Here are FRST logs
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by Rena (administrator) on TOSH (TOSHIBA SATELLITE C50-A-157) (25-02-2021 19:53:08)
Running from E:\Rena
Loaded Profiles: Rena
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: IE
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> ) C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [CL-25-051C8C5C-80EE-4596-92A8-8DC0E50F73D7] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-25-051C8C5C-80EE-4596-92A8-8DC0E50F73D7\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-25-051C8C5C-80EE-4596-92A8-8DC0E50 (the data entry has 7 more characters).
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [116960 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.) [File not signed]
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [File not signed]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP460: C:\WINDOWS\system32\CNMLM81.DLL [235520 2008-04-03] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [87152 2012-10-04] (Acro Software Inc -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {38379ACB-BD0D-4662-AC1A-622A865E3BBA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {62302DCB-5ABB-4B01-9E33-4A4297EF9042} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {94113DAE-5AF6-41F2-9112-6F1DB4BBC23E} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [654440 2013-03-19] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {B09D457D-4ECD-4215-A690-337F62C105F2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C1065AF7-FB27-4852-8853-5085C9532645} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
Task: {C7091753-EA4B-4124-971E-461DDC5534B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {CF4D8109-8321-4BB3-B5C3-7DEAB000322B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2117757934-2563609367-1956778120-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-29] (Microsoft Windows -> Microsoft)
Task: {E2604A69-4A3B-4848-A270-8501E1097112} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-24] (Avast Software s.r.o. -> Avast Software)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.132.1
Tcpip\..\Interfaces\{794DB99B-A736-4151-AF3D-3A33C40C313E}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9783D14C-5110-47DD-AA37-8387218D8EFB}: [DhcpNameServer] 192.168.132.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-20]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-02-07]
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7878680 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621608 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [352480 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] (DTS, Inc. -> )
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows ® Codename Longhorn DDK provider)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [546304 2013-04-25] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [33168 2013-11-01] (TOSHIBA CORPORATION -> Windows ® Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-24 20:59 - 2021-02-24 20:59 - 000000000 ____D C:\Users\Rena\AppData\Roaming\Avast Software
2021-02-24 20:58 - 2021-02-24 20:58 - 000003910 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-24 20:58 - 2021-02-24 20:58 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-02-24 20:58 - 2021-02-24 20:58 - 000001949 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-02-24 20:58 - 2021-02-24 20:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-24 20:58 - 2021-02-24 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-02-24 20:58 - 2021-02-24 20:57 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-24 20:57 - 2021-02-24 20:58 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-24 20:57 - 2021-02-24 20:58 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-02-24 20:57 - 2021-02-24 20:56 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-24 20:57 - 2021-02-24 20:56 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-24 20:57 - 2021-02-24 20:56 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-24 20:57 - 2021-02-24 20:56 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-24 20:55 - 2021-02-24 20:55 - 000000000 ____D C:\Program Files\Avast Software
2021-02-24 20:51 - 2021-02-25 00:03 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-24 20:48 - 2021-02-24 20:48 - 000074300 _____ C:\ProgramData\agent.uninstall.1614199679.bdinstall.v2.bin
2021-02-24 20:47 - 2021-02-24 20:47 - 000099084 _____ C:\ProgramData\vpn.uninstall.1614199218.bdinstall.v2.bin
2021-02-24 20:36 - 2021-02-24 20:36 - 000387732 _____ C:\ProgramData\cl.uninstall.1614198681.bdinstall.v2.bin
2021-02-20 18:05 - 2021-02-20 18:05 - 000196796 _____ C:\ProgramData\vpn.1613844277.bdinstall.v2.bin
2021-02-20 18:05 - 2021-02-20 17:55 - 000000330 _____ C:\Users\Rena\Desktop\bth.reg
2021-02-20 17:34 - 2021-02-20 17:34 - 000782180 _____ C:\ProgramData\cl.1613841720.bdinstall.v2.bin
2021-02-20 17:34 - 2021-02-20 17:34 - 000102440 _____ C:\ProgramData\cl.kit.1613841700.bdinstall.v2.bin
2021-02-20 17:18 - 2021-02-20 17:18 - 000118564 _____ C:\ProgramData\agent.1613841522.bdinstall.v2.bin
2021-02-20 17:17 - 2021-02-20 17:18 - 013568464 _____ C:\Users\Rena\Downloads\bitdefender_windows_2dd4f12c-06c6-410c-bb6c-3fbc0d668e57.exe
2021-02-14 16:38 - 2021-02-14 16:38 - 000000000 ____D C:\Users\Rena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView
2021-02-14 16:38 - 2021-02-14 16:38 - 000000000 ____D C:\Program Files (x86)\NirSoft
2021-02-14 16:38 - 2021-02-14 16:26 - 000158728 _____ C:\Users\Rena\Desktop\shexview_setup.exe
2021-02-10 12:51 - 2021-02-24 20:22 - 000015366 _____ C:\VEW.txt
2021-02-10 12:50 - 2021-02-10 09:19 - 000061440 _____ ( ) C:\Users\Rena\Desktop\VEW.exe
2021-02-10 10:08 - 2021-02-10 10:08 - 000004014 _____ C:\Users\Rena\Desktop\Hardware Interrupts and DPCs3.TXT
2021-02-10 10:01 - 2021-02-10 10:01 - 000004068 _____ C:\Users\Rena\Desktop\Hardware Interrupts and DPCs2.TXT
2021-02-10 09:45 - 2021-02-10 09:45 - 000004010 _____ C:\Users\Rena\Desktop\Hardware Interrupts and DPCs.txt
2021-02-09 23:16 - 2021-02-09 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-02-09 23:16 - 2021-02-09 23:16 - 000000000 ____D C:\Program Files\LatencyMon
2021-02-09 23:16 - 2020-08-21 09:36 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-02-09 23:15 - 2021-02-09 22:46 - 002252096 _____ (Resplendence Software Projects Sp. ) C:\Users\Rena\Desktop\LatencyMon.exe
2021-02-09 23:01 - 2021-02-09 23:01 - 000000819 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-02-09 23:01 - 2021-02-09 23:01 - 000000819 _____ C:\ProgramData\Desktop\Speccy.lnk
2021-02-09 23:01 - 2021-02-09 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-02-09 23:01 - 2021-02-09 23:01 - 000000000 ____D C:\Program Files\Speccy
2021-02-09 22:59 - 2021-02-09 23:00 - 000005186 _____ C:\junk.txt
2021-02-09 22:55 - 2021-02-09 22:40 - 002798456 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rena\Desktop\procexp.exe
2021-02-09 21:48 - 2021-01-12 06:07 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-09 21:48 - 2021-01-12 05:46 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-02-09 21:48 - 2021-01-12 05:44 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-09 21:48 - 2021-01-12 05:31 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-02-09 21:21 - 2021-02-25 19:54 - 000000000 ____D C:\FRST
2021-02-07 18:22 - 2021-02-07 18:22 - 000000000 ____D C:\Users\Rena\AppData\Roaming\WinBatch
2021-02-07 18:08 - 2021-02-07 18:09 - 045739147 _____ C:\Users\Rena\Downloads\wlesslan-20140127154948.zip
2021-02-07 17:43 - 2021-02-07 20:50 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-02-07 17:43 - 2021-02-07 20:03 - 000000000 ____D C:\Users\Rena\AppData\Local\BraveSoftware
2021-02-07 17:42 - 2021-02-07 17:42 - 001243488 _____ (BraveSoftware Inc.) C:\Users\Rena\Downloads\BraveBrowserSetup.exe
2021-02-07 12:48 - 2021-02-07 12:48 - 004357175 _____ C:\Users\Rena\Downloads\bios-20140625090211.zip
2021-02-07 11:30 - 2021-02-07 11:30 - 000000000 ____D C:\WINDOWS\pss
2021-02-05 17:22 - 2021-02-05 17:22 - 000000000 ____D C:\ProgramData\dbg
2021-02-05 17:17 - 2021-02-05 17:17 - 000000000 ____D C:\ProgramData\Gemma
2021-02-05 17:17 - 2021-02-05 17:17 - 000000000 ____D C:\ProgramData\Atc
2021-02-05 17:04 - 2021-02-05 17:04 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2021-02-05 17:01 - 2021-02-05 17:01 - 000000000 ____D C:\WINDOWS\system32\elambkup
2021-02-05 17:01 - 2021-02-05 17:01 - 000000000 ____D C:\ProgramData\BDLogging
2021-02-05 16:57 - 2021-02-24 23:51 - 000000000 ____D C:\Program Files\Bitdefender
2021-02-05 16:54 - 2021-02-05 16:54 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2021-02-05 16:46 - 2021-02-05 16:46 - 013543464 _____ C:\Users\Rena\Downloads\bitdefender_windows_36cf5875-1c64-4b7a-8c3f-e7d86cf97267 (1).exe
2021-02-05 12:17 - 2021-02-05 12:17 - 013543464 _____ C:\Users\Rena\Downloads\bitdefender_windows_36cf5875-1c64-4b7a-8c3f-e7d86cf97267.exe
2021-02-05 10:41 - 2021-02-05 12:04 - 000000000 ____D C:\WINDOWS\softwaredistribution.old
2021-02-05 10:14 - 2021-02-20 16:44 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-05 10:14 - 2021-02-20 16:44 - 000002213 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-05 10:14 - 2021-02-20 16:44 - 000002213 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-05 10:13 - 2021-02-06 12:15 - 000003380 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-05 10:13 - 2021-02-06 12:15 - 000003252 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 10:13 - 2020-10-02 20:58 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2021-02-05 10:13 - 2020-10-02 20:58 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2021-02-04 22:50 - 2020-01-28 08:06 - 001677024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-04 22:50 - 2020-01-28 08:06 - 001500848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-04 22:49 - 2021-01-08 01:21 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-04 22:49 - 2021-01-08 01:13 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-04 22:49 - 2020-08-11 06:16 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2021-02-04 22:49 - 2020-08-11 04:33 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2021-02-04 22:49 - 2020-05-10 04:23 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-02-04 22:49 - 2020-05-10 03:56 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-02-04 22:49 - 2019-10-10 16:20 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-02-04 22:49 - 2019-09-06 13:17 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2021-02-04 22:49 - 2019-04-04 22:15 - 000513416 _____ C:\WINDOWS\SysWOW64\locale.nls
2021-02-04 22:49 - 2019-04-04 22:15 - 000513416 _____ C:\WINDOWS\system32\locale.nls
2021-02-04 22:49 - 2019-02-26 07:31 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2021-02-04 22:49 - 2018-10-25 00:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-02-04 22:49 - 2018-10-25 00:51 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-02-04 22:48 - 2019-10-10 15:50 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-02-04 22:48 - 2018-08-26 04:07 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-02-25 19:50 - 2013-08-22 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-25 19:48 - 2013-08-22 13:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2021-02-25 00:06 - 2013-10-13 18:51 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2117757934-2563609367-1956778120-1001
2021-02-24 20:46 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\Inf
2021-02-20 17:47 - 2013-08-22 13:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2021-02-12 21:32 - 2012-07-26 07:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-12 21:18 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-10 19:53 - 2013-10-13 18:44 - 000000000 ____D C:\Users\Rena\AppData\Local\VirtualStore
2021-02-10 11:58 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\rescache
2021-02-09 23:54 - 2013-08-22 15:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-02-09 23:54 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-09 23:54 - 2013-08-22 15:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-09 22:56 - 2013-09-30 04:11 - 000865068 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-09 22:00 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\catroot2.bak
2021-02-09 21:59 - 2013-10-13 19:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-09 21:56 - 2013-10-13 19:50 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 21:27 - 2015-06-25 10:34 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-07 23:37 - 2014-01-06 13:45 - 000000000 ____D C:\Users\Rena\AppData\Local\ElevatedDiagnostics
2021-02-07 21:46 - 2013-10-18 20:47 - 000000000 ____D C:\Users\Rena
2021-02-07 20:36 - 2013-10-14 19:33 - 000001371 _____ C:\Users\Rena\Desktop\shutdown.lnk
2021-02-07 18:30 - 2013-08-28 21:17 - 000000000 ____D C:\Program Files (x86)\Atheros
2021-02-07 17:35 - 2014-04-30 18:40 - 000000000 __RDO C:\Users\Rena\SkyDrive
2021-02-05 16:37 - 2018-04-29 09:13 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-02-05 12:23 - 2012-07-26 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-05 12:22 - 2018-04-29 09:14 - 000000000 ____D C:\Program Files\Common Files\AV
2021-02-05 11:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-02-05 10:09 - 2013-08-22 14:44 - 000482648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-04 23:27 - 2015-05-19 11:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-04 23:27 - 2015-04-26 11:55 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2021-02-04 23:27 - 2013-09-30 03:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-02-04 23:27 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-04 23:27 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-04 23:27 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-04 23:27 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-04 23:27 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\system32\Dism
==================== Files in the root of some directories ========
2018-05-29 10:20 - 2018-05-29 10:25 - 000004608 _____ () C:\Users\Rena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2021-02-20 17:14
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Rena (25-02-2021 20:01:57)
Running from E:\Rena
Windows 8.1 (Update) (X64) (2013-10-18 22:33:15)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2117757934-2563609367-1956778120-500 - Administrator - Disabled)
Guest (S-1-5-21-2117757934-2563609367-1956778120-501 - Limited - Disabled)
Rena (S-1-5-21-2117757934-2563609367-1956778120-1001 - Administrator - Enabled) => C:\Users\Rena
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Reader XI (11.0.23) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{C90340A9-F592-4164-9480-FCE488C4BFF6}) (Version: 4.7.1245.73473 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.7.1245.73473 - Alcor Micro Corp.)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Belarc Advisor 8.3 (HKLM-x32\...\Belarc Advisor) (Version: 8.3.2.0 - Belarc Inc.)
Brother MFL-Pro Suite DCP-197C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0071 - DTS, Inc.)
IDT Audio Driver (HKLM\...\{11424B27-C16B-4505-9667-82A10AD1B1DC}) (Version: 6.10.6472.0 - IDT)
Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{D337F167-C622-43BE-B3FB-75C62C49143A}) (Version: 12.9.3.3 - Apple Inc.)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version: - Resplendence Software Projects Sp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.342 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Packages:
=========
Bing Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.258_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Bing News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.309_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Bing Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.317_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Bing Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.309_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Browser Choice -> C:\WINDOWS\BrowserChoice [2013-11-17] (Microsoft Corporation)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_2.3.3.6_x86__q4d96b2w5wcc2 [2014-08-17] (Evernote)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2013-10-20] (Microsoft Platform Extensions)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2013-10-20] (Microsoft Platform Extensions)
National Rail Enquiries -> C:\Program Files\WindowsApps\NationalRailEnquiries.NationalRailEnquiries_1.4.0.89_neutral__7drgzh1seyt1w [2014-08-17] (TRAIN INFORMATION SERVICES LIMITED) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c [2014-08-17] (Skype) [MS Ad]
The Telegraph -> C:\Program Files\WindowsApps\TelegraphMediaGroupLtd.TheTelegraph_2.0.1.134_x64__8zqgb9yvnry22 [2014-08-17] (Telegraph Media Group Ltd)
TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_2.0.0.113_x64__679ekb9hp1h62 [2014-08-17] (sMedio)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.215.0_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-11-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Rena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) =============
2013-10-24 14:54 - 2008-04-03 04:00 - 000235520 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM81.DLL
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-2117757934-2563609367-1956778120-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
HKU\S-1-5-21-2117757934-2563609367-1956778120-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> DefaultScope {2B3F5F49-6B01-4204-815F-0F5F9255E975} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> {2B3F5F49-6B01-4204-815F-0F5F9255E975} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> No Name - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} - No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-03-29] (Belarc, Inc. -> Belarc, Inc.)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 13:25 - 2021-02-24 20:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
HKU\S-1-5-21-2117757934-2563609367-1956778120-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rena\Pictures\Picasa\Backgrounds\picasabackground-001.bmp
DNS Servers: 192.168.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "TCrdMain"
HKLM\...\StartupApproved\Run: => "TODDMain"
HKLM\...\StartupApproved\Run: => "TosWaitSrv"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "CL-25-8AD1E6D3-68CD-4848-8B44-D3C2988F3FC7"
HKLM\...\StartupApproved\Run32: => "Intel AppUp® center"
HKLM\...\StartupApproved\Run32: => "1.TPUReg"
HKLM\...\StartupApproved\Run32: => "AmIcoSinglun64"
HKLM\...\StartupApproved\Run32: => "TSVU"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "PPort11reminder"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A0641E2C-DCC6-4C9C-9A6C-90F2A6AC6F73}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{7EA9DB80-9DBC-4096-851B-425945D05D39}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{43FB2A9A-E423-4F53-B1A0-57478817ADC0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{8AB78AA2-A88E-4D15-9601-009877D14BD2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{DE8E4AAD-09A3-4185-9122-4EAD5FDFCA35}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{CEC6D733-DC95-4D5D-B721-634A56C7C699}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{CF21F639-95CE-46A8-B6E8-67410E2CE65F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{98A6B76F-4FA4-454C-9926-4026CABD5F0C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{D093F6DF-9861-4065-9969-7B64A7DF7C23}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel® Services Manager -> Intel Corporation)
FirewallRules: [{5C702716-70C5-4B62-BECC-1877FF401AA0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3F6C6AE0-F00D-42B1-BF9E-71CD23392B8A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{CD385FDA-2F89-4F0D-B99E-58DEEBCA93AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{E22D8C21-E9B4-427E-A1C5-961974A155F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{E48942BE-5EC3-4AFB-8D6D-8704AFF33AA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{A3934143-8605-467B-9B53-20CF5374BFB0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
==================== Restore Points =========================
04-02-2021 22:54:53 Windows Update
09-02-2021 21:55:57 Windows Update
09-02-2021 22:52:57 Removed Bonjour
12-02-2021 23:01:01 Windows Update
20-02-2021 17:11:09 Scheduled Checkpoint
25-02-2021 00:06:50 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
System errors:
=============
Error: (02/25/2021 07:48:33 PM) (Source: DCOM) (EventID: 10010) (User: TOSH)
Description: The server {9AA46009-3CE0-458A-A354-715610A075E6} did not register with DCOM within the required timeout.
==================== Memory info ===========================
BIOS: Insyde Corp. 1.40 04/22/2014
Motherboard: Intel PT10F
Processor: Intel® Core i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 3971.27 MB
Available physical RAM: 2246.25 MB
Total Virtual: 4675.27 MB
Available Virtual: 2709.07 MB
==================== Drives ================================
Drive c: (TI31121600B) (Fixed) (Total:919.1 GB) (Free:846.41 GB) NTFS
Drive e: () (Removable) (Total:14.55 GB) (Free:14.01 GB) FAT32
\\?\Volume{3c74498c-ebc4-11e2-93aa-dfd0cd0b5165}\ (System) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{24412888-280a-44c8-b2ec-378a1e597223}\ () (Fixed) (Total:0.34 GB) (Free:0 GB) NTFS
\\?\Volume{9de1046a-ee4e-4c0e-ba09-c07b468e4e78}\ (Recovery) (Fixed) (Total:10.69 GB) (Free:0.81 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==========================================================
Disk: 1 (Protective MBR) (Size: 14.6 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================