Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Inactive Support Threads
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Laptop very slow after Windows Update
Message
<blockquote data-quote="djr4yman" data-source="post: 510474" data-attributes="member: 52545"><p>My Laptop is a Toshiba Satellite C655-S5049. It does not have many programs installed but since it restarted after a Windows Update it has been painfully slow. pasted FRST and Addition .txt's here as it wont hurry up and upload.</p><p></p><p></p><p>FRST.txt</p><p>------------------------------------</p><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016</p><p>Ran by TBS (administrator) on TBS-PC (22-05-2016 04:27:21)</p><p>Running from C:\Users\TBS\Downloads</p><p>Loaded Profiles: TBS (Available Profiles: TBS)</p><p>Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)</p><p>Internet Explorer Version 8 (Default browser: FF)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxtray.exe</p><p>(Intel Corporation) C:\Windows\System32\hkcmd.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxpers.exe</p><p>(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe</p><p>(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe</p><p>(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxext.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxsrvc.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe</p><p>(Google Inc.) C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>(Google Inc.) C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ===========================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [] => [X]</p><p>HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.)</p><p>HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] ()</p><p>HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)</p><p>HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation)</p><p>HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)</p><p>HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation)</p><p>HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)</p><p>HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)</p><p>HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)</p><p>HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400576 2016-05-15] (AVAST Software)</p><p>Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)</p><p>HKU\S-1-5-21-3037345196-995968483-4216386591-1000\...\RunOnce: [FlashPlayerUpdate] => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_Plugin.exe [1172672 2016-04-21] (Adobe Systems Incorporated)</p><p>HKU\S-1-5-21-3037345196-995968483-4216386591-1000\...\MountPoints2: {d5aea5b6-070e-11e6-abd6-00266c63ace3} - E:\MotorolaDeviceManagerSetup.exe -a</p><p>ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-06] (AVAST Software)</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>Tcpip\Parameters: [DhcpNameServer] 10.0.0.138</p><p>Tcpip\..\Interfaces\{6B55C70C-F1A6-44A3-A1C5-B53CC52DB735}: [DhcpNameServer] 10.0.0.138</p><p>Tcpip\..\Interfaces\{7B6D05D8-8876-4240-AEAD-A853DDCDF3B6}: [DhcpNameServer] 10.0.0.138</p><p>Tcpip\..\Interfaces\{888C70AD-1925-486A-9DF1-70976B5620E5}: [DhcpNameServer] 10.0.0.138</p><p></p><p>Internet Explorer:</p><p>==================</p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://<a href="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA" target="_blank">www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA</a></p><p>HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://<a href="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA" target="_blank">www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA</a></p><p>HKU\S-1-5-21-3037345196-995968483-4216386591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://<a href="http://www.google.com/ig?brand=TSNA&bmod=TSNA" target="_blank">www.google.com/ig?brand=TSNA&bmod=TSNA</a></p><p>HKU\S-1-5-21-3037345196-995968483-4216386591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://<a href="http://www.google.com/ig?brand=TSNA&bmod=TSNA" target="_blank">www.google.com/ig?brand=TSNA&bmod=TSNA</a></p><p>SearchScopes: HKLM -> DefaultScope {25C033BD-5FBD-46A9-8484-9AA67942135A} URL = hxxp://<a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA" target="_blank">www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA</a></p><p>SearchScopes: HKLM -> {25C033BD-5FBD-46A9-8484-9AA67942135A} URL = hxxp://<a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA" target="_blank">www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA</a></p><p>SearchScopes: HKLM-x32 -> DefaultScope {7DF4D518-D7BC-44BE-99F2-BB650CB51376} URL = hxxp://<a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA" target="_blank">www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA</a></p><p>SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =</p><p>SearchScopes: HKLM-x32 -> {7DF4D518-D7BC-44BE-99F2-BB650CB51376} URL = hxxp://<a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA" target="_blank">www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA</a></p><p>SearchScopes: HKU\S-1-5-21-3037345196-995968483-4216386591-1000 -> DefaultScope {E6466F9A-2DF2-41D1-B2BF-B362297F34EE} URL = hxxp://<a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA" target="_blank">www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA</a></p><p>SearchScopes: HKU\S-1-5-21-3037345196-995968483-4216386591-1000 -> {E6466F9A-2DF2-41D1-B2BF-B362297F34EE} URL = hxxp://<a href="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA" target="_blank">www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA</a></p><p>BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)</p><p>BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll [2010-04-04] (Google Inc.)</p><p>BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-08] (AVAST Software)</p><p>BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-04] (Google Inc.)</p><p>BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-04] (Google Inc.)</p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)</p><p>BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated)</p><p>BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File</p><p>BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll [2010-04-04] (Google Inc.)</p><p>BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-08] (AVAST Software)</p><p>BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)</p><p>BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-04] (Google Inc.)</p><p>BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-04] (Google Inc.)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)</p><p>BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-04] (Google Inc.)</p><p>BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-04] (Sun Microsystems, Inc.)</p><p>BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-03] (<TOSHIBA>)</p><p>Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-04] (Google Inc.)</p><p>Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-04] (Google Inc.)</p><p>Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)</p><p>Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)</p><p>Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation)</p><p>Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p>Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p>Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p>Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default</p><p>FF Homepage: hxxps://<a href="http://www.google.com.pr/" target="_blank">www.google.com.pr/</a></p><p>FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-21] ()</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)</p><p>FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)</p><p>FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-21] ()</p><p>FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-07] (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-07] (Google Inc.)</p><p>FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)</p><p>FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\TBS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)</p><p>FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @talk.google.com/O1DPlugin -> C:\Users\TBS\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)</p><p>FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @tools.google.com/Google Update;version=3 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-28] (Google Inc.)</p><p>FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @tools.google.com/Google Update;version=9 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-28] (Google Inc.)</p><p>FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)</p><p>FF Plugin ProgramFiles/Appdata: C:\Users\TBS\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)</p><p>FF Plugin ProgramFiles/Appdata: C:\Users\TBS\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)</p><p>FF Extension: Personas Plus - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\extensions\personas@christopher.beard.xpi [2016-04-27]</p><p>FF Extension: Download Manager (S3) - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\extensions\s3download@statusbar.xpi [2016-05-10]</p><p>FF Extension: New Tab Homepage - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2016-04-08]</p><p>FF Extension: Adblock Plus - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01]</p><p>FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF</p><p>FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-06]</p><p>FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF</p><p>FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-06]</p><p>FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF</p><p>FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF</p><p></p><p>Chrome:</p><p>=======</p><p>CHR Profile: C:\Users\TBS\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Docs) - C:\Users\TBS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-07]</p><p>CHR Extension: (Chrome Web Store Payments) - C:\Users\TBS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-07]</p><p></p><p>==================== Services (Whitelisted) ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-06] (AVAST Software)</p><p>S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] ()</p><p>S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]</p><p>R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)</p><p></p><p>===================== Drivers (Whitelisted) ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-06] (AVAST Software)</p><p>R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-06] (AVAST Software)</p><p>R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-06] (AVAST Software)</p><p>R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-06] (AVAST Software)</p><p>R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-06] (AVAST Software)</p><p>R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-06] (AVAST Software)</p><p>R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-06] (AVAST Software)</p><p>R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-06] (AVAST Software)</p><p>R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2016-04-28] (Dev47Apps)</p><p>R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2016-04-28] (Dev47Apps)</p><p>S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)</p><p>S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2291784 2013-03-25] (Realtek Semiconductor Corporation )</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p></p><p>==================== One Month Created files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2016-05-11 14:49 - 2016-05-11 14:56 - 00028958 _____ C:\Users\TBS\Downloads\Addition.txt</p><p>2016-05-11 14:28 - 2016-05-22 04:27 - 00017725 _____ C:\Users\TBS\Downloads\FRST.txt</p><p>2016-05-11 14:27 - 2016-05-22 04:27 - 00000000 ____D C:\FRST</p><p>2016-05-11 14:25 - 2016-05-11 14:27 - 02381312 _____ (Farbar) C:\Users\TBS\Downloads\FRST64.exe</p><p>2016-05-11 13:45 - 2016-05-11 14:24 - 04786157 _____ C:\Users\TBS\Downloads\mde-free-portable.zip</p><p>2016-05-09 15:17 - 2016-05-21 21:09 - 00003752 _____ C:\windows\System32\Tasks\AutoKMS</p><p>2016-05-06 21:48 - 2016-05-22 00:07 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk</p><p>2016-05-06 21:48 - 2016-05-22 00:07 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk</p><p>2016-05-06 21:13 - 2016-05-22 04:45 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2016-05-06 21:13 - 2016-05-21 21:07 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2016-05-06 21:13 - 2016-05-07 18:40 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA</p><p>2016-05-06 21:13 - 2016-05-07 18:40 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore</p><p>2016-05-06 19:26 - 2016-05-06 19:26 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe</p><p>2016-05-06 19:25 - 2016-05-06 19:25 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr</p><p>2016-05-05 21:18 - 2016-05-05 21:18 - 00041428 _____ C:\Users\TBS\Desktop\mini flayer.pptx</p><p>2016-05-05 19:29 - 2016-05-05 20:15 - 00063854 _____ C:\Users\TBS\Desktop\Se limpian casas.pptx</p><p>2016-05-05 13:32 - 2016-05-10 00:22 - 00000000 ____D C:\Users\TBS\AppData\Roaming\vlc</p><p>2016-05-04 21:17 - 2016-05-04 21:17 - 00001077 _____ C:\Users\Public\Desktop\VLC media player.lnk</p><p>2016-05-04 21:17 - 2016-05-04 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN</p><p>2016-05-04 21:04 - 2016-05-04 21:04 - 00000000 ____D C:\Program Files (x86)\VideoLAN</p><p>2016-05-04 20:48 - 2016-05-04 20:53 - 30503216 _____ C:\Users\TBS\Downloads\vlc-2.2.3-win32.exe</p><p>2016-05-02 17:15 - 2016-05-02 19:09 - 00000000 ____D C:\Users\TBS\Desktop\Mera's Phone</p><p>2016-05-02 17:13 - 2016-05-02 17:13 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_motoandroid_01007.Wdf</p><p>2016-05-01 12:46 - 2016-05-01 12:46 - 00000000 ____D C:\Users\TBS\AppData\Local\ElevatedDiagnostics</p><p>2016-04-30 13:24 - 2016-04-30 13:24 - 00021582 _____ C:\Users\TBS\Documents\cc_20160430_132346.reg</p><p>2016-04-30 13:19 - 2016-04-30 13:19 - 00002782 _____ C:\windows\System32\Tasks\CCleanerSkipUAC</p><p>2016-04-30 13:19 - 2016-04-30 13:19 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk</p><p>2016-04-30 13:19 - 2016-04-30 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner</p><p>2016-04-30 13:19 - 2016-04-30 13:19 - 00000000 ____D C:\Program Files\CCleaner</p><p>2016-04-28 13:34 - 2016-04-28 13:34 - 00000031 _____ C:\ProgramData\droidcam-settings</p><p>2016-04-28 13:32 - 2016-04-28 13:32 - 00001033 _____ C:\Users\TBS\Desktop\DroidCamApp.lnk</p><p>2016-04-28 13:32 - 2016-04-28 13:32 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam</p><p>2016-04-28 13:21 - 2016-04-28 13:21 - 00229432 _____ (Dev47Apps) C:\windows\system32\Drivers\droidcamvideo.sys</p><p>2016-04-28 13:20 - 2016-04-28 13:20 - 00033592 _____ (Dev47Apps) C:\windows\system32\Drivers\droidcam.sys</p><p>2016-04-28 13:18 - 2016-04-28 13:32 - 00000000 ____D C:\Program Files (x86)\DroidCam</p><p>2016-04-28 13:15 - 2016-04-28 13:15 - 00708871 _____ C:\Users\TBS\Downloads\DroidCam.Client.6.0.zip</p><p>2016-04-28 13:07 - 2016-05-22 05:01 - 00001102 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA.job</p><p>2016-04-28 13:07 - 2016-05-15 16:52 - 00001050 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core.job</p><p>2016-04-28 13:07 - 2016-05-09 15:33 - 00000000 ____D C:\Users\TBS\AppData\Local\Google</p><p>2016-04-28 13:07 - 2016-04-28 13:07 - 00004068 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA</p><p>2016-04-28 13:07 - 2016-04-28 13:07 - 00003672 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core</p><p>2016-04-28 13:06 - 2016-04-28 13:07 - 00987728 _____ (Google Inc.) C:\Users\TBS\Downloads\GoogleVoiceAndVideoSetup.exe</p><p>2016-04-24 17:54 - 2016-04-24 17:54 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Macromedia</p><p>2016-04-24 17:54 - 2016-04-24 17:54 - 00000000 ____D C:\Users\TBS\AppData\Local\Macromedia</p><p>2016-04-24 16:24 - 2016-04-24 17:54 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Adobe</p><p></p><p>==================== One Month Modified files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2016-05-22 04:41 - 2016-04-21 10:57 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job</p><p>2016-05-21 21:14 - 2009-07-14 00:45 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0</p><p>2016-05-21 21:14 - 2009-07-14 00:45 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0</p><p>2016-05-21 21:13 - 2009-07-14 01:13 - 00781298 _____ C:\windows\system32\PerfStringBackup.INI</p><p>2016-05-21 21:13 - 2009-07-13 23:20 - 00000000 ____D C:\windows\inf</p><p>2016-05-21 21:06 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT</p><p>2016-05-21 16:18 - 2016-04-08 18:33 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update</p><p>2016-05-20 16:34 - 2016-04-08 19:32 - 00000000 ____D C:\Users\TBS\Desktop\Trabajos</p><p>2016-05-15 12:58 - 2016-04-20 12:01 - 00000000 ____D C:\Users\TBS\Desktop\tumblr</p><p>2016-05-07 01:58 - 2016-04-08 18:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service</p><p>2016-05-06 21:45 - 2010-04-04 01:25 - 00000000 ____D C:\Program Files (x86)\Google</p><p>2016-05-06 21:14 - 2016-04-15 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox</p><p>2016-05-06 19:26 - 2016-04-08 18:32 - 00465792 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys</p><p>2016-05-06 19:26 - 2016-04-08 18:32 - 00287528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys</p><p>2016-05-06 19:26 - 2016-04-08 18:32 - 00166432 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys</p><p>2016-05-06 19:26 - 2016-04-08 18:32 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys</p><p>2016-05-06 19:26 - 2016-04-08 18:32 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys</p><p>2016-05-06 19:26 - 2016-04-08 18:32 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys</p><p>2016-05-06 19:26 - 2016-04-08 18:32 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys</p><p>2016-05-06 19:25 - 2016-04-08 18:32 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys</p><p>2016-05-05 21:53 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\NDF</p><p>2016-05-05 13:47 - 2016-04-20 13:32 - 00000000 ____D C:\Users\TBS\Downloads\Vuze Leap</p><p>2016-04-30 13:25 - 2010-04-04 17:38 - 00000000 ____D C:\windows\Panther</p><p>2016-04-28 13:08 - 2016-04-08 18:20 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Mozilla</p><p>2016-04-24 17:10 - 2016-04-21 10:54 - 00000000 ____D C:\Users\TBS\AppData\Local\Adobe</p><p>2016-04-24 16:26 - 2010-04-04 01:23 - 00000000 ____D C:\ProgramData\Adobe</p><p></p><p>==================== Files in the root of some directories =======</p><p></p><p>2016-04-28 13:34 - 2016-04-28 13:34 - 0000031 _____ () C:\ProgramData\droidcam-settings</p><p></p><p>Some files in TEMP:</p><p>====================</p><p>C:\Users\TBS\AppData\Local\Temp\{1F5C5381-255B-48A5-967C-E69A765E7D8D}-GoogleUpdateSetup.exe</p><p>C:\Users\TBS\AppData\Local\Temp\{C9A723DA-2ECD-4B02-AC55-1D651B69C2F3}-50.0.2661.102_50.0.2661.94_chrome_updater.exe</p><p></p><p></p><p>==================== Bamital & volsnap =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\windows\system32\winlogon.exe => File is digitally signed</p><p>C:\windows\system32\wininit.exe => File is digitally signed</p><p>C:\windows\SysWOW64\wininit.exe => File is digitally signed</p><p>C:\windows\explorer.exe => File is digitally signed</p><p>C:\windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\windows\system32\svchost.exe => File is digitally signed</p><p>C:\windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\windows\system32\services.exe => File is digitally signed</p><p>C:\windows\system32\User32.dll => File is digitally signed</p><p>C:\windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\windows\system32\userinit.exe => File is digitally signed</p><p>C:\windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\windows\system32\rpcss.dll => File is digitally signed</p><p>C:\windows\system32\dnsapi.dll => File is digitally signed</p><p>C:\windows\SysWOW64\dnsapi.dll => File is digitally signed</p><p>C:\windows\system32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2016-04-09 00:48</p><p></p><p>==================== End of FRST.txt ============================</p><p></p><p></p><p>Addition.txt</p><p>--------------------------------</p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-05-2016</p><p>Ran by TBS (2016-05-11 14:49:00)</p><p>Running from C:\Users\TBS\Downloads</p><p>Windows 7 Home Premium Service Pack 1 (X64) (2016-04-08 22:05:05)</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Accounts: =============================</p><p></p><p>Administrator (S-1-5-21-3037345196-995968483-4216386591-500 - Administrator - Disabled)</p><p>Guest (S-1-5-21-3037345196-995968483-4216386591-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-3037345196-995968483-4216386591-1002 - Limited - Enabled)</p><p>TBS (S-1-5-21-3037345196-995968483-4216386591-1000 - Administrator - Enabled) => C:\Users\TBS</p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}</p><p>AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)</p><p>Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)</p><p>Adobe Reader 9.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)</p><p>Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.)</p><p>Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.2 - Atheros)</p><p>Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software)</p><p>CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)</p><p>Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.64 - Conexant)</p><p>Game Maker 8.0 (HKLM-x32\...\Game Maker 8.0) (Version: - )</p><p>Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)</p><p>Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)</p><p>Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.)</p><p>Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden</p><p>Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation)</p><p>Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)</p><p>Java(TM) 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.)</p><p>Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden</p><p>Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)</p><p>Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)</p><p>Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)</p><p>Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)</p><p>Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)</p><p>Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)</p><p>Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.28 - Motorola Mobility)</p><p>Motorola Device Software Update (x32 Version: 1.0.40 - Motorola Mobility) Hidden</p><p>Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden</p><p>Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)</p><p>MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)</p><p>MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)</p><p>Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden</p><p>PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)</p><p>Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)</p><p>Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)</p><p>Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden</p><p>Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)</p><p>TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA)</p><p>TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA)</p><p>TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)</p><p>TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.04 - TOSHIBA Corporation)</p><p>TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)</p><p>TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)</p><p>TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION)</p><p>TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)</p><p>TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)</p><p>TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)</p><p>TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)</p><p>TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation)</p><p>TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation)</p><p>ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)</p><p>Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)</p><p>VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN)</p><p>Vuze Leap 2.1 (HKU\S-1-5-21-3037345196-995968483-4216386591-1000\...\{a9a27088-7578-499d-ad2b-67ba95a4def4}) (Version: 2.1 - Azureus Software, Inc.)</p><p>Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)</p><p>Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)</p><p>Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)</p><p>Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)</p><p>WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)</p><p></p><p>==================== Custom CLSID (Whitelisted): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-3037345196-995968483-4216386591-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)</p><p>CustomCLSID: HKU\S-1-5-21-3037345196-995968483-4216386591-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)</p><p></p><p>==================== Scheduled Tasks (Whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>Task: {21AEA0A0-D748-4842-83BA-1411D66D8226} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-28] (Google Inc.)</p><p>Task: {32003FC5-8928-47B7-A6D1-0B35CFC43282} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()</p><p>Task: {369BA0F1-FF41-442C-B28A-F6710F03FFCC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-21] (Adobe Systems Incorporated)</p><p>Task: {5E56FB6A-75B1-45BB-92C6-4CB86070A464} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-04-08] (AVAST Software)</p><p>Task: {6A982260-900B-4C69-9732-955874A604C3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)</p><p>Task: {6B3DF50A-7474-4192-9083-901EE6CBF19F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-07] (Google Inc.)</p><p>Task: {7823A335-5973-4C28-8E7A-CE469ED4F826} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-06] (AVAST Software)</p><p>Task: {7E75A3F8-B2E4-40F7-B84D-592D1EE23AAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)</p><p>Task: {97720549-A5A0-4E94-ACEF-AAC671B413EC} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()</p><p>Task: {B3E6C192-BA6D-46B1-90E9-395FF6A381A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)</p><p>Task: {B5900B79-64FB-4F31-8D75-91E9C824EFC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-07] (Google Inc.)</p><p>Task: {B9CE6AAC-C91D-454C-BBFF-ABDF228A775A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-28] (Google Inc.)</p><p>Task: {CE315C6E-FFC8-4642-8A59-20D53769FC75} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2016-04-08] ()</p><p>Task: {CE56B9D3-7469-4DDA-8EE0-5C2D764BE76C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)</p><p>Task: {D622D273-A176-4601-9631-75B5E1130B9E} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] ()</p><p></p><p>(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)</p><p></p><p>Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe</p><p>Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core.job => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe</p><p>Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA.job => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Shortcuts =============================</p><p></p><p>(The entries could be listed to be restored or removed.)</p><p></p><p>==================== Loaded Modules (Whitelisted) ==============</p><p></p><p>2010-03-03 17:15 - 2010-03-03 17:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll</p><p>2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll</p><p>2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll</p><p>2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll</p><p>2010-04-04 01:16 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll</p><p>2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll</p><p>2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll</p><p>2016-05-06 19:25 - 2016-05-06 19:25 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll</p><p>2016-05-06 19:25 - 2016-05-06 19:25 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll</p><p>2016-05-10 17:05 - 2016-05-10 17:05 - 02892800 _____ () C:\Program Files\AVAST Software\Avast\defs\16051002\algo.dll</p><p>2016-05-11 13:04 - 2016-05-11 13:04 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\16051100\algo.dll</p><p>2016-05-06 19:25 - 2016-05-06 19:25 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll</p><p>2016-04-08 18:32 - 2016-04-08 18:32 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll</p><p></p><p>==================== Alternate Data Streams (Whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the ADS will be removed.)</p><p></p><p></p><p>==================== Safe Mode (Whitelisted) ===================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p></p><p>==================== Association (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed.)</p><p></p><p></p><p>==================== Internet Explorer trusted/restricted ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry.)</p><p></p><p></p><p>==================== Hosts content: ===============================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts</p><p></p><p></p><p>==================== Other Areas ============================</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKU\S-1-5-21-3037345196-995968483-4216386591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TBS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg</p><p>DNS Servers: 10.0.0.138</p><p>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)</p><p>Windows Firewall is enabled.</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items ==</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3</p><p>MSCONFIG\Services: gusvc => 3</p><p>MSCONFIG\Services: Motorola Device Manager => 2</p><p>MSCONFIG\Services: MozillaMaintenance => 3</p><p>MSCONFIG\Services: Partner Service => 3</p><p>MSCONFIG\Services: PST Service => 2</p><p>MSCONFIG\Services: TMachInfo => 3</p><p>MSCONFIG\Services: TODDSrv => 2</p><p>MSCONFIG\Services: TosCoSrv => 2</p><p>MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3</p><p></p><p>==================== FirewallRules (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>FirewallRules: [{099EA7C5-0341-4F8F-A3C3-7A23EA9BBAC6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe</p><p>FirewallRules: [{0B062990-A6E9-4C74-B63D-A82F260D3264}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe</p><p>FirewallRules: [{D179B4E2-6896-4650-A906-81F602C59988}] => (Allow) svchost.exe</p><p>FirewallRules: [{E8DD5518-41FA-432A-A4EA-02034471D64C}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe</p><p>FirewallRules: [{7CCE945A-86E9-470F-8DCC-0ED5131AC7BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>FirewallRules: [{A6F2921B-97BB-457B-AEAB-27190C5BB2A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p>FirewallRules: [{7A12DB45-9DC6-4113-8007-71C0413394D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe</p><p>FirewallRules: [{A1323248-61EB-4FB6-B248-DD777C600793}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe</p><p>FirewallRules: [{430B750B-70E2-4436-AC44-E9E01D43A2BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe</p><p>FirewallRules: [{503E2B17-2F3C-4CB4-AAEE-EFCAE9B6C8B0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe</p><p>FirewallRules: [{554D902E-8091-482F-8A75-5FDBDDEF5AC9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe</p><p>FirewallRules: [{E04D3457-3444-4236-BF78-99487225FAD2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe</p><p>FirewallRules: [{51E360BB-465A-47A8-A8B9-50047197FF60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe</p><p>FirewallRules: [{D7EA62AE-7284-41CC-BD18-3A17AE1B95C4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe</p><p>FirewallRules: [{DD0D353E-B97E-48CD-BED2-79B180655C78}] => (Allow) C:\Users\TBS\AppData\Roaming\Vuze Leap\VuzeLeap.exe</p><p>FirewallRules: [{82A2542E-9620-4D15-BF6F-F6E88BBF8A69}] => (Allow) C:\Users\TBS\AppData\Roaming\Vuze Leap\VuzeLeap.exe</p><p>FirewallRules: [{FBC9EBC2-ADEC-46E0-9CFA-DD8D0E67A6FD}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe</p><p>FirewallRules: [{252FF5C9-DD74-4E5E-BE89-BFC55B0D9CA8}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe</p><p>FirewallRules: [{9883D5FE-7D72-4172-AD6F-819428B3A909}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p></p><p>==================== Restore Points =========================</p><p></p><p>20-04-2016 13:13:54 Windows 7 Service Pack 1</p><p>20-04-2016 14:50:47 Windows Update</p><p>21-04-2016 10:22:00 Windows Update</p><p>21-04-2016 12:22:00 Windows Update</p><p>28-04-2016 13:22:12 Device Driver Package Install: Dev47Apps.com Sound, video and game controllers</p><p>28-04-2016 13:29:04 Device Driver Package Install: Dev47Apps.com Sound, video and game controllers</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (05/11/2016 01:18:35 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program WINWORD.EXE version 15.0.4815.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: a8c</p><p></p><p>Start Time: 01d1aba7a78b600e</p><p></p><p>Termination Time: 3463</p><p></p><p>Application Path: C:\Program Files\Microsoft Office\Office15\WINWORD.EXE</p><p></p><p>Report Id: 26b30331-179c-11e6-9dfc-00266c63ace3</p><p></p><p>Error: (05/10/2016 10:20:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )</p><p>Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.Windows.Diagnosis.SDEngine, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86 . Error code = 0x80070020</p><p></p><p>Error: (05/10/2016 05:55:11 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program firefox.exe version 46.0.1.5966 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: ad4</p><p></p><p>Start Time: 01d1ab03ae4287a1</p><p></p><p>Termination Time: 515</p><p></p><p>Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe</p><p></p><p>Report Id: 67af1875-16f9-11e6-81f0-00266c63ace3</p><p></p><p>Error: (05/02/2016 09:45:46 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: c50</p><p></p><p>Start Time: 01d1a4c44eb83393</p><p></p><p>Termination Time: 1264</p><p></p><p>Application Path: C:\windows\explorer.exe</p><p></p><p>Report Id: ad3c1135-10d0-11e6-983d-00266c63ace3</p><p></p><p>Error: (05/02/2016 06:45:21 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 7c4</p><p></p><p>Start Time: 01d1a4c2ec455093</p><p></p><p>Termination Time: 3151</p><p></p><p>Application Path: C:\windows\Explorer.EXE</p><p></p><p>Report Id: 208a8527-10b7-11e6-983d-00266c63ace3</p><p></p><p>Error: (05/02/2016 06:32:36 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 508</p><p></p><p>Start Time: 01d1a4c16f4dbe17</p><p></p><p>Termination Time: 530</p><p></p><p>Application Path: C:\windows\explorer.exe</p><p></p><p>Report Id: 8a46d277-10b5-11e6-a814-00266c63ace3</p><p></p><p>Error: (05/02/2016 06:24:48 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 5d4</p><p></p><p>Start Time: 01d1a4c0ee329b7b</p><p></p><p>Termination Time: 858</p><p></p><p>Application Path: C:\windows\explorer.exe</p><p></p><p>Report Id: 867926a9-10b4-11e6-a814-00266c63ace3</p><p></p><p>Error: (05/02/2016 06:21:11 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: e44</p><p></p><p>Start Time: 01d1a4bacad33ba2</p><p></p><p>Termination Time: 265</p><p></p><p>Application Path: C:\Windows\explorer.exe</p><p></p><p>Report Id: f7ee5fa2-10b3-11e6-a814-00266c63ace3</p><p></p><p>Error: (05/02/2016 05:37:14 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: a84</p><p></p><p>Start Time: 01d1a4b96eea47ea</p><p></p><p>Termination Time: 0</p><p></p><p>Application Path: C:\Windows\explorer.exe</p><p></p><p>Report Id:</p><p></p><p>Error: (05/02/2016 05:27:40 PM) (Source: Application Hang) (EventID: 1002) (User: )</p><p>Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.</p><p></p><p>Process ID: 6c4</p><p></p><p>Start Time: 01d1a4b6b8a692e5</p><p></p><p>Termination Time: 1670</p><p></p><p>Application Path: C:\windows\Explorer.EXE</p><p></p><p>Report Id:</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (05/11/2016 01:46:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: )</p><p>Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.</p><p></p><p>Error: (05/11/2016 01:35:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: )</p><p>Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.</p><p></p><p>Error: (05/11/2016 01:40:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The Multimedia Class Scheduler service failed to start due to the following error:</p><p>%%1053</p><p></p><p>Error: (05/11/2016 01:40:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: )</p><p>Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service.</p><p></p><p>Error: (05/10/2016 08:54:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )</p><p>Description: The Google Update Service (gupdate) service failed to start due to the following error:</p><p>%%1053</p><p></p><p>Error: (05/10/2016 08:54:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: )</p><p>Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect.</p><p></p><p>Error: (05/10/2016 08:54:39 PM) (Source: DCOM) (EventID: 10005) (User: )</p><p>Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69}</p><p></p><p>Error: (05/10/2016 06:34:39 PM) (Source: DCOM) (EventID: 10010) (User: )</p><p>Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}</p><p></p><p>Error: (05/10/2016 05:57:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )</p><p>Description: The Windows Update service did not shut down properly after receiving a preshutdown control.</p><p></p><p>Error: (05/10/2016 05:23:33 PM) (Source: Service Control Manager) (EventID: 7043) (User: )</p><p>Description: The Windows Update service did not shut down properly after receiving a preshutdown control.</p><p></p><p></p><p>==================== Memory info ===========================</p><p></p><p>Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz</p><p>Percentage of memory in use: 43%</p><p>Total physical RAM: 1915.98 MB</p><p>Available physical RAM: 1088.15 MB</p><p>Total Virtual: 3831.95 MB</p><p>Available Virtual: 1611.38 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: (TI105847W0E) (Fixed) (Total:222.47 GB) (Free:171.84 GB) NTFS ==>[system with boot components (obtained from drive)]</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 4E0E547E)</p><p>Partition 1: (Active) - (Size=1.5 GB) - (Type=27)</p><p>Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS)</p><p>Partition 3: (Not Active) - (Size=8.9 GB) - (Type=17)</p><p></p><p>==================== End of Addition.txt ============================</p></blockquote><p></p>
[QUOTE="djr4yman, post: 510474, member: 52545"] My Laptop is a Toshiba Satellite C655-S5049. It does not have many programs installed but since it restarted after a Windows Update it has been painfully slow. pasted FRST and Addition .txt's here as it wont hurry up and upload. FRST.txt ------------------------------------ Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 Ran by TBS (administrator) on TBS-PC (22-05-2016 04:27:21) Running from C:\Users\TBS\Downloads Loaded Profiles: TBS (Available Profiles: TBS) Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/"]FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Google Inc.) C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.) C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [] => [X] HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [520760 2010-03-10] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [307768 2009-11-19] () HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-06] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-03] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7400576 2016-05-15] (AVAST Software) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3037345196-995968483-4216386591-1000\...\RunOnce: [FlashPlayerUpdate] => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_21_0_0_213_Plugin.exe [1172672 2016-04-21] (Adobe Systems Incorporated) HKU\S-1-5-21-3037345196-995968483-4216386591-1000\...\MountPoints2: {d5aea5b6-070e-11e6-abd6-00266c63ace3} - E:\MotorolaDeviceManagerSetup.exe -a ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-05-06] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{6B55C70C-F1A6-44A3-A1C5-B53CC52DB735}: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{7B6D05D8-8876-4240-AEAD-A853DDCDF3B6}: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{888C70AD-1925-486A-9DF1-70976B5620E5}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA"]www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA[/URL] HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://[URL="http://www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA"]www.google.com/ig/redirectdomain?brand=TSNA&bmod=TSNA[/URL] HKU\S-1-5-21-3037345196-995968483-4216386591-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://[URL="http://www.google.com/ig?brand=TSNA&bmod=TSNA"]www.google.com/ig?brand=TSNA&bmod=TSNA[/URL] HKU\S-1-5-21-3037345196-995968483-4216386591-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://[URL="http://www.google.com/ig?brand=TSNA&bmod=TSNA"]www.google.com/ig?brand=TSNA&bmod=TSNA[/URL] SearchScopes: HKLM -> DefaultScope {25C033BD-5FBD-46A9-8484-9AA67942135A} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL] SearchScopes: HKLM -> {25C033BD-5FBD-46A9-8484-9AA67942135A} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL] SearchScopes: HKLM-x32 -> DefaultScope {7DF4D518-D7BC-44BE-99F2-BB650CB51376} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL] SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {7DF4D518-D7BC-44BE-99F2-BB650CB51376} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL] SearchScopes: HKU\S-1-5-21-3037345196-995968483-4216386591-1000 -> DefaultScope {E6466F9A-2DF2-41D1-B2BF-B362297F34EE} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL] SearchScopes: HKU\S-1-5-21-3037345196-995968483-4216386591-1000 -> {E6466F9A-2DF2-41D1-B2BF-B362297F34EE} URL = hxxp://[URL="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA"]www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA[/URL] BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation) BHO: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner64.dll [2010-04-04] (Google Inc.) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-04-08] (AVAST Software) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-04] (Google Inc.) BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll [2010-04-04] (Google Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21] (Adobe Systems Incorporated) BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> No File BHO-x32: Partner BHO Class -> {83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} -> C:\ProgramData\Partner\Partner.dll [2010-04-04] (Google Inc.) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-04-08] (AVAST Software) BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-04] (Google Inc.) BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2010-04-04] (Google Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation) BHO-x32: Google Dictionary Compression sdch -> {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} -> C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2010-04-04] (Google Inc.) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2010-04-04] (Sun Microsystems, Inc.) BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2010-03-03] (<TOSHIBA>) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2010-04-04] (Google Inc.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2010-04-04] (Google Inc.) Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default FF Homepage: hxxps://[URL="http://www.google.com.pr/"]www.google.com.pr/[/URL] FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-21] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-21] () FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-07] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-07] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN) FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\TBS\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @talk.google.com/O1DPlugin -> C:\Users\TBS\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @tools.google.com/Google Update;version=3 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-28] (Google Inc.) FF Plugin HKU\S-1-5-21-3037345196-995968483-4216386591-1000: @tools.google.com/Google Update;version=9 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-04-28] (Google Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Users\TBS\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google) FF Plugin ProgramFiles/Appdata: C:\Users\TBS\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google) FF Extension: Personas Plus - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\extensions\personas@christopher.beard.xpi [2016-04-27] FF Extension: Download Manager (S3) - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\extensions\s3download@statusbar.xpi [2016-05-10] FF Extension: New Tab Homepage - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\Extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi [2016-04-08] FF Extension: Adblock Plus - C:\Users\TBS\AppData\Roaming\Mozilla\Firefox\Profiles\75yb287e.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-05-01] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-05-06] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-05-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF Chrome: ======= CHR Profile: C:\Users\TBS\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\TBS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-07] CHR Extension: (Chrome Web Store Payments) - C:\Users\TBS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-07] ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [243296 2016-05-06] (AVAST Software) S4 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [116632 2012-07-17] () S4 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-05-06] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [107792 2016-05-06] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-05-06] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-05-06] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1070904 2016-05-06] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [465792 2016-05-06] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [166432 2016-05-06] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [287528 2016-05-06] (AVAST Software) R3 DroidCam; C:\Windows\System32\DRIVERS\droidcam.sys [33592 2016-04-28] (Dev47Apps) R3 DroidCamVideo; C:\Windows\System32\DRIVERS\droidcamvideo.sys [229432 2016-04-28] (Dev47Apps) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [2291784 2013-03-25] (Realtek Semiconductor Corporation ) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-11 14:49 - 2016-05-11 14:56 - 00028958 _____ C:\Users\TBS\Downloads\Addition.txt 2016-05-11 14:28 - 2016-05-22 04:27 - 00017725 _____ C:\Users\TBS\Downloads\FRST.txt 2016-05-11 14:27 - 2016-05-22 04:27 - 00000000 ____D C:\FRST 2016-05-11 14:25 - 2016-05-11 14:27 - 02381312 _____ (Farbar) C:\Users\TBS\Downloads\FRST64.exe 2016-05-11 13:45 - 2016-05-11 14:24 - 04786157 _____ C:\Users\TBS\Downloads\mde-free-portable.zip 2016-05-09 15:17 - 2016-05-21 21:09 - 00003752 _____ C:\windows\System32\Tasks\AutoKMS 2016-05-06 21:48 - 2016-05-22 00:07 - 00002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-06 21:48 - 2016-05-22 00:07 - 00002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-06 21:13 - 2016-05-22 04:45 - 00000898 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-06 21:13 - 2016-05-21 21:07 - 00000894 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-06 21:13 - 2016-05-07 18:40 - 00003894 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-05-06 21:13 - 2016-05-07 18:40 - 00003642 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-05-06 19:26 - 2016-05-06 19:26 - 00398152 _____ (AVAST Software) C:\windows\system32\aswBoot.exe 2016-05-06 19:25 - 2016-05-06 19:25 - 00052184 _____ (AVAST Software) C:\windows\avastSS.scr 2016-05-05 21:18 - 2016-05-05 21:18 - 00041428 _____ C:\Users\TBS\Desktop\mini flayer.pptx 2016-05-05 19:29 - 2016-05-05 20:15 - 00063854 _____ C:\Users\TBS\Desktop\Se limpian casas.pptx 2016-05-05 13:32 - 2016-05-10 00:22 - 00000000 ____D C:\Users\TBS\AppData\Roaming\vlc 2016-05-04 21:17 - 2016-05-04 21:17 - 00001077 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-05-04 21:17 - 2016-05-04 21:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2016-05-04 21:04 - 2016-05-04 21:04 - 00000000 ____D C:\Program Files (x86)\VideoLAN 2016-05-04 20:48 - 2016-05-04 20:53 - 30503216 _____ C:\Users\TBS\Downloads\vlc-2.2.3-win32.exe 2016-05-02 17:15 - 2016-05-02 19:09 - 00000000 ____D C:\Users\TBS\Desktop\Mera's Phone 2016-05-02 17:13 - 2016-05-02 17:13 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_motoandroid_01007.Wdf 2016-05-01 12:46 - 2016-05-01 12:46 - 00000000 ____D C:\Users\TBS\AppData\Local\ElevatedDiagnostics 2016-04-30 13:24 - 2016-04-30 13:24 - 00021582 _____ C:\Users\TBS\Documents\cc_20160430_132346.reg 2016-04-30 13:19 - 2016-04-30 13:19 - 00002782 _____ C:\windows\System32\Tasks\CCleanerSkipUAC 2016-04-30 13:19 - 2016-04-30 13:19 - 00000833 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-04-30 13:19 - 2016-04-30 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2016-04-30 13:19 - 2016-04-30 13:19 - 00000000 ____D C:\Program Files\CCleaner 2016-04-28 13:34 - 2016-04-28 13:34 - 00000031 _____ C:\ProgramData\droidcam-settings 2016-04-28 13:32 - 2016-04-28 13:32 - 00001033 _____ C:\Users\TBS\Desktop\DroidCamApp.lnk 2016-04-28 13:32 - 2016-04-28 13:32 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DroidCam 2016-04-28 13:21 - 2016-04-28 13:21 - 00229432 _____ (Dev47Apps) C:\windows\system32\Drivers\droidcamvideo.sys 2016-04-28 13:20 - 2016-04-28 13:20 - 00033592 _____ (Dev47Apps) C:\windows\system32\Drivers\droidcam.sys 2016-04-28 13:18 - 2016-04-28 13:32 - 00000000 ____D C:\Program Files (x86)\DroidCam 2016-04-28 13:15 - 2016-04-28 13:15 - 00708871 _____ C:\Users\TBS\Downloads\DroidCam.Client.6.0.zip 2016-04-28 13:07 - 2016-05-22 05:01 - 00001102 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA.job 2016-04-28 13:07 - 2016-05-15 16:52 - 00001050 _____ C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core.job 2016-04-28 13:07 - 2016-05-09 15:33 - 00000000 ____D C:\Users\TBS\AppData\Local\Google 2016-04-28 13:07 - 2016-04-28 13:07 - 00004068 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA 2016-04-28 13:07 - 2016-04-28 13:07 - 00003672 _____ C:\windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core 2016-04-28 13:06 - 2016-04-28 13:07 - 00987728 _____ (Google Inc.) C:\Users\TBS\Downloads\GoogleVoiceAndVideoSetup.exe 2016-04-24 17:54 - 2016-04-24 17:54 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Macromedia 2016-04-24 17:54 - 2016-04-24 17:54 - 00000000 ____D C:\Users\TBS\AppData\Local\Macromedia 2016-04-24 16:24 - 2016-04-24 17:54 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Adobe ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-05-22 04:41 - 2016-04-21 10:57 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2016-05-21 21:14 - 2009-07-14 00:45 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2016-05-21 21:14 - 2009-07-14 00:45 - 00015568 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2016-05-21 21:13 - 2009-07-14 01:13 - 00781298 _____ C:\windows\system32\PerfStringBackup.INI 2016-05-21 21:13 - 2009-07-13 23:20 - 00000000 ____D C:\windows\inf 2016-05-21 21:06 - 2009-07-14 01:08 - 00000006 ____H C:\windows\Tasks\SA.DAT 2016-05-21 16:18 - 2016-04-08 18:33 - 00004182 _____ C:\windows\System32\Tasks\avast! Emergency Update 2016-05-20 16:34 - 2016-04-08 19:32 - 00000000 ____D C:\Users\TBS\Desktop\Trabajos 2016-05-15 12:58 - 2016-04-20 12:01 - 00000000 ____D C:\Users\TBS\Desktop\tumblr 2016-05-07 01:58 - 2016-04-08 18:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-05-06 21:45 - 2010-04-04 01:25 - 00000000 ____D C:\Program Files (x86)\Google 2016-05-06 21:14 - 2016-04-15 15:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-05-06 19:26 - 2016-04-08 18:32 - 00465792 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys 2016-05-06 19:26 - 2016-04-08 18:32 - 00287528 _____ (AVAST Software) C:\windows\system32\Drivers\aswVmm.sys 2016-05-06 19:26 - 2016-04-08 18:32 - 00166432 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys 2016-05-06 19:26 - 2016-04-08 18:32 - 00107792 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys 2016-05-06 19:26 - 2016-04-08 18:32 - 00103064 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys 2016-05-06 19:26 - 2016-04-08 18:32 - 00074544 _____ (AVAST Software) C:\windows\system32\Drivers\aswRvrt.sys 2016-05-06 19:26 - 2016-04-08 18:32 - 00037656 _____ (AVAST Software) C:\windows\system32\Drivers\aswHwid.sys 2016-05-06 19:25 - 2016-04-08 18:32 - 01070904 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys 2016-05-05 21:53 - 2009-07-13 23:20 - 00000000 ____D C:\windows\system32\NDF 2016-05-05 13:47 - 2016-04-20 13:32 - 00000000 ____D C:\Users\TBS\Downloads\Vuze Leap 2016-04-30 13:25 - 2010-04-04 17:38 - 00000000 ____D C:\windows\Panther 2016-04-28 13:08 - 2016-04-08 18:20 - 00000000 ____D C:\Users\TBS\AppData\Roaming\Mozilla 2016-04-24 17:10 - 2016-04-21 10:54 - 00000000 ____D C:\Users\TBS\AppData\Local\Adobe 2016-04-24 16:26 - 2010-04-04 01:23 - 00000000 ____D C:\ProgramData\Adobe ==================== Files in the root of some directories ======= 2016-04-28 13:34 - 2016-04-28 13:34 - 0000031 _____ () C:\ProgramData\droidcam-settings Some files in TEMP: ==================== C:\Users\TBS\AppData\Local\Temp\{1F5C5381-255B-48A5-967C-E69A765E7D8D}-GoogleUpdateSetup.exe C:\Users\TBS\AppData\Local\Temp\{C9A723DA-2ECD-4B02-AC55-1D651B69C2F3}-50.0.2661.102_50.0.2661.94_chrome_updater.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\SysWOW64\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-04-09 00:48 ==================== End of FRST.txt ============================ Addition.txt -------------------------------- Additional scan result of Farbar Recovery Scan Tool (x64) Version:09-05-2016 Ran by TBS (2016-05-11 14:49:00) Running from C:\Users\TBS\Downloads Windows 7 Home Premium Service Pack 1 (X64) (2016-04-08 22:05:05) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3037345196-995968483-4216386591-500 - Administrator - Disabled) Guest (S-1-5-21-3037345196-995968483-4216386591-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3037345196-995968483-4216386591-1002 - Limited - Enabled) TBS (S-1-5-21-3037345196-995968483-4216386591-1000 - Administrator - Enabled) => C:\Users\TBS ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated) Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated) Adobe Reader 9.3 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A93000000001}) (Version: 9.3.0 - Adobe Systems Incorporated) Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.27 - Atheros Communications Inc.) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 5.2 - Atheros) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.2.2262 - AVAST Software) CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.111.0.64 - Conexant) Game Maker 8.0 (HKLM-x32\...\Game Maker 8.0) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.) Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2086 - Intel Corporation) Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation) Java(TM) 6 Update 17 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.170 - Sun Microsystems, Inc.) Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation) Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.2.28 - Motorola Mobility) Motorola Device Software Update (x32 Version: 1.0.40 - Motorola Mobility) Hidden Motorola Mobile Drivers Installation 5.9.0 (Version: 5.9.0 - Motorola Inc.) Hidden Mozilla Firefox 46.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 46.0.1 (x86 en-US)) (Version: 46.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation) Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation) Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated) TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.0 - TOSHIBA) TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.10 - TOSHIBA) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.04 - TOSHIBA Corporation) TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation) TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION) TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.4.9 - TOSHIBA CORPORATION) TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA) TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation) TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation) TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA) TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.03 - TOSHIBA Corporation) TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.3.64 - TOSHIBA Corporation) ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba) Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.3 - VideoLAN) Vuze Leap 2.1 (HKU\S-1-5-21-3037345196-995968483-4216386591-1000\...\{a9a27088-7578-499d-ad2b-67ba95a4def4}) (Version: 2.1 - Azureus Software, Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation) Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation) Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3037345196-995968483-4216386591-1000_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-3037345196-995968483-4216386591-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\TBS\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {21AEA0A0-D748-4842-83BA-1411D66D8226} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-28] (Google Inc.) Task: {32003FC5-8928-47B7-A6D1-0B35CFC43282} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] () Task: {369BA0F1-FF41-442C-B28A-F6710F03FFCC} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-21] (Adobe Systems Incorporated) Task: {5E56FB6A-75B1-45BB-92C6-4CB86070A464} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-04-08] (AVAST Software) Task: {6A982260-900B-4C69-9732-955874A604C3} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation) Task: {6B3DF50A-7474-4192-9083-901EE6CBF19F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-07] (Google Inc.) Task: {7823A335-5973-4C28-8E7A-CE469ED4F826} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-05-06] (AVAST Software) Task: {7E75A3F8-B2E4-40F7-B84D-592D1EE23AAF} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {97720549-A5A0-4E94-ACEF-AAC671B413EC} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] () Task: {B3E6C192-BA6D-46B1-90E9-395FF6A381A5} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd) Task: {B5900B79-64FB-4F31-8D75-91E9C824EFC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-07] (Google Inc.) Task: {B9CE6AAC-C91D-454C-BBFF-ABDF228A775A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe [2016-04-28] (Google Inc.) Task: {CE315C6E-FFC8-4642-8A59-20D53769FC75} - System32\Tasks\AutoKMS => C:\windows\AutoKMS\AutoKMS.exe [2016-04-08] () Task: {CE56B9D3-7469-4DDA-8EE0-5C2D764BE76C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation) Task: {D622D273-A176-4601-9631-75B5E1130B9E} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2012-07-17] () (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000Core.job => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3037345196-995968483-4216386591-1000UA.job => C:\Users\TBS\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2010-03-03 17:15 - 2010-03-03 17:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll 2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll 2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll 2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll 2010-04-04 01:16 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll 2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll 2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll 2016-05-06 19:25 - 2016-05-06 19:25 - 00123344 _____ () C:\Program Files\AVAST Software\Avast\log.dll 2016-05-06 19:25 - 2016-05-06 19:25 - 00135816 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-05-10 17:05 - 2016-05-10 17:05 - 02892800 _____ () C:\Program Files\AVAST Software\Avast\defs\16051002\algo.dll 2016-05-11 13:04 - 2016-05-11 13:04 - 02902528 _____ () C:\Program Files\AVAST Software\Avast\defs\16051100\algo.dll 2016-05-06 19:25 - 2016-05-06 19:25 - 00479680 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll 2016-04-08 18:32 - 2016-04-08 18:32 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3037345196-995968483-4216386591-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\TBS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3 MSCONFIG\Services: gusvc => 3 MSCONFIG\Services: Motorola Device Manager => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Partner Service => 3 MSCONFIG\Services: PST Service => 2 MSCONFIG\Services: TMachInfo => 3 MSCONFIG\Services: TODDSrv => 2 MSCONFIG\Services: TosCoSrv => 2 MSCONFIG\Services: TOSHIBA HDD SSD Alert Service => 3 ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{099EA7C5-0341-4F8F-A3C3-7A23EA9BBAC6}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{0B062990-A6E9-4C74-B63D-A82F260D3264}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{D179B4E2-6896-4650-A906-81F602C59988}] => (Allow) svchost.exe FirewallRules: [{E8DD5518-41FA-432A-A4EA-02034471D64C}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{7CCE945A-86E9-470F-8DCC-0ED5131AC7BD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{A6F2921B-97BB-457B-AEAB-27190C5BB2A0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{7A12DB45-9DC6-4113-8007-71C0413394D6}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A1323248-61EB-4FB6-B248-DD777C600793}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{430B750B-70E2-4436-AC44-E9E01D43A2BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{503E2B17-2F3C-4CB4-AAEE-EFCAE9B6C8B0}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{554D902E-8091-482F-8A75-5FDBDDEF5AC9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{E04D3457-3444-4236-BF78-99487225FAD2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{51E360BB-465A-47A8-A8B9-50047197FF60}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{D7EA62AE-7284-41CC-BD18-3A17AE1B95C4}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DD0D353E-B97E-48CD-BED2-79B180655C78}] => (Allow) C:\Users\TBS\AppData\Roaming\Vuze Leap\VuzeLeap.exe FirewallRules: [{82A2542E-9620-4D15-BF6F-F6E88BBF8A69}] => (Allow) C:\Users\TBS\AppData\Roaming\Vuze Leap\VuzeLeap.exe FirewallRules: [{FBC9EBC2-ADEC-46E0-9CFA-DD8D0E67A6FD}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [{252FF5C9-DD74-4E5E-BE89-BFC55B0D9CA8}] => (Allow) C:\Program Files (x86)\DroidCam\DroidCamApp.exe FirewallRules: [{9883D5FE-7D72-4172-AD6F-819428B3A909}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Restore Points ========================= 20-04-2016 13:13:54 Windows 7 Service Pack 1 20-04-2016 14:50:47 Windows Update 21-04-2016 10:22:00 Windows Update 21-04-2016 12:22:00 Windows Update 28-04-2016 13:22:12 Device Driver Package Install: Dev47Apps.com Sound, video and game controllers 28-04-2016 13:29:04 Device Driver Package Install: Dev47Apps.com Sound, video and game controllers ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (05/11/2016 01:18:35 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program WINWORD.EXE version 15.0.4815.1000 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: a8c Start Time: 01d1aba7a78b600e Termination Time: 3463 Application Path: C:\Program Files\Microsoft Office\Office15\WINWORD.EXE Report Id: 26b30331-179c-11e6-9dfc-00266c63ace3 Error: (05/10/2016 10:20:49 PM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: ) Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to compile: Microsoft.Windows.Diagnosis.SDEngine, Version=6.1.0.0, Culture=Neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=x86 . Error code = 0x80070020 Error: (05/10/2016 05:55:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program firefox.exe version 46.0.1.5966 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: ad4 Start Time: 01d1ab03ae4287a1 Termination Time: 515 Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe Report Id: 67af1875-16f9-11e6-81f0-00266c63ace3 Error: (05/02/2016 09:45:46 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: c50 Start Time: 01d1a4c44eb83393 Termination Time: 1264 Application Path: C:\windows\explorer.exe Report Id: ad3c1135-10d0-11e6-983d-00266c63ace3 Error: (05/02/2016 06:45:21 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 7c4 Start Time: 01d1a4c2ec455093 Termination Time: 3151 Application Path: C:\windows\Explorer.EXE Report Id: 208a8527-10b7-11e6-983d-00266c63ace3 Error: (05/02/2016 06:32:36 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 508 Start Time: 01d1a4c16f4dbe17 Termination Time: 530 Application Path: C:\windows\explorer.exe Report Id: 8a46d277-10b5-11e6-a814-00266c63ace3 Error: (05/02/2016 06:24:48 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 5d4 Start Time: 01d1a4c0ee329b7b Termination Time: 858 Application Path: C:\windows\explorer.exe Report Id: 867926a9-10b4-11e6-a814-00266c63ace3 Error: (05/02/2016 06:21:11 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: e44 Start Time: 01d1a4bacad33ba2 Termination Time: 265 Application Path: C:\Windows\explorer.exe Report Id: f7ee5fa2-10b3-11e6-a814-00266c63ace3 Error: (05/02/2016 05:37:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: a84 Start Time: 01d1a4b96eea47ea Termination Time: 0 Application Path: C:\Windows\explorer.exe Report Id: Error: (05/02/2016 05:27:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: 6c4 Start Time: 01d1a4b6b8a692e5 Termination Time: 1670 Application Path: C:\windows\Explorer.EXE Report Id: System errors: ============= Error: (05/11/2016 01:46:34 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error: (05/11/2016 01:35:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service. Error: (05/11/2016 01:40:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Multimedia Class Scheduler service failed to start due to the following error: %%1053 Error: (05/11/2016 01:40:32 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MMCSS service. Error: (05/10/2016 08:54:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: The Google Update Service (gupdate) service failed to start due to the following error: %%1053 Error: (05/10/2016 08:54:38 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: A timeout was reached (30000 milliseconds) while waiting for the Google Update Service (gupdate) service to connect. Error: (05/10/2016 08:54:39 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1053gupdate/comsvc{4EB61BAC-A3B6-4760-9581-655041EF4D69} Error: (05/10/2016 06:34:39 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} Error: (05/10/2016 05:57:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Windows Update service did not shut down properly after receiving a preshutdown control. Error: (05/10/2016 05:23:33 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Windows Update service did not shut down properly after receiving a preshutdown control. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU 900 @ 2.20GHz Percentage of memory in use: 43% Total physical RAM: 1915.98 MB Available physical RAM: 1088.15 MB Total Virtual: 3831.95 MB Available Virtual: 1611.38 MB ==================== Drives ================================ Drive c: (TI105847W0E) (Fixed) (Total:222.47 GB) (Free:171.84 GB) NTFS ==>[system with boot components (obtained from drive)] ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 4E0E547E) Partition 1: (Active) - (Size=1.5 GB) - (Type=27) Partition 2: (Not Active) - (Size=222.5 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=8.9 GB) - (Type=17) ==================== End of Addition.txt ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top