extremne pomale pc
Napsal: 15 bře 2020 20:18
V popelnici nalezeny a jakztakz zprovozneny laptop, je extremne pomaly. Chrom nabehne po temer minute. Ccleaner jsem uz pouzil.
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2020
Ran by Administrator (administrator) on DICK (Acer, inc. Aspire 3050 ) (15-03-2020 18:59:04)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Administrator (Available Profiles: LAPTOP & Administrator)
Platform: Microsoft Windows 7 Home Basic Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(AVAST Software s.r.o. -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.6.607.0\CCleanerBrowserCrashHandler.exe
(Birdstep Technology AB -> ) C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
(Eastman Kodak Company -> Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company) C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [1638400 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [238392 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-758054875-3775951481-3744815746-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> "C:\Program Files\CCleaner Browser\Application\79.0.3066.82\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06D5CFA9-6C20-459F-A452-012DAF5C6E08} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [3196864 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
Task: {0A5F59DA-2544-49DF-8152-03099ED002F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2016-01-07] (Google Inc -> Google Inc.)
Task: {123337E8-1A43-4A2A-8E79-EB5B8EB99300} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1878176 2020-01-08] (AVAST Software s.r.o. -> Piriform Software)
Task: {1C2AFEEC-9FD7-4625-83BD-07F16E2A67E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2016-01-07] (Google Inc -> Google Inc.)
Task: {24F3138E-BAF9-4D39-942F-B178B1811724} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2C192CAF-35D7-4493-9303-84540521B58D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {4866C27B-6BB1-43F0-BEF9-21E3B8DCAEF6} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
Task: {5A7CB3C3-6E80-4E06-92FA-5DDAEE1B105E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6AA77B64-0CB5-44F5-9217-7B489907F8CB} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1878176 2020-01-08] (AVAST Software s.r.o. -> Piriform Software)
Task: {6F30085F-2E7A-431D-931E-1A8FC161A1F7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1410152 2020-03-10] (Avast Software s.r.o. -> Avast Software)
Task: {8497D46F-4A07-45B2-94FC-0FC0013261EA} - System32\Tasks\{C95EAEC5-8255-4D20-A248-AD02B47DA2C3} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {8BA6B796-9543-4A22-AE45-89FF027C5025} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {91C16160-5323-4858-8A71-730D3A2FE101} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe <==== ATTENTION
Task: {93FB2B86-F3A0-4A0F-8824-B74AD1351F5F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A661D1FB-EF26-425F-88EE-3F35688DF221} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000Core => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-27] (Facebook, Inc. -> Facebook Inc.)
Task: {BB3AADBC-158E-450F-833E-CCADA314DDC7} - System32\Tasks\{48540778-72F5-48CF-9963-9A6EA1094FCE} => "c:\program files\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.10.0.104/en/abandoninstall?source=lightinstaller&page=tsMain
Task: {C6EB2091-F0CD-472D-B6A4-DE608E7C2586} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000UA => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-27] (Facebook, Inc. -> Facebook Inc.)
Task: {D497C494-275D-4D07-9839-835186300FD1} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000Core.job => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000UA.job => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.) [File not signed]
Winsock: Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{2D18AA58-FD63-4E64-942D-28E841087B09}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{98E2D27B-7BF7-4FC6-8846-9AEA94064297}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2020-01-21] (Google Inc -> Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-24] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2020-01-21] (Google Inc -> Google Inc.)
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [2010-04-23] (TVU networks -> TVU networks)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc. -> Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc. -> Veetle Inc)
Chrome:
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2020-03-15]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-11]
CHR Extension: (Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-11]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-11]
CHR Extension: (Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-11]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [4920736 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [720896 2008-12-01] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [367184 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 BecHelperService; C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe [1740696 2011-03-23] (Birdstep Technology AB -> )
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe [308656 2010-09-13] (Eastman Kodak Company -> Eastman Kodak Company)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [386560 2006-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35752 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175464 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [221968 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [167184 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58640 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [211840 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41448 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148416 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95416 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73552 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [690232 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [395696 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [177000 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277648 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4179968 2008-12-01] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl6.sys [2506232 2009-07-08] (Broadcom Corporation -> Broadcom Corporation)
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [60928 2006-02-16] (Microsoft Windows Hardware Compatibility Publisher -> ENE Technology Inc.)
R3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [74624 2006-02-16] (Microsoft Windows Hardware Compatibility Publisher -> ENE Technology Inc.)
S3 ewusbmbb; C:\Windows\System32\DRIVERS\ewusbwwan.sys [353280 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [102784 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [11136 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSX_DPV.sys [986624 2006-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HSXHWAZL; C:\Windows\System32\DRIVERS\HSXHWAZL.sys [206848 2006-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [73216 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [193792 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R2 mdvrmng; C:\Windows\system32\drivers\mdvrmng.sys [10240 2011-03-23] () [File not signed]
R3 RTL8023xp; C:\Windows\System32\DRIVERS\Rtnicxp.sys [51200 2008-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation )
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
R3 winachsf; C:\Windows\System32\DRIVERS\HSX_CNXT.sys [659968 2006-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio.sys [8192 2006-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 cpuz134; \??\C:\Users\MYLAPT~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-15 18:59 - 2020-03-15 19:01 - 000021829 _____ C:\Users\Administrator\Downloads\FRST.txt
2020-03-15 18:50 - 2020-03-15 19:00 - 000000000 ____D C:\FRST
2020-03-15 18:34 - 2020-03-15 18:41 - 002007552 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2020-03-15 16:52 - 2020-03-15 16:52 - 000000000 _____ C:\Windows\system32\last.dump
2020-03-15 16:27 - 2020-03-15 16:27 - 000109280 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2020-03-11 02:02 - 2020-03-11 02:02 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-03-11 02:02 - 2020-03-11 02:02 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-03-11 01:46 - 2020-03-15 16:34 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-03-11 01:46 - 2020-03-11 01:46 - 000003370 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-03-11 01:46 - 2020-03-11 01:46 - 000003242 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-03-11 01:45 - 2020-03-11 02:02 - 000000000 ____D C:\Program Files\CCleaner
2020-03-11 01:45 - 2020-03-11 01:45 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-11 01:45 - 2020-03-11 01:45 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-03-11 01:45 - 2020-03-11 01:45 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-03-11 01:45 - 2020-03-11 01:45 - 000000925 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-03-11 01:45 - 2020-03-11 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-11 01:40 - 2020-03-11 01:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-03-11 01:26 - 2020-03-15 16:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-03-11 01:24 - 2020-03-11 01:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\Eastman_Kodak_Company
2020-03-11 01:23 - 2020-03-11 01:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\Eastman Kodak Company
2020-03-11 01:22 - 2020-03-11 01:22 - 000001373 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-03-11 01:22 - 2020-03-11 01:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-03-11 00:19 - 2020-03-11 00:19 - 000000000 ____D C:\Users\MY LAPTOP\AppData\Local\{05DA8100-8383-493F-AB13-6F4CCFB34DB6}
2020-03-11 00:17 - 2020-03-11 00:17 - 000038912 _____ () C:\Windows\system32\Drivers\staport.sys
2020-03-10 23:59 - 2020-03-10 23:58 - 000308600 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-10 23:59 - 2020-03-10 23:58 - 000177000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-10 23:59 - 2020-03-10 23:58 - 000148416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-10 23:28 - 2020-03-10 23:32 - 022195736 _____ (Piriform Software Ltd) C:\Users\MY LAPTOP\Downloads\ccsetup564.exe
2020-03-10 23:03 - 2020-03-10 23:03 - 000000000 ____D C:\Users\MY LAPTOP\AppData\Local\{0C7FA790-4B4A-453C-8C4E-6BABDE27CE33}
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-15 18:37 - 2009-07-14 04:34 - 000017856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-15 18:37 - 2009-07-14 04:34 - 000017856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-15 18:16 - 2011-08-31 16:34 - 000000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000UA.job
2020-03-15 18:16 - 2011-08-31 16:34 - 000000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000Core.job
2020-03-15 17:57 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\tracing
2020-03-15 16:31 - 2011-08-02 14:50 - 000016384 _____ C:\Windows\system32\Ikeext.etl
2020-03-15 16:31 - 2011-02-02 22:39 - 000000000 ____D C:\ProgramData\Kodak
2020-03-15 16:31 - 2009-07-14 04:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-15 16:26 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\inf
2020-03-15 15:48 - 2010-02-26 03:32 - 000000000 ____D C:\Windows\Panther
2020-03-15 15:48 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\ModemLogs
2020-03-15 15:46 - 2020-01-20 23:51 - 000004170 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-11 19:54 - 2010-02-25 19:56 - 000395696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-11 01:25 - 2020-01-21 19:30 - 000000000 ____D C:\Users\Administrator
2020-03-11 01:25 - 2009-07-14 04:46 - 000001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2020-03-11 00:18 - 2010-05-16 18:40 - 000000000 ____D C:\Users\MY LAPTOP\Tracing
2020-03-10 23:58 - 2020-01-20 23:49 - 000211840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-03-10 23:58 - 2020-01-20 23:49 - 000041448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-10 23:58 - 2014-08-21 17:40 - 000277648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-10 23:58 - 2014-08-21 17:40 - 000095416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-10 23:58 - 2014-08-21 17:40 - 000073552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-10 23:57 - 2020-01-20 23:49 - 000175464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-10 23:57 - 2020-01-20 23:49 - 000035752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-03-10 23:57 - 2011-06-24 00:03 - 000690232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-10 23:56 - 2020-01-20 23:49 - 000167184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-10 23:56 - 2020-01-20 23:49 - 000058640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-10 23:55 - 2020-01-20 23:49 - 000221968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-10 23:37 - 2014-11-22 11:45 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-10 23:37 - 2014-11-22 11:43 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories ========
2016-05-16 16:54 - 2016-05-16 16:54 - 006748160 _____ () C:\Program Files\GUT4410.tmp
2014-04-05 23:46 - 2014-04-05 23:46 - 006000640 _____ () C:\Program Files\GUT879D.tmp
2016-02-18 17:07 - 2016-02-18 17:07 - 006871040 _____ () C:\Program Files\GUT9981.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-03-15 18:12
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-03-2020
Ran by Administrator (15-03-2020 19:03:21)
Running from C:\Users\Administrator\Downloads
Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2010-02-25 19:44:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-758054875-3775951481-3744815746-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-758054875-3775951481-3744815746-501 - Limited - Disabled)
LAPTOP (S-1-5-21-758054875-3775951481-3744815746-1000 - Limited - Enabled) => C:\Users\MY LAPTOP
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3Connect (HKLM\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - 3 Mobile Broadband)
Acrobat.com (HKLM\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
aiofw (HKLM\...\{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}) (Version: 4.2.6.0 - Eastman Kodak Company) Hidden
aioprnt (HKLM\...\{0645A454-AD44-4F0D-99CF-6B762735AD1F}) (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (HKLM\...\{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}) (Version: 4.2.6.0 - Your Company Name) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform)
center (HKLM\...\{56BA241F-580C-43D2-8403-947241AAE633}) (Version: 5.0.0.0 - Eastman Kodak Company) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Huawei modem (HKLM\...\Huawei Modems) (Version: - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KODAK AiO Home Centre (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 5.4.6.4 - Eastman Kodak Company)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM\...\{BE282C23-5484-47FF-B2C1-EBEA5C891033}) (Version: 8.3.31 - Nero AG)
PreReq (HKLM\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.0.5.2 - Eastman Kodak Company) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-09-16] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2010-02-25 19:57 - 2008-09-16 20:18 - 000132608 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2011-08-01 10:47 - 2011-03-23 15:20 - 000110592 _____ (3Connect) [File not signed] C:\Program Files\3 Mobile Broadband\3Connect\Logger.dll
2008-12-12 11:11 - 2008-12-12 11:11 - 000147456 _____ (Apple Inc.) [File not signed] C:\Program Files\Bonjour\mdnsNSP.dll
2008-12-12 11:11 - 2008-12-12 11:11 - 000061440 _____ (Apple Inc.) [File not signed] C:\Windows\system32\dnssd.dll
2010-06-21 10:14 - 2010-06-21 10:14 - 000075264 _____ (Eastman Kodak Company) [File not signed] C:\Program Files\Kodak\AiO\Center\Logger.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000153088 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_32\Inkjet.Hardware\5.4.6.4__5cc7ad8abd921325\Inkjet.Hardware.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000031744 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_32\Inkjet.Statistics\5.4.6.4__5cc7ad8abd921325\Inkjet.Statistics.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000067072 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_32\Inkjet.Utilities\5.4.6.4__5cc7ad8abd921325\Inkjet.Utilities.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000058368 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_MSIL\Inkjet.Automation\5.4.6.4__5cc7ad8abd921325\Inkjet.Automation.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000036864 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_MSIL\Inkjet.Diagnostics\5.4.6.4__5cc7ad8abd921325\Inkjet.Diagnostics.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000121856 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_MSIL\Inkjet.Localization\5.4.6.4__5cc7ad8abd921325\Inkjet.Localization.dll
2010-02-25 20:59 - 2010-02-25 20:59 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:04 - 2009-06-10 21:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared
HKU\S-1-5-21-758054875-3775951481-3744815746-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{86848B4E-8888-4395-9D1F-002B2F6A2C59}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02F6CEB9-27E5-4160-B164-087F6DDA2E0E}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4479BF4A-9B8A-4664-A2EF-7826B30E9D81}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4E67A7E9-708F-41E4-9A1C-FD62546B7810}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CA2A14B0-7A96-4626-93F4-E9BBD65C352D}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E04BDCAA-2798-40AC-951A-99D98878B079}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{01C4BF06-1296-46B1-8C0F-E7BFD342B251}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E66CF11-B5ED-42DD-A3E8-2C5B9D18EC11}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63D56DC4-8EC6-448C-817D-3D6E6611BD1E}] => (Allow) LPort=2869
FirewallRules: [{904DF25F-9E59-4BD4-A7DD-5D41D0E57608}] => (Allow) LPort=1900
FirewallRules: [{C96D490B-3AA6-4688-8CEC-91B243FFE11C}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67CAAF02-3EDF-4740-9EBE-330AFA656CE0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3AC457AD-307D-4953-BC59-0A7E25C1150B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{156D0772-B291-4F05-88BC-2940A1027987}] => (Allow) LPort=5353
FirewallRules: [{155649F4-1208-4BCA-AA1B-CED34C9C68F8}] => (Allow) C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{58D846B7-8218-4483-93C1-C3A319B98892}] => (Allow) C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{8385F26A-3EF7-4061-BBE7-F2E021B0A440}] => (Allow) LPort=9322
FirewallRules: [{48028D8E-03A2-4B48-BD45-5C7DAB8D44D7}] => (Allow) LPort=9322
FirewallRules: [TCP Query User{8DBC209D-7CC5-43BD-83CB-8E12B46884D1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E5B6B6B8-5EE5-4AF5-95DC-7E1308840676}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B56ADB99-A127-43E5-939F-2ADE03737CC4}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{1B98B027-4BEE-4CDF-812B-BF322B7A6719}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{7893C3A1-2F16-4256-9171-682B40BB4AC6}] => (Allow) LPort=443
FirewallRules: [{279F5549-1E77-465C-B232-E2DA1EC6C830}] => (Allow) LPort=443
FirewallRules: [{0DD1E00C-8579-410D-BB85-1D7EA8D40F01}] => (Allow) LPort=37674
FirewallRules: [{A77A6CA0-9888-4158-9097-FDB0F232EF8B}] => (Allow) LPort=37674
FirewallRules: [{8FB258D1-CBAE-4800-AF72-FCA6E4972758}] => (Allow) LPort=37675
FirewallRules: [{5710A32D-E3B7-4D7D-AF2C-891A73DE7684}] => (Allow) LPort=443
FirewallRules: [{47E5AFE8-2675-4C46-A259-6D782D800550}] => (Allow) LPort=443
FirewallRules: [{47887102-C90F-443F-8405-DC90825DA76C}] => (Allow) LPort=37674
FirewallRules: [{A8E5403C-CF73-455A-8A0D-725CEE331ACB}] => (Allow) LPort=37674
FirewallRules: [{4A65FE9A-9441-471A-BAC8-D3AEB1838634}] => (Allow) LPort=37675
FirewallRules: [{3880F962-E864-408B-A87C-3CC8E318AFE0}] => (Allow) LPort=37676
FirewallRules: [{D015084F-668B-4093-B610-736368E79EA3}] => (Allow) LPort=37676
FirewallRules: [{D6F4DEF0-08BD-44F0-B526-420232E5BD5A}] => (Allow) LPort=37677
FirewallRules: [{F638DF49-FA35-47F0-B140-4A5EE27AA4F0}] => (Allow) LPort=37678
FirewallRules: [{681172C0-B434-4AD0-9342-4EC5920DD3DC}] => (Allow) LPort=37678
FirewallRules: [{29EF3686-BF0B-470A-8785-1EE945AF3830}] => (Allow) LPort=37679
FirewallRules: [{BAC450E4-03A4-4E73-ABA6-58EC3D9AD23F}] => (Allow) %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A873722-BB09-4EAA-A056-A625AFE7BC4E}] => (Allow) C:\Users\MY LAPTOP\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{E14F13E9-0A6A-49F5-B981-E0C62432742B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{271261E7-D0FF-4AB6-99D0-146FE19847A4}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (AVAST Software s.r.o. -> Piriform Software)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: PCI FLASH Memory
Description: PCI FLASH Memory
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/15/2020 07:02:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 06:02:17 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 05:02:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 04:48:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
System errors:
=============
Error: (03/15/2020 04:40:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (03/15/2020 04:38:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Search service hung on starting.
Error: (03/15/2020 04:35:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
Error: (03/15/2020 04:34:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (03/15/2020 04:34:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
Error: (03/15/2020 03:35:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
Error: (03/15/2020 01:37:25 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{2D18AA58-FD63-4E64-942D-28E841087B09} because another computer on the network has the same name. The server could not start.
Error: (03/14/2020 04:23:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
Windows Defender:
===================================
Date: 2012-08-08 20:04:27.474
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature:On Access
Error Code:0x80070013
Error description:The media is write protected.
Reason:Real Time Monitoring has stopped functioning for an unknown reason. Restart the service in order to recover.
==================== Memory info ===========================
BIOS: Acer ACRSYS - 6040000 10/30/2006
Motherboard: Acer, Inc. Prespa M
Processor: Mobile AMD Sempron(tm) Processor 3400+
Percentage of memory in use: 93%
Total physical RAM: 734.17 MB
Available physical RAM: 45.09 MB
Total Virtual: 1866.17 MB
Available Virtual: 172.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:37.16 GB) (Free:11.03 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 37.3 GB) (Disk ID: 379C7ACB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=37.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-03-2020
Ran by Administrator (administrator) on DICK (Acer, inc. Aspire 3050 ) (15-03-2020 18:59:04)
Running from C:\Users\Administrator\Downloads
Loaded Profiles: Administrator (Available Profiles: LAPTOP & Administrator)
Platform: Microsoft Windows 7 Home Basic Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Alwil Software\Avast5\AvastUI.exe
(AVAST Software s.r.o. -> Piriform Software) C:\Program Files\CCleaner Browser\Update\1.6.607.0\CCleanerBrowserCrashHandler.exe
(Birdstep Technology AB -> ) C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe
(Eastman Kodak Company -> Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company) C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [1638400 2010-09-02] (Microsoft Windows Hardware Compatibility Publisher -> Eastman Kodak Company)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Alwil Software\Avast5\AvLaunch.exe [238392 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-758054875-3775951481-3744815746-500\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> "C:\Program Files\CCleaner Browser\Application\79.0.3066.82\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\79.0.3945.130\Installer\chrmstp.exe [2020-01-22] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06D5CFA9-6C20-459F-A452-012DAF5C6E08} - System32\Tasks\Avast Emergency Update => C:\Program Files\Alwil Software\Avast5\AvEmUpdate.exe [3196864 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
Task: {0A5F59DA-2544-49DF-8152-03099ED002F5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2016-01-07] (Google Inc -> Google Inc.)
Task: {123337E8-1A43-4A2A-8E79-EB5B8EB99300} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1878176 2020-01-08] (AVAST Software s.r.o. -> Piriform Software)
Task: {1C2AFEEC-9FD7-4625-83BD-07F16E2A67E5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2016-01-07] (Google Inc -> Google Inc.)
Task: {24F3138E-BAF9-4D39-942F-B178B1811724} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2C192CAF-35D7-4493-9303-84540521B58D} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => %windir%\system32\rundll32.exe aepdu.dll,AePduRunUpdate -nolegacy
Task: {4866C27B-6BB1-43F0-BEF9-21E3B8DCAEF6} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
Task: {5A7CB3C3-6E80-4E06-92FA-5DDAEE1B105E} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {6AA77B64-0CB5-44F5-9217-7B489907F8CB} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe [1878176 2020-01-08] (AVAST Software s.r.o. -> Piriform Software)
Task: {6F30085F-2E7A-431D-931E-1A8FC161A1F7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1410152 2020-03-10] (Avast Software s.r.o. -> Avast Software)
Task: {8497D46F-4A07-45B2-94FC-0FC0013261EA} - System32\Tasks\{C95EAEC5-8255-4D20-A248-AD02B47DA2C3} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {8BA6B796-9543-4A22-AE45-89FF027C5025} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {91C16160-5323-4858-8A71-730D3A2FE101} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe <==== ATTENTION
Task: {93FB2B86-F3A0-4A0F-8824-B74AD1351F5F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18233016 2020-02-28] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {A661D1FB-EF26-425F-88EE-3F35688DF221} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000Core => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-27] (Facebook, Inc. -> Facebook Inc.)
Task: {BB3AADBC-158E-450F-833E-CCADA314DDC7} - System32\Tasks\{48540778-72F5-48CF-9963-9A6EA1094FCE} => "c:\program files\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.10.0.104/en/abandoninstall?source=lightinstaller&page=tsMain
Task: {C6EB2091-F0CD-472D-B6A4-DE608E7C2586} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000UA => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-09-27] (Facebook, Inc. -> Facebook Inc.)
Task: {D497C494-275D-4D07-9839-835186300FD1} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000Core.job => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000UA.job => C:\Users\MY LAPTOP\AppData\Local\Facebook\Update\FacebookUpdate.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456 2008-12-12] (Apple Inc.) [File not signed]
Winsock: Catalog5 06 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{2D18AA58-FD63-4E64-942D-28E841087B09}: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{98E2D27B-7BF7-4FC6-8846-9AEA94064297}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2020-01-21] (Google Inc -> Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-06-24] (Sun Microsystems, Inc. -> Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2020-01-21] (Google Inc -> Google Inc.)
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [2010-04-23] (TVU networks -> TVU networks)
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files\CCleaner Browser\Update\1.6.607.0\npCCleanerBrowserUpdate3.dll [No File]
FF Plugin: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files\Veetle\plugins\npVeetle.dll [2010-10-16] (Veetle Inc. -> Veetle Inc)
FF Plugin: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc. -> Veetle Inc)
Chrome:
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2020-03-15]
CHR HomePage: Default -> hxxp://www.google.com
CHR Extension: (Slides) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-03-11]
CHR Extension: (Docs) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-03-11]
CHR Extension: (Google Drive) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-03-11]
CHR Extension: (Sheets) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-03-11]
CHR Extension: (Google Docs Offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-11]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2020-03-15]
CHR Extension: (Chrome Media Router) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-03-15]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\Alwil Software\Avast5\aswidsagent.exe [4920736 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [720896 2008-12-01] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R2 avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [367184 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 BecHelperService; C:\Program Files\3 Mobile Broadband\3Connect\BecHelperService.exe [1740696 2011-03-23] (Birdstep Technology AB -> )
S2 ccleaner; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
S3 ccleanerm; C:\Program Files\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [206104 2020-03-11] (AVAST Software s.r.o. -> Piriform Software)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\ekdiscovery.exe [308656 2010-09-13] (Eastman Kodak Company -> Eastman Kodak Company)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
R2 XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [386560 2006-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [35752 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [175464 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [221968 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [167184 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58640 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [211840 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41448 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [148416 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [95416 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [73552 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [690232 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [395696 2020-03-11] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [177000 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [277648 2020-03-10] (Avast Software s.r.o. -> AVAST Software)
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [4179968 2008-12-01] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 BCM43XX; C:\Windows\System32\DRIVERS\bcmwl6.sys [2506232 2009-07-08] (Broadcom Corporation -> Broadcom Corporation)
R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [60928 2006-02-16] (Microsoft Windows Hardware Compatibility Publisher -> ENE Technology Inc.)
R3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [74624 2006-02-16] (Microsoft Windows Hardware Compatibility Publisher -> ENE Technology Inc.)
S3 ewusbmbb; C:\Windows\System32\DRIVERS\ewusbwwan.sys [353280 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [102784 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 ew_usbenumfilter; C:\Windows\System32\DRIVERS\ew_usbenumfilter.sys [11136 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R3 HSF_DPV; C:\Windows\System32\DRIVERS\HSX_DPV.sys [986624 2006-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HSXHWAZL; C:\Windows\System32\DRIVERS\HSXHWAZL.sys [206848 2006-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 huawei_enumerator; C:\Windows\System32\DRIVERS\ew_jubusenum.sys [73216 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [193792 2011-03-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 mdmxsdk; C:\Windows\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-19] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R2 mdvrmng; C:\Windows\system32\drivers\mdvrmng.sys [10240 2011-03-23] () [File not signed]
R3 RTL8023xp; C:\Windows\System32\DRIVERS\Rtnicxp.sys [51200 2008-07-22] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corporation )
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
R3 winachsf; C:\Windows\System32\DRIVERS\HSX_CNXT.sys [659968 2006-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R2 XAudio; C:\Windows\System32\DRIVERS\xaudio.sys [8192 2006-08-04] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
S3 cpuz134; \??\C:\Users\MYLAPT~1\AppData\Local\Temp\cpuz134\cpuz134_x32.sys [X] <==== ATTENTION
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ===================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-15 18:59 - 2020-03-15 19:01 - 000021829 _____ C:\Users\Administrator\Downloads\FRST.txt
2020-03-15 18:50 - 2020-03-15 19:00 - 000000000 ____D C:\FRST
2020-03-15 18:34 - 2020-03-15 18:41 - 002007552 _____ (Farbar) C:\Users\Administrator\Downloads\FRST.exe
2020-03-15 16:52 - 2020-03-15 16:52 - 000000000 _____ C:\Windows\system32\last.dump
2020-03-15 16:27 - 2020-03-15 16:27 - 000109280 _____ C:\Users\Administrator\AppData\Local\GDIPFONTCACHEV1.DAT
2020-03-11 02:02 - 2020-03-11 02:02 - 000003714 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2020-03-11 02:02 - 2020-03-11 02:02 - 000003132 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2020-03-11 01:46 - 2020-03-15 16:34 - 000000000 ____D C:\Program Files\CCleaner Browser
2020-03-11 01:46 - 2020-03-11 01:46 - 000003370 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2020-03-11 01:46 - 2020-03-11 01:46 - 000003242 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2020-03-11 01:45 - 2020-03-11 02:02 - 000000000 ____D C:\Program Files\CCleaner
2020-03-11 01:45 - 2020-03-11 01:45 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-03-11 01:45 - 2020-03-11 01:45 - 000002816 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2020-03-11 01:45 - 2020-03-11 01:45 - 000000925 _____ C:\Users\Public\Desktop\CCleaner.lnk
2020-03-11 01:45 - 2020-03-11 01:45 - 000000925 _____ C:\ProgramData\Desktop\CCleaner.lnk
2020-03-11 01:45 - 2020-03-11 01:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2020-03-11 01:40 - 2020-03-11 01:40 - 000000000 ____D C:\Users\Administrator\AppData\Local\CEF
2020-03-11 01:26 - 2020-03-15 16:51 - 000000000 ____D C:\Users\Administrator\AppData\Local\Google
2020-03-11 01:24 - 2020-03-11 01:24 - 000000000 ____D C:\Users\Administrator\AppData\Local\Eastman_Kodak_Company
2020-03-11 01:23 - 2020-03-11 01:23 - 000000000 ____D C:\Users\Administrator\AppData\Local\Eastman Kodak Company
2020-03-11 01:22 - 2020-03-11 01:22 - 000001373 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2020-03-11 01:22 - 2020-03-11 01:22 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2020-03-11 00:19 - 2020-03-11 00:19 - 000000000 ____D C:\Users\MY LAPTOP\AppData\Local\{05DA8100-8383-493F-AB13-6F4CCFB34DB6}
2020-03-11 00:17 - 2020-03-11 00:17 - 000038912 _____ () C:\Windows\system32\Drivers\staport.sys
2020-03-10 23:59 - 2020-03-10 23:58 - 000308600 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2020-03-10 23:59 - 2020-03-10 23:58 - 000177000 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2020-03-10 23:59 - 2020-03-10 23:58 - 000148416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2020-03-10 23:28 - 2020-03-10 23:32 - 022195736 _____ (Piriform Software Ltd) C:\Users\MY LAPTOP\Downloads\ccsetup564.exe
2020-03-10 23:03 - 2020-03-10 23:03 - 000000000 ____D C:\Users\MY LAPTOP\AppData\Local\{0C7FA790-4B4A-453C-8C4E-6BABDE27CE33}
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2020-03-15 18:37 - 2009-07-14 04:34 - 000017856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-03-15 18:37 - 2009-07-14 04:34 - 000017856 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-03-15 18:16 - 2011-08-31 16:34 - 000000944 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000UA.job
2020-03-15 18:16 - 2011-08-31 16:34 - 000000922 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-758054875-3775951481-3744815746-1000Core.job
2020-03-15 17:57 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\tracing
2020-03-15 16:31 - 2011-08-02 14:50 - 000016384 _____ C:\Windows\system32\Ikeext.etl
2020-03-15 16:31 - 2011-02-02 22:39 - 000000000 ____D C:\ProgramData\Kodak
2020-03-15 16:31 - 2009-07-14 04:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-03-15 16:26 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\inf
2020-03-15 15:48 - 2010-02-26 03:32 - 000000000 ____D C:\Windows\Panther
2020-03-15 15:48 - 2009-07-14 02:37 - 000000000 ____D C:\Windows\ModemLogs
2020-03-15 15:46 - 2020-01-20 23:51 - 000004170 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2020-03-11 19:54 - 2010-02-25 19:56 - 000395696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2020-03-11 01:25 - 2020-01-21 19:30 - 000000000 ____D C:\Users\Administrator
2020-03-11 01:25 - 2009-07-14 04:46 - 000001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2020-03-11 00:18 - 2010-05-16 18:40 - 000000000 ____D C:\Users\MY LAPTOP\Tracing
2020-03-10 23:58 - 2020-01-20 23:49 - 000211840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2020-03-10 23:58 - 2020-01-20 23:49 - 000041448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2020-03-10 23:58 - 2014-08-21 17:40 - 000277648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2020-03-10 23:58 - 2014-08-21 17:40 - 000095416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2020-03-10 23:58 - 2014-08-21 17:40 - 000073552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2020-03-10 23:57 - 2020-01-20 23:49 - 000175464 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2020-03-10 23:57 - 2020-01-20 23:49 - 000035752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2020-03-10 23:57 - 2011-06-24 00:03 - 000690232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2020-03-10 23:56 - 2020-01-20 23:49 - 000167184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2020-03-10 23:56 - 2020-01-20 23:49 - 000058640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2020-03-10 23:55 - 2020-01-20 23:49 - 000221968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2020-03-10 23:37 - 2014-11-22 11:45 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2020-03-10 23:37 - 2014-11-22 11:43 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
==================== Files in the root of some directories ========
2016-05-16 16:54 - 2016-05-16 16:54 - 006748160 _____ () C:\Program Files\GUT4410.tmp
2014-04-05 23:46 - 2014-04-05 23:46 - 006000640 _____ () C:\Program Files\GUT879D.tmp
2016-02-18 17:07 - 2016-02-18 17:07 - 006871040 _____ () C:\Program Files\GUT9981.tmp
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
LastRegBack: 2020-03-15 18:12
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-03-2020
Ran by Administrator (15-03-2020 19:03:21)
Running from C:\Users\Administrator\Downloads
Microsoft Windows 7 Home Basic Service Pack 1 (X86) (2010-02-25 19:44:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-758054875-3775951481-3744815746-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-758054875-3775951481-3744815746-501 - Limited - Disabled)
LAPTOP (S-1-5-21-758054875-3775951481-3744815746-1000 - Limited - Enabled) => C:\Users\MY LAPTOP
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3Connect (HKLM\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - 3 Mobile Broadband)
Acrobat.com (HKLM\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.0.4990 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
aiofw (HKLM\...\{DE6B7599-D3EF-4436-8836-BAA0B0D7768D}) (Version: 4.2.6.0 - Eastman Kodak Company) Hidden
aioprnt (HKLM\...\{0645A454-AD44-4F0D-99CF-6B762735AD1F}) (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (HKLM\...\{FE24086F-3B0C-4C47-A874-97A7B8E2FBBE}) (Version: 4.2.6.0 - Your Company Name) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 20.1.2397 - AVAST Software)
Bonjour (HKLM\...\{07287123-B8AC-41CE-8346-3D777245C35B}) (Version: 1.0.106 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.64 - Piriform)
center (HKLM\...\{56BA241F-580C-43D2-8403-947241AAE633}) (Version: 5.0.0.0 - Eastman Kodak Company) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKLM\...\Google Chrome) (Version: 79.0.3945.130 - Google LLC)
Google Toolbar for Internet Explorer (HKLM\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118) (Version: - )
Huawei modem (HKLM\...\Huawei Modems) (Version: - )
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Java(TM) 6 Update 20 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KODAK AiO Home Centre (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 5.4.6.4 - Eastman Kodak Company)
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM\...\{BE282C23-5484-47FF-B2C1-EBEA5C891033}) (Version: 8.3.31 - Nero AG)
PreReq (HKLM\...\{DA5BDB2A-12F0-4343-8351-21AAEB293990}) (Version: 6.0.5.2 - Eastman Kodak Company) Hidden
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VCRedistSetup (HKLM\...\{3921A67A-5AB1-4E48-9444-C71814CF3027}) (Version: 1.0.0 - Nero AG) Hidden
Veetle TV 0.9.18 (HKLM\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-09-16] () [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Alwil Software\Avast5\ashShell.dll [2020-03-10] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2008-09-16] () [File not signed]
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2010-02-25 19:57 - 2008-09-16 20:18 - 000132608 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2011-08-01 10:47 - 2011-03-23 15:20 - 000110592 _____ (3Connect) [File not signed] C:\Program Files\3 Mobile Broadband\3Connect\Logger.dll
2008-12-12 11:11 - 2008-12-12 11:11 - 000147456 _____ (Apple Inc.) [File not signed] C:\Program Files\Bonjour\mdnsNSP.dll
2008-12-12 11:11 - 2008-12-12 11:11 - 000061440 _____ (Apple Inc.) [File not signed] C:\Windows\system32\dnssd.dll
2010-06-21 10:14 - 2010-06-21 10:14 - 000075264 _____ (Eastman Kodak Company) [File not signed] C:\Program Files\Kodak\AiO\Center\Logger.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000153088 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_32\Inkjet.Hardware\5.4.6.4__5cc7ad8abd921325\Inkjet.Hardware.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000031744 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_32\Inkjet.Statistics\5.4.6.4__5cc7ad8abd921325\Inkjet.Statistics.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000067072 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_32\Inkjet.Utilities\5.4.6.4__5cc7ad8abd921325\Inkjet.Utilities.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000058368 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_MSIL\Inkjet.Automation\5.4.6.4__5cc7ad8abd921325\Inkjet.Automation.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000036864 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_MSIL\Inkjet.Diagnostics\5.4.6.4__5cc7ad8abd921325\Inkjet.Diagnostics.dll
2011-02-17 13:17 - 2011-02-17 13:17 - 000121856 _____ (Eastman Kodak Company) [File not signed] C:\Windows\assembly\GAC_MSIL\Inkjet.Localization\5.4.6.4__5cc7ad8abd921325\Inkjet.Localization.dll
2010-02-25 20:59 - 2010-02-25 20:59 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer trusted/restricted ==========
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:04 - 2009-06-10 21:39 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Windows Live\Shared
HKU\S-1-5-21-758054875-3775951481-3744815746-500\Control Panel\Desktop\\Wallpaper -> C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 194.168.4.100 - 194.168.8.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{86848B4E-8888-4395-9D1F-002B2F6A2C59}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{02F6CEB9-27E5-4160-B164-087F6DDA2E0E}] => (Allow) svchost.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4479BF4A-9B8A-4664-A2EF-7826B30E9D81}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{4E67A7E9-708F-41E4-9A1C-FD62546B7810}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{CA2A14B0-7A96-4626-93F4-E9BBD65C352D}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{E04BDCAA-2798-40AC-951A-99D98878B079}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{01C4BF06-1296-46B1-8C0F-E7BFD342B251}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5E66CF11-B5ED-42DD-A3E8-2C5B9D18EC11}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{63D56DC4-8EC6-448C-817D-3D6E6611BD1E}] => (Allow) LPort=2869
FirewallRules: [{904DF25F-9E59-4BD4-A7DD-5D41D0E57608}] => (Allow) LPort=1900
FirewallRules: [{C96D490B-3AA6-4688-8CEC-91B243FFE11C}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67CAAF02-3EDF-4740-9EBE-330AFA656CE0}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3AC457AD-307D-4953-BC59-0A7E25C1150B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{156D0772-B291-4F05-88BC-2940A1027987}] => (Allow) LPort=5353
FirewallRules: [{155649F4-1208-4BCA-AA1B-CED34C9C68F8}] => (Allow) C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{58D846B7-8218-4483-93C1-C3A319B98892}] => (Allow) C:\Program Files\Kodak\AiO\Center\NetworkPrinterDiscovery.exe (Eastman Kodak Company -> Eastman Kodak Company)
FirewallRules: [{8385F26A-3EF7-4061-BBE7-F2E021B0A440}] => (Allow) LPort=9322
FirewallRules: [{48028D8E-03A2-4B48-BD45-5C7DAB8D44D7}] => (Allow) LPort=9322
FirewallRules: [TCP Query User{8DBC209D-7CC5-43BD-83CB-8E12B46884D1}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{E5B6B6B8-5EE5-4AF5-95DC-7E1308840676}C:\program files\internet explorer\iexplore.exe] => (Allow) C:\program files\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B56ADB99-A127-43E5-939F-2ADE03737CC4}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe
FirewallRules: [UDP Query User{1B98B027-4BEE-4CDF-812B-BF322B7A6719}C:\program files\java\jre6\bin\java.exe] => (Block) C:\program files\java\jre6\bin\java.exe
FirewallRules: [{7893C3A1-2F16-4256-9171-682B40BB4AC6}] => (Allow) LPort=443
FirewallRules: [{279F5549-1E77-465C-B232-E2DA1EC6C830}] => (Allow) LPort=443
FirewallRules: [{0DD1E00C-8579-410D-BB85-1D7EA8D40F01}] => (Allow) LPort=37674
FirewallRules: [{A77A6CA0-9888-4158-9097-FDB0F232EF8B}] => (Allow) LPort=37674
FirewallRules: [{8FB258D1-CBAE-4800-AF72-FCA6E4972758}] => (Allow) LPort=37675
FirewallRules: [{5710A32D-E3B7-4D7D-AF2C-891A73DE7684}] => (Allow) LPort=443
FirewallRules: [{47E5AFE8-2675-4C46-A259-6D782D800550}] => (Allow) LPort=443
FirewallRules: [{47887102-C90F-443F-8405-DC90825DA76C}] => (Allow) LPort=37674
FirewallRules: [{A8E5403C-CF73-455A-8A0D-725CEE331ACB}] => (Allow) LPort=37674
FirewallRules: [{4A65FE9A-9441-471A-BAC8-D3AEB1838634}] => (Allow) LPort=37675
FirewallRules: [{3880F962-E864-408B-A87C-3CC8E318AFE0}] => (Allow) LPort=37676
FirewallRules: [{D015084F-668B-4093-B610-736368E79EA3}] => (Allow) LPort=37676
FirewallRules: [{D6F4DEF0-08BD-44F0-B526-420232E5BD5A}] => (Allow) LPort=37677
FirewallRules: [{F638DF49-FA35-47F0-B140-4A5EE27AA4F0}] => (Allow) LPort=37678
FirewallRules: [{681172C0-B434-4AD0-9342-4EC5920DD3DC}] => (Allow) LPort=37678
FirewallRules: [{29EF3686-BF0B-470A-8785-1EE945AF3830}] => (Allow) LPort=37679
FirewallRules: [{BAC450E4-03A4-4E73-ABA6-58EC3D9AD23F}] => (Allow) %SystemRoot%\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1A873722-BB09-4EAA-A056-A625AFE7BC4E}] => (Allow) C:\Users\MY LAPTOP\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe (Skype Software Sarl -> Skype Limited)
FirewallRules: [{E14F13E9-0A6A-49F5-B981-E0C62432742B}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{271261E7-D0FF-4AB6-99D0-146FE19847A4}] => (Allow) C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe (AVAST Software s.r.o. -> Piriform Software)
==================== Restore Points =========================
==================== Faulty Device Manager Devices ============
Name: PCI FLASH Memory
Description: PCI FLASH Memory
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: ========================
Application errors:
==================
Error: (03/15/2020 07:02:22 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 06:02:17 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 05:02:19 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 04:48:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\CCleaner Browser\Application\CCleanerBrowser.exe".
Dependent Assembly 79.0.3066.82,language="*",type="win32",version="79.0.3066.82" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (03/15/2020 04:34:17 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
System errors:
=============
Error: (03/15/2020 04:40:51 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Update service hung on starting.
Error: (03/15/2020 04:38:45 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Windows Search service hung on starting.
Error: (03/15/2020 04:35:33 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.
Error: (03/15/2020 04:34:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (03/15/2020 04:34:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
Error: (03/15/2020 03:35:20 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the RasMan service.
Error: (03/15/2020 01:37:25 AM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{2D18AA58-FD63-4E64-942D-28E841087B09} because another computer on the network has the same name. The server could not start.
Error: (03/14/2020 04:23:00 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avast! Antivirus service.
Windows Defender:
===================================
Date: 2012-08-08 20:04:27.474
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature:On Access
Error Code:0x80070013
Error description:The media is write protected.
Reason:Real Time Monitoring has stopped functioning for an unknown reason. Restart the service in order to recover.
==================== Memory info ===========================
BIOS: Acer ACRSYS - 6040000 10/30/2006
Motherboard: Acer, Inc. Prespa M
Processor: Mobile AMD Sempron(tm) Processor 3400+
Percentage of memory in use: 93%
Total physical RAM: 734.17 MB
Available physical RAM: 45.09 MB
Total Virtual: 1866.17 MB
Available Virtual: 172.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:37.16 GB) (Free:11.03 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 37.3 GB) (Disk ID: 379C7ACB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=37.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================