Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows 8.1 boots to desktop then takes forever to become responsive

Started by bytesize , Feb 09 2021 03:02 PM

  • Please log in to reply

#31
bytesize
Posted 16 February 2021 - 06:51 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Hi RKinner

 

not had much time lately, but booted it up a couple of times yesterday and today and it is still a lot quicker. I was using a USB to transfer the files from my laptop so I could run software and post results. I have unplugged it now but was wondering if you were meaning this error.

 

Log: 'System' Date/Time: 14/02/2021 16:46:33
Type: Warning Category: 0
Event: 48 Source: BTHUSB
The local adapter does not support reading the encryption key size for a connected device. Insecure devices may be able to connect to this system.
 
Was also wondering about the DCOM errors. What would you advise security wise as opposed to installing Bitdefender. 
 
Thanks

  • 0

Advertisements

#32
RKinner
Posted 16 February 2021 - 07:17 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

The BTHUSB error is common these days.  It's just a warning that your Bluetooth hardware or software is not as good as it could be.

 

Apparently there is a fix:

 

https://support.micr...3e-78e07c4fe877

 

DCOM errors are also very common and don't really hurt anything. 

 

There are ways to fix the DCOM errors but they involve a lot of registry editing and you usually have to enable the hidden administrator account in order to make the changes.  I don't think it's worth the effort.

https://www.kapilary...t-in-windows-10

 

It's unlikely that you even use DCOM so you might try turning it off altogether:

 

https://support.micr...67-2625a5873c7b

 

Nothing wrong with BitDefender if you can get it installed.  Problem we had with it was that it was only partially installed.


  • 0

#33
bytesize
Posted 20 February 2021 - 11:02 AM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Hi RKinner

 

had a look at the Bluetooth fix, but the key (HKLM\System\CurrentControlSet\Policies\Hardware\Bluetooth) that I need to edit is not there.

 

Thanks


  • 0

#34
RKinner
Posted 20 February 2021 - 11:34 AM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

We can try creating it.

 

Download, Save and then right click on and select Install.

 

Attached File  bth.reg   330bytes   212 downloads


  • 0

#35
bytesize
Posted 20 February 2021 - 12:05 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

I will try the registry file. Installed Bitdefender again, had the same problem, it gets to where it says everything is installed and its looking at your system for the first time. After a reboot it doesn't start it says Bitdefender Services are not responding, restart your computer. Still the same then I start Bitdefender by clicking on icon and its fine after that.

 

Thanks 


  • 0

#36
bytesize
Posted 20 February 2021 - 12:10 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Tried running registry fix, when I right click it doesn't give me the option to install, merge is an option, does that mean the key is already there. Because i couldn't find it I searched for it in registry using find (EnableMinimumEncryptionKeySize). Am I doing something wrong.

 

Thanks


  • 0

#37
RKinner
Posted 20 February 2021 - 01:55 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

My mistake.  Try Merge.

 

See if you can install the free Avast instead of BitDefender.

 

https://support.avas...-Free-Antivirus

 

except use the off-line installer:

https://www.avast.co...=en-us&direct=1

 

Don't accept the free trial and avoid any bonus software they may offer.  You want the free Basic program.

 

If you get Avast to install and it updates then try the boot-time scan:

 

Click on the Avast ball.  Then click on Protection, then on Antivirus, then on Other Scans then on Boot-time Scan.  Click on Install Special Definitions.  Click on Run on Next PC Reboot.

  Reboot and let it run a scan.  It may take hours.
Once it finishes it should load windows.   Mute your speakers so it doesn't wake you up when Windows boots.

When you reboot you will see the scan start.  It will tell you where it saves its log.  Usually it's C:\ProgramData\AVAST Software\Avast\report\aswBoot.txt but it might change so verify the location.   This is a hidden location so you will need to tell Windows to let you see it:

http://www.howtogeek...-windows-vista/

Copy and paste the text from the log to a Reply when done.


 


  • 0

#38
bytesize
Posted 24 February 2021 - 03:16 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Hi RKinner

 

Sorry about the delay - merged the Bluetooth registry fix and uninstalled Bitdefender. Installed Avast Free Edition and I have just started scan, will post log when finished.

 

Thanks


  • 0

#39
bytesize
Posted 24 February 2021 - 06:23 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Here is the avast Log

 

02/24/2021 21:10
Scan of C:
 
Scan of *STARTUP
 
File C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00036a|>HSW_IVB\DisplayAudio\IntcDAud.sys Error 42125 {ZIP archive is corrupted.}
Number of searched folders: 55602
Number of tested files: 872631
Number of infected files: 0

  • 0

#40
RKinner
Posted 24 February 2021 - 10:21 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks like Avast installed and ran OK.  The file:

C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00036a

is corrupt and should be deleted.  We can let FRST do it:

 

Download the attached fixlist.txt to the same location as FRST

Attached File  fixlist.txt   328bytes   183 downloads

Run FRST and press Fix
A fix log will be generated please post that

Reboot if the fix doesn't reboot it for you

Run FRST again but this time make sure Addition.txt is checked and hit Scan.  Post both logs.


 


  • 0

Advertisements

#41
bytesize
Posted 25 February 2021 - 02:07 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Here is fixlog

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Rena (25-02-2021 19:47:18) Run:2
Running from E:\Rena
Loaded Profiles: Rena
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00036a
CMD: FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i"
Reboot:
 
 
*****************
 
C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00036a => moved successfully
 
========= FOR /F "usebackq delims==" %i IN (`wevtutil el`) DO wevtutil cl "%i" =========
 
 
========= End of CMD: =========
 
 
 
The system needed a reboot.
 
==== End of Fixlog 19:48:19 ====

  • 0

#42
bytesize
Posted 25 February 2021 - 02:09 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

Here are FRST logs

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by Rena (administrator) on TOSH (TOSHIBA SATELLITE C50-A-157) (25-02-2021 19:53:08)
Running from E:\Rena
Loaded Profiles: Rena
Platform: Windows 8.1 (Update) (X64) Language: English (United Kingdom)
Default browser: IE
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe
(DTS, Inc. -> ) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.19750_none_fa39f32f9b2d0928\TiWorker.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> ) C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
 
==================== Registry (Whitelisted) ===================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [170848 2013-01-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2565472 2013-04-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [302904 2019-01-18] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [CL-25-051C8C5C-80EE-4596-92A8-8DC0E50F73D7] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\CL-25-051C8C5C-80EE-4596-92A8-8DC0E50F73D7\setuplauncher.exe" /run:Installer.exe /args:"/setup-folder:"CL-25-051C8C5C-80EE-4596-92A8-8DC0E50 (the data entry has 7 more characters).
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [116960 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [Intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-12-18] (Intel® Services Manager -> Intel Corporation)
HKLM-x32\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [374784 2013-04-19] (Alcor Micro Corp.) [File not signed]
HKLM-x32\...\Run: [1.TPUReg] => C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe [2216800 2013-03-27] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [TSVU] => c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe [467360 2013-03-08] (TOSHIBA CORPORATION -> TOSHIBA)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [PPort11reminder] => C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe [328992 2007-08-31] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () [File not signed]
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) [File not signed]
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP460: C:\WINDOWS\system32\CNMLM81.DLL [235520 2008-04-03] (CANON INC.) [File not signed]
HKLM\...\Print\Monitors\CutePDF Writer Monitor: C:\WINDOWS\system32\cpwmon64.dll [87152 2012-10-04] (Acro Software Inc -> )
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
 
==================== Scheduled Tasks (Whitelisted) ============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {0DDB73BB-E9A8-48C7-85F5-43E1321ED4B3} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {3141AAC7-DE44-4B29-9D2D-F58CA6F46ABD} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {38379ACB-BD0D-4662-AC1A-622A865E3BBA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {62302DCB-5ABB-4B01-9E33-4A4297EF9042} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [475720 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
Task: {7C0C03ED-4D20-4255-B657-BB8A2195D44E} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {94113DAE-5AF6-41F2-9112-6F1DB4BBC23E} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [654440 2013-03-19] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {94CD9053-54E4-4574-ADC3-46C128E1EEF8} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {B09D457D-4ECD-4215-A690-337F62C105F2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2014-08-06] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {C1065AF7-FB27-4852-8853-5085C9532645} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4682976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
Task: {C7091753-EA4B-4124-971E-461DDC5534B8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-25] (Adobe Inc. -> Adobe Inc.)
Task: {CF4D8109-8321-4BB3-B5C3-7DEAB000322B} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-2117757934-2563609367-1956778120-1001 => {F063A606-6748-4B89-82A0-3D19D94CE8D3} C:\Windows\System32\VaultRoaming.dll [92672 2014-10-29] (Microsoft Windows -> Microsoft)
Task: {E2604A69-4A3B-4848-A270-8501E1097112} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-02-24] (Avast Software s.r.o. -> Avast Software)
Task: {F50F9C5A-8AB7-403A-AEC2-E4D19BF05AAA} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.132.1
Tcpip\..\Interfaces\{794DB99B-A736-4151-AF3D-3A33C40C313E}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{9783D14C-5110-47DD-AA37-8387218D8EFB}: [DhcpNameServer] 192.168.132.1
 
Edge: 
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-20]
Edge Extension: (Adblock Plus - free ad blocker) - C:\Users\Rena\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gmgoamodcdcjnbaobigkjelfplakmdhh [2021-02-07]
 
FireFox:
========
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google Inc -> Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
 
==================== Services (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-25] (Adobe Inc. -> Adobe Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7878680 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [621608 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [352480 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-09] (DTS, Inc. -> )
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\PasswordUtility\GFNEXSrv.exe [163168 2013-03-27] (TOSHIBA CORPORATION -> )
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [332800 2013-04-25] (IDT, Inc.) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [120392 2015-11-17] (Toshiba Europe Gmbh -> Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
 
===================== Drivers (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35648 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [208024 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [357320 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [249304 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [98760 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41272 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [175248 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [521336 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107784 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83360 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [850112 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [465656 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215328 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [326976 2021-02-24] (Avast Software s.r.o. -> AVAST Software)
R3 athr; C:\WINDOWS\system32\DRIVERS\athwbx.sys [3858944 2013-10-24] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
S3 KMWDFILTER; C:\WINDOWS\System32\drivers\KMWDFILTER.sys [30208 2009-04-29] (MLK Technologies Limited -> Windows ® Codename Longhorn DDK provider)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\PasswordUtility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2020-08-21] (Daniel Terhell -> Resplendence Software Projects Sp.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [546304 2013-04-25] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [33168 2013-11-01] (TOSHIBA CORPORATION -> Windows ® Win 7 DDK provider)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2018-08-22] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One month (created) (Whitelisted) =========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-02-24 20:59 - 2021-02-24 20:59 - 000000000 ____D C:\Users\Rena\AppData\Roaming\Avast Software
2021-02-24 20:58 - 2021-02-24 20:58 - 000003910 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-02-24 20:58 - 2021-02-24 20:58 - 000001949 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2021-02-24 20:58 - 2021-02-24 20:58 - 000001949 _____ C:\ProgramData\Desktop\Avast Free Antivirus.lnk
2021-02-24 20:58 - 2021-02-24 20:58 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2021-02-24 20:58 - 2021-02-24 20:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-02-24 20:58 - 2021-02-24 20:57 - 000339680 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-02-24 20:57 - 2021-02-24 20:58 - 000465656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-02-24 20:57 - 2021-02-24 20:58 - 000175248 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000521336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000326976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000249304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000215328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000107784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000098760 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000083360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000041272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-02-24 20:57 - 2021-02-24 20:57 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2021-02-24 20:57 - 2021-02-24 20:56 - 000850112 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-02-24 20:57 - 2021-02-24 20:56 - 000357320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-02-24 20:57 - 2021-02-24 20:56 - 000208024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-02-24 20:57 - 2021-02-24 20:56 - 000035648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-02-24 20:55 - 2021-02-24 20:55 - 000000000 ____D C:\Program Files\Avast Software
2021-02-24 20:51 - 2021-02-25 00:03 - 000000000 ____D C:\ProgramData\Avast Software
2021-02-24 20:48 - 2021-02-24 20:48 - 000074300 _____ C:\ProgramData\agent.uninstall.1614199679.bdinstall.v2.bin
2021-02-24 20:47 - 2021-02-24 20:47 - 000099084 _____ C:\ProgramData\vpn.uninstall.1614199218.bdinstall.v2.bin
2021-02-24 20:36 - 2021-02-24 20:36 - 000387732 _____ C:\ProgramData\cl.uninstall.1614198681.bdinstall.v2.bin
2021-02-20 18:05 - 2021-02-20 18:05 - 000196796 _____ C:\ProgramData\vpn.1613844277.bdinstall.v2.bin
2021-02-20 18:05 - 2021-02-20 17:55 - 000000330 _____ C:\Users\Rena\Desktop\bth.reg
2021-02-20 17:34 - 2021-02-20 17:34 - 000782180 _____ C:\ProgramData\cl.1613841720.bdinstall.v2.bin
2021-02-20 17:34 - 2021-02-20 17:34 - 000102440 _____ C:\ProgramData\cl.kit.1613841700.bdinstall.v2.bin
2021-02-20 17:18 - 2021-02-20 17:18 - 000118564 _____ C:\ProgramData\agent.1613841522.bdinstall.v2.bin
2021-02-20 17:17 - 2021-02-20 17:18 - 013568464 _____ C:\Users\Rena\Downloads\bitdefender_windows_2dd4f12c-06c6-410c-bb6c-3fbc0d668e57.exe
2021-02-14 16:38 - 2021-02-14 16:38 - 000000000 ____D C:\Users\Rena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView
2021-02-14 16:38 - 2021-02-14 16:38 - 000000000 ____D C:\Program Files (x86)\NirSoft
2021-02-14 16:38 - 2021-02-14 16:26 - 000158728 _____ C:\Users\Rena\Desktop\shexview_setup.exe
2021-02-10 12:51 - 2021-02-24 20:22 - 000015366 _____ C:\VEW.txt
2021-02-10 12:50 - 2021-02-10 09:19 - 000061440 _____ ( ) C:\Users\Rena\Desktop\VEW.exe
2021-02-10 10:08 - 2021-02-10 10:08 - 000004014 _____ C:\Users\Rena\Desktop\Hardware Interrupts and DPCs3.TXT
2021-02-10 10:01 - 2021-02-10 10:01 - 000004068 _____ C:\Users\Rena\Desktop\Hardware Interrupts and DPCs2.TXT
2021-02-10 09:45 - 2021-02-10 09:45 - 000004010 _____ C:\Users\Rena\Desktop\Hardware Interrupts and DPCs.txt
2021-02-09 23:16 - 2021-02-09 23:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LatencyMon
2021-02-09 23:16 - 2021-02-09 23:16 - 000000000 ____D C:\Program Files\LatencyMon
2021-02-09 23:16 - 2020-08-21 09:36 - 000026368 _____ (Resplendence Software Projects Sp.) C:\WINDOWS\system32\Drivers\rspLLL64.sys
2021-02-09 23:15 - 2021-02-09 22:46 - 002252096 _____ (Resplendence Software Projects Sp. ) C:\Users\Rena\Desktop\LatencyMon.exe
2021-02-09 23:01 - 2021-02-09 23:01 - 000000819 _____ C:\Users\Public\Desktop\Speccy.lnk
2021-02-09 23:01 - 2021-02-09 23:01 - 000000819 _____ C:\ProgramData\Desktop\Speccy.lnk
2021-02-09 23:01 - 2021-02-09 23:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2021-02-09 23:01 - 2021-02-09 23:01 - 000000000 ____D C:\Program Files\Speccy
2021-02-09 22:59 - 2021-02-09 23:00 - 000005186 _____ C:\junk.txt
2021-02-09 22:55 - 2021-02-09 22:40 - 002798456 _____ (Sysinternals - www.sysinternals.com) C:\Users\Rena\Desktop\procexp.exe
2021-02-09 21:48 - 2021-01-12 06:07 - 000088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2021-02-09 21:48 - 2021-01-12 05:46 - 002132992 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-02-09 21:48 - 2021-01-12 05:44 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2021-02-09 21:48 - 2021-01-12 05:31 - 002058752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-02-09 21:21 - 2021-02-25 19:54 - 000000000 ____D C:\FRST
2021-02-07 18:22 - 2021-02-07 18:22 - 000000000 ____D C:\Users\Rena\AppData\Roaming\WinBatch
2021-02-07 18:08 - 2021-02-07 18:09 - 045739147 _____ C:\Users\Rena\Downloads\wlesslan-20140127154948.zip
2021-02-07 17:43 - 2021-02-07 20:50 - 000000000 ____D C:\Program Files (x86)\BraveSoftware
2021-02-07 17:43 - 2021-02-07 20:03 - 000000000 ____D C:\Users\Rena\AppData\Local\BraveSoftware
2021-02-07 17:42 - 2021-02-07 17:42 - 001243488 _____ (BraveSoftware Inc.) C:\Users\Rena\Downloads\BraveBrowserSetup.exe
2021-02-07 12:48 - 2021-02-07 12:48 - 004357175 _____ C:\Users\Rena\Downloads\bios-20140625090211.zip
2021-02-07 11:30 - 2021-02-07 11:30 - 000000000 ____D C:\WINDOWS\pss
2021-02-05 17:22 - 2021-02-05 17:22 - 000000000 ____D C:\ProgramData\dbg
2021-02-05 17:17 - 2021-02-05 17:17 - 000000000 ____D C:\ProgramData\Gemma
2021-02-05 17:17 - 2021-02-05 17:17 - 000000000 ____D C:\ProgramData\Atc
2021-02-05 17:04 - 2021-02-05 17:04 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2021-02-05 17:01 - 2021-02-05 17:01 - 000000000 ____D C:\WINDOWS\system32\elambkup
2021-02-05 17:01 - 2021-02-05 17:01 - 000000000 ____D C:\ProgramData\BDLogging
2021-02-05 16:57 - 2021-02-24 23:51 - 000000000 ____D C:\Program Files\Bitdefender
2021-02-05 16:54 - 2021-02-05 16:54 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2021-02-05 16:46 - 2021-02-05 16:46 - 013543464 _____ C:\Users\Rena\Downloads\bitdefender_windows_36cf5875-1c64-4b7a-8c3f-e7d86cf97267 (1).exe
2021-02-05 12:17 - 2021-02-05 12:17 - 013543464 _____ C:\Users\Rena\Downloads\bitdefender_windows_36cf5875-1c64-4b7a-8c3f-e7d86cf97267.exe
2021-02-05 10:41 - 2021-02-05 12:04 - 000000000 ____D C:\WINDOWS\softwaredistribution.old
2021-02-05 10:14 - 2021-02-20 16:44 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-05 10:14 - 2021-02-20 16:44 - 000002213 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-05 10:14 - 2021-02-20 16:44 - 000002213 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-05 10:13 - 2021-02-06 12:15 - 000003380 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-05 10:13 - 2021-02-06 12:15 - 000003252 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 10:13 - 2020-10-02 20:58 - 000835472 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2021-02-05 10:13 - 2020-10-02 20:58 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2021-02-04 22:50 - 2020-01-28 08:06 - 001677024 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-02-04 22:50 - 2020-01-28 08:06 - 001500848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-02-04 22:49 - 2021-01-08 01:21 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-02-04 22:49 - 2021-01-08 01:13 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-02-04 22:49 - 2020-08-11 06:16 - 000376072 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2021-02-04 22:49 - 2020-08-11 04:33 - 000317176 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2021-02-04 22:49 - 2020-05-10 04:23 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2021-02-04 22:49 - 2020-05-10 03:56 - 000233984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2021-02-04 22:49 - 2019-10-10 16:20 - 000044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2021-02-04 22:49 - 2019-09-06 13:17 - 000249856 _____ (Gracenote, Inc.) C:\WINDOWS\SysWOW64\gnsdk_fp.dll
2021-02-04 22:49 - 2019-04-04 22:15 - 000513416 _____ C:\WINDOWS\SysWOW64\locale.nls
2021-02-04 22:49 - 2019-04-04 22:15 - 000513416 _____ C:\WINDOWS\system32\locale.nls
2021-02-04 22:49 - 2019-02-26 07:31 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2021-02-04 22:49 - 2018-10-25 00:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-02-04 22:49 - 2018-10-25 00:51 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2021-02-04 22:48 - 2019-10-10 15:50 - 000035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2021-02-04 22:48 - 2018-08-26 04:07 - 000004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
 
==================== One month (modified) ==================
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2021-02-25 19:50 - 2013-08-22 14:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-25 19:48 - 2013-08-22 13:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2021-02-25 00:06 - 2013-10-13 18:51 - 000003600 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2117757934-2563609367-1956778120-1001
2021-02-24 20:46 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\Inf
2021-02-20 17:47 - 2013-08-22 13:25 - 000262144 ___SH C:\WINDOWS\system32\config\ELAM
2021-02-12 21:32 - 2012-07-26 07:59 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-12 21:18 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-02-10 19:53 - 2013-10-13 18:44 - 000000000 ____D C:\Users\Rena\AppData\Local\VirtualStore
2021-02-10 11:58 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\rescache
2021-02-09 23:54 - 2013-08-22 15:36 - 000000000 ___RD C:\WINDOWS\ToastData
2021-02-09 23:54 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-09 23:54 - 2013-08-22 15:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-09 22:56 - 2013-09-30 04:11 - 000865068 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-09 22:00 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\catroot2.bak
2021-02-09 21:59 - 2013-10-13 19:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-09 21:56 - 2013-10-13 19:50 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-09 21:27 - 2015-06-25 10:34 - 000004476 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-02-07 23:37 - 2014-01-06 13:45 - 000000000 ____D C:\Users\Rena\AppData\Local\ElevatedDiagnostics
2021-02-07 21:46 - 2013-10-18 20:47 - 000000000 ____D C:\Users\Rena
2021-02-07 20:36 - 2013-10-14 19:33 - 000001371 _____ C:\Users\Rena\Desktop\shutdown.lnk
2021-02-07 18:30 - 2013-08-28 21:17 - 000000000 ____D C:\Program Files (x86)\Atheros
2021-02-07 17:35 - 2014-04-30 18:40 - 000000000 __RDO C:\Users\Rena\SkyDrive
2021-02-05 16:37 - 2018-04-29 09:13 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-02-05 12:23 - 2012-07-26 08:12 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-02-05 12:22 - 2018-04-29 09:14 - 000000000 ____D C:\Program Files\Common Files\AV
2021-02-05 11:52 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2021-02-05 10:09 - 2013-08-22 14:44 - 000482648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-04 23:27 - 2015-05-19 11:17 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-02-04 23:27 - 2015-04-26 11:55 - 000000000 ___SD C:\WINDOWS\system32\CompatTel
2021-02-04 23:27 - 2013-09-30 03:56 - 000000000 ____D C:\WINDOWS\system32\Drivers\en-GB
2021-02-04 23:27 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2021-02-04 23:27 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\system32\setup
2021-02-04 23:27 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-02-04 23:27 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-04 23:27 - 2013-08-22 13:36 - 000000000 ____D C:\WINDOWS\system32\Dism
 
==================== Files in the root of some directories ========
 
2018-05-29 10:20 - 2018-05-29 10:25 - 000004608 _____ () C:\Users\Rena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
==================== SigCheck ============================
 
(There is no automatic fix for files that do not pass verification.)
 
 
LastRegBack: 2021-02-20 17:14
==================== End of FRST.txt ========================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by Rena (25-02-2021 20:01:57)
Running from E:\Rena
Windows 8.1 (Update) (X64) (2013-10-18 22:33:15)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-2117757934-2563609367-1956778120-500 - Administrator - Disabled)
Guest (S-1-5-21-2117757934-2563609367-1956778120-501 - Limited - Disabled)
Rena (S-1-5-21-2117757934-2563609367-1956778120-1001 - Administrator - Enabled) => C:\Users\Rena
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Reader XI (11.0.23)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\{C90340A9-F592-4164-9480-FCE488C4BFF6}) (Version: 4.7.1245.73473 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 4.7.1245.73473 - Alcor Micro Corp.)
Apple Application Support (32-bit) (HKLM-x32\...\{5A659BE5-849B-484E-A83B-DCB78407F3A4}) (Version: 7.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{F8060941-C0AB-4BCE-88AC-F2FDA2E9F286}) (Version: 7.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{026B819B-4D60-4C8B-892D-33A0D8666F60}) (Version: 2.0.0.9 - Qualcomm Atheros)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 21.1.2449 - Avast Software)
Belarc Advisor 8.3 (HKLM-x32\...\Belarc Advisor) (Version: 8.3.2.0 - Belarc Inc.)
Brother MFL-Pro Suite DCP-197C (HKLM-x32\...\{6BF66AED-3EA4-4106-B240-5CE96C9B76B0}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  3.0 - CutePDF.com)
DTS Sound (HKLM-x32\...\{F8EB8FFC-C535-49A1-A84D-CC75CB2D6ADA}) (Version: 1.00.0071 - DTS, Inc.)
IDT Audio Driver (HKLM\...\{11424B27-C16B-4505-9667-82A10AD1B1DC}) (Version: 6.10.6472.0 - IDT)
Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3316 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{D337F167-C622-43BE-B3FB-75C62C49143A}) (Version: 12.9.3.3 - Apple Inc.)
LatencyMon 7.00 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office Standard 2010 (HKLM-x32\...\Office14.STANDARD) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
PaperPort Image Printer 64-bit (HKLM\...\{ABA4FAF1-6389-45F9-92CE-3914A4E5C471}) (Version: 1.00.0000 - Nuance Communications, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
ScanSoft PaperPort 11 (HKLM-x32\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0012-0000-0000-0000000FF1CE}_Office14.STANDARD_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.51 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.3.6403 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6630.6403 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 3.00.342 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.02.6402 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{E4C7D9D7-19D4-4623-AF0C-EA313C466411}) (Version: 5.0.0 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.5.59 - Toshiba Corporation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
 
Packages:
=========
Bing Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.2.258_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Bing News -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.2.309_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Bing Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.2.317_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Bing Travel -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.2.309_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
Browser Choice -> C:\WINDOWS\BrowserChoice [2013-11-17] (Microsoft Corporation)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_2.3.3.6_x86__q4d96b2w5wcc2 [2014-08-17] (Evernote)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.2.0.Preview_1.0.9431.0_neutral__8wekyb3d8bbwe [2013-10-20] (Microsoft Platform Extensions)
Microsoft Windows Library for JavaScript -> C:\Program Files\WindowsApps\Microsoft.WinJS.Preview.1_1.0.9345.0_neutral__8wekyb3d8bbwe [2013-10-20] (Microsoft Platform Extensions)
National Rail Enquiries -> C:\Program Files\WindowsApps\NationalRailEnquiries.NationalRailEnquiries_1.4.0.89_neutral__7drgzh1seyt1w [2014-08-17] (TRAIN INFORMATION SERVICES LIMITED) [MS Ad]
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1005_x86__kzf8qxf38zg5c [2014-08-17] (Skype) [MS Ad]
The Telegraph -> C:\Program Files\WindowsApps\TelegraphMediaGroupLtd.TheTelegraph_2.0.1.134_x64__8zqgb9yvnry22 [2014-08-17] (Telegraph Media Group Ltd)
TOSHIBA Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_2.0.0.113_x64__679ekb9hp1h62 [2014-08-17] (sMedio)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.215.0_x64__8wekyb3d8bbwe [2014-08-17] (Microsoft Corporation) [MS Ad]
 
==================== Custom CLSID (Whitelisted): ==============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2013-11-04] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-02-24] (Avast Software s.r.o. -> AVAST Software)
 
==================== Codecs (Whitelisted) ====================
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
ShortcutWithArgument: C:\Users\Rena\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Edge (2).lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe (Microsoft Corporation) -> --profile-directory=Default
 
==================== Loaded Modules (Whitelisted) =============
 
2013-10-24 14:54 - 2008-04-03 04:00 - 000235520 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMLM81.DLL
 
==================== Alternate Data Streams (Whitelisted) ========
 
==================== Safe Mode (Whitelisted) ==================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
 
==================== Association (Whitelisted) =================
 
==================== Internet Explorer (Whitelisted) ==========
 
HKU\S-1-5-21-2117757934-2563609367-1956778120-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.co.uk/
HKU\S-1-5-21-2117757934-2563609367-1956778120-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> DefaultScope {2B3F5F49-6B01-4204-815F-0F5F9255E975} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> {2B3F5F49-6B01-4204-815F-0F5F9255E975} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-2117757934-2563609367-1956778120-1001 -> No Name - {4853DF44-7D6B-48E9-9258-D800EEE54AF6} -  No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-03-29] (Belarc, Inc. -> Belarc, Inc.)
 
==================== Hosts content: =========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 13:25 - 2021-02-24 20:17 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
 
==================== Other Areas ===========================
 
(Currently there is no automatic fix for this section.)
 
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel® Management Engine Components\DAL;C:\Program Files\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
HKU\S-1-5-21-2117757934-2563609367-1956778120-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Rena\Pictures\Picasa\Backgrounds\picasabackground-001.bmp
DNS Servers: 192.168.132.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(If an entry is included in the fixlist, it will be removed.)
 
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "TCrdMain"
HKLM\...\StartupApproved\Run: => "TODDMain"
HKLM\...\StartupApproved\Run: => "TosWaitSrv"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "CL-25-8AD1E6D3-68CD-4848-8B44-D3C2988F3FC7"
HKLM\...\StartupApproved\Run32: => "Intel AppUp® center"
HKLM\...\StartupApproved\Run32: => "1.TPUReg"
HKLM\...\StartupApproved\Run32: => "AmIcoSinglun64"
HKLM\...\StartupApproved\Run32: => "TSVU"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "PPort11reminder"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "PaperPort PTD"
HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate"
HKLM\...\StartupApproved\Run32: => "BrMfcWnd"
 
==================== FirewallRules (Whitelisted) ================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [{A0641E2C-DCC6-4C9C-9A6C-90F2A6AC6F73}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{7EA9DB80-9DBC-4096-851B-425945D05D39}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{43FB2A9A-E423-4F53-B1A0-57478817ADC0}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{8AB78AA2-A88E-4D15-9601-009877D14BD2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe => No File
FirewallRules: [{DE8E4AAD-09A3-4185-9122-4EAD5FDFCA35}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{CEC6D733-DC95-4D5D-B721-634A56C7C699}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe => No File
FirewallRules: [{CF21F639-95CE-46A8-B6E8-67410E2CE65F}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{98A6B76F-4FA4-454C-9926-4026CABD5F0C}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe => No File
FirewallRules: [{D093F6DF-9861-4065-9969-7B64A7DF7C23}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Intel® Services Manager -> Intel Corporation)
FirewallRules: [{5C702716-70C5-4B62-BECC-1877FF401AA0}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3F6C6AE0-F00D-42B1-BF9E-71CD23392B8A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{CD385FDA-2F89-4F0D-B99E-58DEEBCA93AF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{E22D8C21-E9B4-427E-A1C5-961974A155F2}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{E48942BE-5EC3-4AFB-8D6D-8704AFF33AA5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe => No File
FirewallRules: [{A3934143-8605-467B-9B53-20CF5374BFB0}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
 
==================== Restore Points =========================
 
04-02-2021 22:54:53 Windows Update
09-02-2021 21:55:57 Windows Update
09-02-2021 22:52:57 Removed Bonjour
12-02-2021 23:01:01 Windows Update
20-02-2021 17:11:09 Scheduled Checkpoint
25-02-2021 00:06:50 Windows Update
 
==================== Faulty Device Manager Devices ============
 
 
==================== Event log errors: ========================
 
Application errors:
==================
 
System errors:
=============
Error: (02/25/2021 07:48:33 PM) (Source: DCOM) (EventID: 10010) (User: TOSH)
Description: The server {9AA46009-3CE0-458A-A354-715610A075E6} did not register with DCOM within the required timeout.
 
 
==================== Memory info =========================== 
 
BIOS: Insyde Corp. 1.40 04/22/2014
Motherboard: Intel PT10F
Processor: Intel® Core™ i3-3110M CPU @ 2.40GHz
Percentage of memory in use: 43%
Total physical RAM: 3971.27 MB
Available physical RAM: 2246.25 MB
Total Virtual: 4675.27 MB
Available Virtual: 2709.07 MB
 
==================== Drives ================================
 
Drive c: (TI31121600B) (Fixed) (Total:919.1 GB) (Free:846.41 GB) NTFS
Drive e: () (Removable) (Total:14.55 GB) (Free:14.01 GB) FAT32
 
\\?\Volume{3c74498c-ebc4-11e2-93aa-dfd0cd0b5165}\ (System) (Fixed) (Total:1 GB) (Free:0.62 GB) NTFS
\\?\Volume{24412888-280a-44c8-b2ec-378a1e597223}\ () (Fixed) (Total:0.34 GB) (Free:0 GB) NTFS
\\?\Volume{9de1046a-ee4e-4c0e-ba09-c07b468e4e78}\ (Recovery) (Fixed) (Total:10.69 GB) (Free:0.81 GB) NTFS
 
==================== MBR & Partition Table ====================
 
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==========================================================
Disk: 1 (Protective MBR) (Size: 14.6 GB) (Disk ID: 00000000)
 
Partition: GPT.
 
==================== End of Addition.txt =======================

  • 0

#43
RKinner
Posted 25 February 2021 - 02:28 PM

RKinner

    Malware Expert

  • Expert
  • 24,625 posts
  • MVP

Looks OK.  How is it running now?

 

If you keep Avast you may want to right click on the Avast icon and select Silent Mode.  That will keep it from periodically popping up ads to upgrade. 


  • 0

#44
bytesize
Posted 25 February 2021 - 05:12 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

It is booting up quicker than it was, but I still feel that the boot time is inconsistent, sometimes it will boot to desktop and everything renders and is ready to go. Sometimes it will boot to desktop and the some icons will appear and others will be white squares, then they will all disappear and come back fine. It drives me nuts if it were my own I would probably do a clean install and upgrade to a SSD. All the icons on desktop are scaled up so the lady can see them she couldn't get on with magnifier. Do I need to do any tidying up after using the programs.

 

Thanks 


  • 0

#45
bytesize
Posted 25 February 2021 - 05:15 PM

bytesize

    Member

  • Topic Starter
  • Member
  • PipPip
  • 96 posts

I was wondering about the installed programs from Toshiba if they could be having any effect?


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP