-04-15 17:59 - 2017-01-07 14:25 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-15 17:59 - 2016-09-24 18:39 - 000003742 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-15 17:59 - 2016-09-24 18:39 - 000003738 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-15 17:59 - 2016-09-24 18:39 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-15 17:59 - 2016-09-24 18:39 - 000003730 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-15 17:59 - 2016-09-24 18:39 - 000003554 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-15 17:59 - 2016-09-24 18:39 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2019-04-15 17:59 - 2015-07-26 11:53 - 000003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-04-15 17:59 - 2015-07-26 11:53 - 000003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-04-15 17:59 - 2015-07-15 10:47 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-04-15 17:59 - 2012-04-14 13:41 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-04-15 17:59 - 2010-07-10 17:06 - 000003542 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2019-04-15 17:58 - 2018-08-13 12:54 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software
2019-04-14 10:35 - 2015-12-21 14:55 - 000000000 ____D C:\Users\A Dyjak\AppData\Local\CrashDumps
2019-04-14 10:35 - 2014-05-27 12:36 - 000000000 ____D C:\Users\A Dyjak\AppData\Local\Adobe
 
==================== Files in the root of some directories =======
 
2019-04-10 11:25 - 2019-04-11 08:34 - 000000000 _____ () C:\Users\A Dyjak\AppData\Roaming\MCVi2UserDetail.ini
2013-07-31 14:56 - 2013-12-17 15:56 - 000000095 _____ () C:\Users\A Dyjak\AppData\Roaming\WB.CFG
2013-07-31 14:56 - 2013-12-17 15:56 - 000000006 _____ () C:\Users\A Dyjak\AppData\Roaming\WBPU-TTL.DAT
 
==================== SigCheck ===============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2018-12-05 17:10
==================== End of FRST.txt ============================

  • 0

#6
adamdyak875

adamdyak875

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05.2019 01
Ran by A Dyjak (14-05-2019 17:38:08)
Running from C:\Users\A Dyjak\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2010-07-05 14:20:43)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
A Dyjak (S-1-5-21-3264378072-1544195980-3192037237-1001 - Administrator - Enabled) => C:\Users\A Dyjak
Administrator (S-1-5-21-3264378072-1544195980-3192037237-500 - Administrator - Disabled)
Guest (S-1-5-21-3264378072-1544195980-3192037237-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-3264378072-1544195980-3192037237-1043 - Limited - Enabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Panda Dome (Disabled - Up to date) {CF440CD9-5435-10B1-04E0-7768B6F10320}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Dome (Disabled - Up to date) {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 31.0.0.96 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARCON 3D Home Designer Expert (HKLM-x32\...\{A7FFA07C-144F-409D-9F5C-135B2C73C849}) (Version: 1.00.0000 - Eleco)
Broadcom Management Programs (HKLM\...\{5DB87A63-9420-48CC-9F9A-B8801D38D6B5}) (Version: 12.35.01 - Broadcom Corporation)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{7C7F3A28-70C0-4CA7-AAE1-5AB118823840}) (Version: 1.2.3 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Grammarly (HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\GrammarlyForWindows) (Version: 1.5.45 - Grammarly)
Grammarly for Microsoft® Office Suite (HKLM\...\{C42F31A9-9B72-4F6A-A28D-82F8BDE5FF3E}) (Version: 6.7.139 - Grammarly) Hidden
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\{bb18e955-50c6-42a1-9219-168db073252a}) (Version: 6.7.139 - Grammarly)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Macromedia Shockwave Player (HKLM-x32\...\Macromedia Shockwave Player) (Version:  - )
Malwarebytes version 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM-x32\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.1 (HKLM\...\Microsoft IntelliPoint 8.1) (Version: 8.15.406.0 - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MS Access 97 SP2 (HKLM-x32\...\MS Access 97 SP2) (Version:  - )
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.2.2.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.2.2.49 - NVIDIA Corporation)
NVIDIA Graphics Driver 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.0.2.1 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.2 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
Panda Devices Agent (HKLM-x32\...\{DB0164A2-ADE9-4FEE-B080-D506BDD6427F}) (Version: 1.08.09 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.09 - Panda Security) Hidden
Panda Dome (HKLM\...\{4267D299-85AB-4BD5-9D6D-225648567F59}) (Version: 10.07.30 - Panda Security) Hidden
Panda Dome (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 18.07.03.0000 - Panda Security)
PC Tools Registry Mechanic 11.0 (HKLM-x32\...\Registry Mechanic_is1) (Version: 11.0 - PC Tools)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.3.5424 - CyberLink Corp.)
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1201.94 - Trusteer) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5919 - Realtek Semiconductor Corp.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.2.2.49 - NVIDIA Corporation) Hidden
SL-6555-SBK (HKLM-x32\...\{7AB86D35-DF3B-407F-B43E-468345DABF29}) (Version: 1.00.0000 - GASIA)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Unity Web Player (HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\A Dyjak\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.139\51285CF134\GrammarlyShim64.dll (Grammarly, Inc. -> CompanyName)
CustomCLSID: HKU\S-1-5-21-3264378072-1544195980-3192037237-1001_Classes\CLSID\{4BE56754-B616-4998-B825-D16983AEE1B2}\InprocServer32 -> C:\Users\A Dyjak\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.7.139\51285CF134\Grammarly.AddIn.Connect.ActiveX.dll (Grammarly, Inc. -> Grammarly)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers5: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2018-12-19] (Panda Security S.L. -> Panda Security, S.L.)
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2010-06-28 12:50 - 2010-03-03 19:08 - 000058880 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2019-02-22 19:46 - 2019-02-22 19:46 - 000170496 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ebd8a5f043a644ac17ab173ef4778748\IsdiInterop.ni.dll
2010-06-28 12:50 - 2010-03-03 18:53 - 000280064 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\ISDI.dll
2019-02-22 19:46 - 2019-02-22 19:46 - 000176640 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\6dab6aa5661a6da623fec90ec620842d\IAStorDataMgr.ni.dll
2019-02-22 19:46 - 2019-02-22 19:46 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\e86250b65cfaaf70c5bbbc482493e49b\IAStorDataMgrSvc.ni.exe
2019-02-22 19:46 - 2019-02-22 19:46 - 000452608 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\32ff7dbad2975193fe8c2ab36e79e5a6\IAStorUtil.ni.dll
2011-07-16 18:28 - 2011-07-16 18:28 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2017-01-07 14:39 - 2016-11-14 10:45 - 001408200 _____ (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-13 08:51 - 2019-04-13 09:55 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2018-08-13 11:46 - 2019-04-13 09:55 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-13 09:55 - 2019-04-13 09:55 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-13 08:51 - 2019-04-13 09:55 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [234]
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2019-02-22 17:52 - 000000843 _____ C:\Windows\system32\drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-3264378072-1544195980-3192037237-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\A Dyjak\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
If an entry is included in the fixlist, it will be removed.
 
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DBRMTray => C:\Dell\DBRM\Reminder\DbrmTrayIcon.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_D5B33DCE02A0B3B7A3332115FF1D026B => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: Panda Security URL Filtering => "C:\Program Files\Panda Security URL Filtering\Panda_URL_Filtering.exe"
MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
MSCONFIG\startupreg: RMAlert => "C:\Program Files (x86)\PC Tools Registry Mechanic\Alert.exe" /PRODUCT=RM /R
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SSDMonitor => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{6AF1C15C-971E-4EB6-A438-B9B7B95D5485}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F0C7D3DC-2C73-484F-9D3B-22D003153315}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{AF468AEE-3E56-4DE3-B500-97552E23D4C4}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2E0DBF1E-9C1B-4262-9A98-6B42FA378249}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PowerDVD.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{8432235F-26B9-4919-A54C-E66CAD3F2ED7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink -> CyberLink Corp.)
FirewallRules: [{C77B4CFD-2295-41B8-9886-AFC4F64A4F9F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F913EFDF-406E-463A-B8CD-A5215112234A}] => (Allow) LPort=2869
FirewallRules: [{3E53E4BE-741E-4FD3-894C-76D9C603D525}] => (Allow) LPort=1900
FirewallRules: [{C5C63C5B-E033-4720-AF9E-2127DBAA1A77}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6FE53B17-5847-4DF6-9129-6827D7B1DD05}] => (Allow) C:\Program Files (x86)\1701 A.D\1701-AddOn.exe No File
FirewallRules: [{5D9466EE-1954-4826-8CFF-EFC9B416FEFA}] => (Allow) C:\Program Files (x86)\1701 A.D\1701-AddOn.exe No File
FirewallRules: [{D4751FF8-A22A-4181-9643-7276542CC80F}] => (Allow) C:\Program Files (x86)\Opera\opera.exe No File
FirewallRules: [{DFB70C41-9769-4B57-AEC0-37786E7D6425}] => (Allow) C:\Program Files (x86)\Opera\opera.exe No File
FirewallRules: [{8400677F-4868-4EFD-92CC-634B518B2BF9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{1ECA3872-B425-4D5A-8D71-E8D2BCC206FB}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe No File
FirewallRules: [UDP Query User{08B12271-6F59-483A-B6CD-67621CDA9C79}C:\program files (x86)\electronic arts\eadm\core.exe] => (Allow) C:\program files (x86)\electronic arts\eadm\core.exe No File
FirewallRules: [{909AB76C-D209-43F1-B957-CB7257370EC3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{47D4BAEF-AF1E-4840-AFA8-2ECCCE0C65F1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{60070FE2-EE18-4FF7-AA7D-1894027B7263}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{C195CA2F-ACB2-40E6-A18C-0AD2B5E38998}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe No File
FirewallRules: [{AE86A544-965C-4B94-9AF2-F54CBA1973DB}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{68BFAB35-42D9-47D1-B1A6-9B1B384BC3BD}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe No File
FirewallRules: [{5E0FF8D3-DB6D-46F6-9301-8CF7AD7A7DCD}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe No File
FirewallRules: [{7DC8AFBA-8BAD-4A36-9E25-6D69C07EEFD7}] => (Allow) C:\Program Files (x86)\pandasecuritytb\dtuser.exe No File
FirewallRules: [{C066A170-6425-4F49-8583-7A23B189335E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E5AE53F0-1ACF-4FF9-A5A6-4C460A6D556F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{6132E497-7800-4A58-A1BD-4D5D158F176B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5C326AFB-EEF3-4036-B40C-B8349247F6DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E03130C0-B0B8-424B-A3B6-40531E8292DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FD9CA847-BB90-4988-A205-B5CDD0B13CED}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe No File
FirewallRules: [{6B80C789-CE2D-4B08-9C4A-10018634F86E}] => (Allow) C:\Program Files (x86)\pandasecuritytb\cleanupie.exe No File
FirewallRules: [{5289590C-343A-4B90-AE77-446266566DDE}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe No File
FirewallRules: [{DCD46C15-9606-48D9-B73F-C7C2844580D9}] => (Allow) C:\Program Files (x86)\pandasecuritytb\ToolbarCleaner.exe No File
FirewallRules: [{263C5E24-4C96-41DA-B28C-750D260C7DB0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{83DBDE3D-BADA-4FCC-81FC-124C6300D94F}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{D07FCB72-65C8-456E-87CD-C9A8389D2265}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{47546A9A-D464-449B-8A4C-FC84999D1EA3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe No File
FirewallRules: [{BCD138C2-2CB0-4389-B334-7B79F9C9F0C2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
 
==================== Restore Points =========================
 
05-12-2018 16:01:04 Windows Update
05-12-2018 16:29:18 Windows Update
22-02-2019 19:06:12 Windows Update
07-04-2019 17:41:31 Windows Update
13-04-2019 09:19:27 Windows Update
13-04-2019 16:00:44 Windows Update
13-05-2019 15:23:22 Windows Update
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/13/2019 03:27:03 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (05/13/2019 03:13:15 PM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data for the Server service. The first four bytes (DWORD) of the Data section contains the status code, the second four bytes contains the IOSB.Status and the next four bytes contains the IOSB.Information.
 
Error: (05/09/2019 05:55:40 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: The server name or address could not be resolved
 
Error: (05/09/2019 05:30:16 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (04/15/2019 04:01:07 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: The backup did not complete because of an error writing to the backup location E:\. The error is: The backup location cannot be found or is not valid. Review your backup settings and check the backup location. (0x81000006).
 
Error: (04/14/2019 10:35:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.23537, time stamp: 0x57c44cc4
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0xff0df613
Faulting process id: 0x1f84
Faulting application start time: 0x01d4f2a54fee3ca9
Faulting application path: C:\Windows\SysWOW64\explorer.exe
Faulting module path: unknown
Report Id: 962b3def-5e98-11e9-bb2f-a4badbfbbb9d
 
Error: (04/11/2019 10:09:31 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
Error: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.
 ErrorCode: 14007(0x36b7).
 
Error: (04/10/2019 06:58:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Users\A Dyjak\Documents\Downloads\esetsmartinstaller_enu.exe".Error in manifest or policy file "" on line .
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
 
 
System errors:
=============
Error: (05/14/2019 05:32:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (05/14/2019 05:32:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (05/14/2019 05:28:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (05/14/2019 05:28:35 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (05/14/2019 05:25:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (05/14/2019 05:25:53 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (05/14/2019 05:25:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (05/14/2019 05:25:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
 
Windows Defender:
===================================
Date: 2013-12-23 17:44:00.002
Description: 
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
Name:Adware:Win32/Yontoo
ID:200346
Severity:Medium
Category:Adware
Path Found:containerfile:C:\Program Files (x86)\Yontoo\YontooLayers.crx;file:C:\Program Files (x86)\Yontoo\YontooLayers.crx->manifest.json
Detection Type:Concrete
Detection Source:User
Status:Unknown
Process Name:C:\Program Files\Windows Defender\MSASCui.exe
 
Date: 2018-08-13 11:39:25.267
Description: 
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature:On Access
Error Code:0x80501002
Error description:The program can't find definition files that help detect unwanted software. Check for updates to the definition files, and then try again. For information on installing updates, see Help and Support. 
Reason:Real Time Monitoring has stopped functioning for an unknown reason. Restart the service in order to recover.
 
Date: 2015-08-30 14:03:56.140
Description: 
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070002
Error description:The system cannot find the file specified. 
Signature version:0.0.0.0
Engine version:0.0.0.0
 
Date: 2015-08-30 14:03:56.128
Description: 
Windows Defender has encountered an error trying to update signatures.
New Signature Version:1.191.4500.0
Previous Signature Version:
Update Source:Signature Update Folder
Signature Type:AntiSpyware
Update Type:Full
Current Engine Version:1.1.7104.0
Previous Engine Version:
Error code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
Date: 2015-08-30 14:03:56.127
Description: 
Windows Defender has encountered an error trying to update the engine.
New Engine Version:1.1.7104.0
Previous Engine Version:
Update Source:Signature Update Folder
Error Code:0x80070666
Error description:Another version of this product is already installed. Installation of this version cannot continue. To configure or remove the existing version of this product, use Add/Remove Programs on the Control Panel. 
 
CodeIntegrity:
===================================
 
Date: 2011-05-23 14:19:38.483
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2011-05-23 14:19:38.467
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2011-05-22 17:32:25.073
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2011-05-22 17:32:25.058
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2011-05-21 14:11:13.723
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2011-05-21 14:11:13.692
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2011-05-19 12:56:25.685
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
Date: 2011-05-19 12:56:25.670
Description: 
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ProgramData\Trusteer\Rapport\store\exts\RapportMS\19514\RapportIaso.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
==================== Memory info =========================== 
 
BIOS: Dell Inc. 2.0.3 03/15/2010
Motherboard: Dell Inc. 054KM3
Processor: Intel® Core™ i7 CPU 860 @ 2.80GHz
Percentage of memory in use: 80%
Total physical RAM: 6103.11 MB
Available physical RAM: 1215.63 MB
Total Virtual: 12204.37 MB
Available Virtual: 6965.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:139.31 GB) (Free:13.64 GB) NTFS
 
\\?\Volume{3c808932-82f4-11df-90f8-806e6f6e6963}\ (RECOVERY) (Fixed) (Total:9.59 GB) (Free:4.15 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 149 GB) (Disk ID: F0000000)
Partition 1: (Not Active) - (Size=110 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=139.3 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================

  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 21,939 posts
  • MVP

I don't see any obvious infection.

 

I would uninstall Panda Dome (save any account info if you are paying for it) then reboot.

 

If that doesn't help, right click on Computer and select Manage then Device Manager.  Under Network Adapters find your WiFi adapter.  Right click on it and uninstall.  Do not let it remove the drivers if it asks.  Reboot

 

Windows should reinstall the driver.  You will need to choose your wifi network again and probably put in the password for it again.

 

If that doesn't help then try opening an elevated Command Prompt as before

Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 

and type:

netsh  winsock  reset

Hit Enter, wait for the prompt to return and then type:

 

netsh int ipv4 reset res4.log

 

repeat for

 

netsh int ipv6 reset res6.log

 

reboot.

 

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer Errors
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


  • 0

#8
adamdyak875

adamdyak875

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi,

 

Thanks for the help I think that everything is sorted. I'm able to connect to the internet via a TP Link.

 

Many Thanks


  • 0

#9
adamdyak875

adamdyak875

    Member

  • Topic Starter
  • Member
  • PipPip
  • 47 posts

Hi

 

Sorry to disturb you but how would i close this topic?

 

many thanks


  • 0






Similar Topics


Also tagged with one or more of these keywords: internet, virus

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP