Author Topic: [Inactive - K] Slow, freezing  (Read 11202 times)

Offline lsvetka

  • Bronze Member
  • Posts: 43
[Inactive - K] Slow, freezing
« on: April 17, 2015, 09:14:28 PM »
Hello,

Computer is very slow. Sometimes everything freezes and I have to force the shutdown and turn it back on again. Computer also makes a weird noise, like the fan inside turns on and turns off.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 10/29/2010 11:35:52 AM
System Uptime: 4/17/2015 6:22:53 PM (2 hours ago)
.
Motherboard: Dell Inc. |  | 0C2KJT
Processor: Intel(R) Core(TM) i3 CPU         540  @ 3.07GHz | CPU 1 | 3067/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 922 GiB total, 574.863 GiB free.
D: is CDROM ()
E: is Removable
F: is Removable
G: is Removable
H: is Removable
I: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP539: 2/20/2015 12:19:37 PM - Scheduled Checkpoint
RP540: 2/28/2015 9:08:33 AM - Scheduled Checkpoint
RP541: 3/8/2015 9:18:30 AM - Scheduled Checkpoint
RP542: 3/15/2015 6:55:48 PM - Scheduled Checkpoint
RP543: 3/18/2015 8:23:10 PM - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
RP544: 3/18/2015 8:23:57 PM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
RP545: 3/18/2015 8:24:34 PM - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
RP546: 3/18/2015 8:25:26 PM - Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
RP547: 3/18/2015 8:49:25 PM - Installed Adobe Acrobat XI Pro.
RP548: 3/26/2015 3:06:08 PM - Scheduled Checkpoint
RP549: 3/28/2015 11:53:32 AM - Removed Adobe Acrobat XI Pro.
RP550: 3/28/2015 12:02:01 PM - Removed Adobe Download Assistant
RP551: 4/5/2015 8:10:02 AM - Scheduled Checkpoint
RP552: 4/12/2015 2:42:09 PM - Scheduled Checkpoint
RP553: 4/12/2015 9:15:23 PM - Windows Update
RP554: 4/13/2015 1:04:23 PM - Windows Update
RP555: 4/14/2015 6:20:17 AM - Windows Update
RP556: 4/15/2015 12:52:29 AM - Windows Update
RP557: 4/16/2015 7:47:36 AM - Windows Update
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
Torrent
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player 17 ActiveX
Adobe Flash Player 17 NPAPI
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Reader XI (11.0.10)
Adobe Refresh Manager
Adobe Setup
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Avast Free Antivirus
Bonjour
CCleaner
D3DX10
Dell Data Vault
Dell DataSafe Local Backup
Dell DataSafe Local Backup - Support Software
Dell Dock
Dell Edoc Viewer
Dell Getting Started Guide
Dell SupportAssist
Dell SupportAssistAgent
Dropbox
DVD Photo Slideshow Professional 8.06
Google Chrome
GoToAssist 8.0.0.514
HP Deskjet 1050 J410 series Basic Device Software
HP Deskjet 1050 J410 series Help
HP Deskjet 1050 J410 series Product Improvement Study
HP Photo Creations
HP Update
Intel(R) Graphics Media Accelerator Driver
Internet TV for Windows Media Center
Itibiti RTC
iTunes
Java 7 Update 25
Java Auto Updater
Longman Dictionary of American English, 4th edition
Malwarebytes Anti-Malware version 2.1.4.1018
Mavis Beacon Teaches Typing 16
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Corporation
Microsoft LifeCam
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office 365 ProPlus - en-us
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Click-to-Run 2010
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Mozilla Firefox 37.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSXML 4.0 SP3 Parser (KB2758694)
MSXML 4.0 SP3 Parser (KB973685)
Multimedia Card Reader
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
ooVoo
Opera 12.17
PDF Settings
QUICKfind server v1.1
QuickTime
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Respondus LockDown Browser
Roxio Burn
Secunia PSI (2.0.0.4003)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2894842v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2972106)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2972215)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2978125)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2979575v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB3037578)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2920795) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2984939) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2956106) 32-Bit Edition
Security Update for Microsoft Office Compatibility Pack Service Pack 3 (KB2965210) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2956103) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office OneNote 2007 (KB2596857) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2899580) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2965284) 32-Bit Edition
Skype Click to Call
Skype 7.1
Software602 Print2PDF
SopCast 3.8.3
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596787) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2920794) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2965207) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VLC media player
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Media Player Firefox Plugin
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
4/17/2015 7:16:55 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.
4/17/2015 7:16:55 AM, Error: Service Control Manager [7000]  - The Dell SupportAssist Agent service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/17/2015 6:25:16 PM, Error: Service Control Manager [7024]  - The HomeGroup Listener service terminated with service-specific error %%-2147023143.
4/17/2015 6:24:40 PM, Error: Service Control Manager [7023]  - The Computer Browser service terminated with the following error:  The specified service does not exist as an installed service.
4/17/2015 6:12:42 PM, Error: Service Control Manager [7031]  - The Network Location Awareness service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
4/17/2015 6:12:40 PM, Error: Service Control Manager [7031]  - The Workstation service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/17/2015 6:12:40 PM, Error: Service Control Manager [7031]  - The DNS Client service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 120000 milliseconds: Restart the service.
4/17/2015 6:12:40 PM, Error: Service Control Manager [7031]  - The Cryptographic Services service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
4/16/2015 10:23:48 AM, Error: Microsoft-Windows-DistributedCOM [10016]  - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  and APPID  {8BC3F05E-D86B-11D0-A075-00C04FB68820}  to the user SASHAISVETA-PC\SASHAISVETA SID (S-1-5-21-4184064448-517517793-26037721-1000) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
4/15/2015 10:57:51 AM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the SftService service.
4/14/2015 9:25:12 AM, Error: Service Control Manager [7043]  - The Windows Modules Installer service did not shut down properly after receiving a preshutdown control.
4/14/2015 6:14:40 AM, Error: Service Control Manager [7000]  - The AvastVBox COM Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
4/14/2015 6:14:40 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1053" attempting to start the service AvastVBoxSvc with arguments "" in order to run the server: {F319F1B8-7587-4146-AF9C-0D6D77819BF1}
4/14/2015 6:14:36 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the AvastVBox COM Service service to connect.
4/13/2015 6:56:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB3015428).
4/13/2015 6:56:44 AM, Error: Microsoft-Windows-WindowsUpdateClient [20]  - Installation Failure: Windows failed to install the following update with error 0x80242016: Update for Windows 7 for x64-based Systems (KB2998812).
4/12/2015 7:52:12 AM, Error: Service Control Manager [7023]  - The Function Discovery Resource Publication service terminated with the following error:  %%-2147024891
4/12/2015 7:52:12 AM, Error: Service Control Manager [7001]  - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:  %%-2147024891
4/11/2015 7:40:10 PM, Error: Application Popup [1060]  - \??\C:\Windows\System32\drivers\TrueSight.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17728  BrowserJavaVersion: 10.25.2
Run by SASHAISVETA at 20:04:55 on 2015-04-17
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.5943.3261 [GMT -7:00]
.
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Dell\DellDock\DockLogin.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Secunia\PSI\PSIA.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Opera\opera.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Secunia\PSI\sua.exe
C:\Program Files\Dell\DellDataVault\DellDataVault.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wuauclt.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://mail.ru/cnt/10445
uSearch Bar = Preserve
uSearch Page = hxxps://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
mSearch Bar = hxxps://www.yahoo.com/?fr=hp-avast&type=odc179
mSearch Page = hxxps://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
mWinlogon: Userinit = userinit.exe,
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} -
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
BHO: QUICKfind BHO Object: {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\ooVoo.exe /minimized
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [Google Update] "C:\Users\SASHAISVETA\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
mRun: [ShwiconXP9106] C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
mRun: [Desktop Disc Tool] "c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"
mRun: [LifeCam] "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mRun: [Print2PDF Print Monitor] "C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe" /server
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
dRunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
StartupFolder: C:\Users\SASHAI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\DELLDO~1.LNK - C:\Program Files\Dell\DellDock\DellDock.exe
StartupFolder: C:\Users\SASHAI~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{0FBD98C4-BBBC-4F6E-85E8-E1F60EC6B9AE} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: {53504356-3700-A76A-76A7-7A786E7484D7} - <orphaned>
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\Firefox\Profiles\w4nonczc.default\
FF - prefs.js: browser.search.selectedEngine - Поиск@Mail.Ru
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll
FF - plugin: C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll
FF - plugin: C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2013-7-29 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2013-7-29 267632]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-10-22 55280]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2013-7-29 1050432]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2013-7-29 436624]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [2015-2-15 710320]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-10-3 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2013-7-29 83280]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-10-3 116728]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2015-1-23 50344]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-1-19 2714800]
R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2015-3-18 822496]
R2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2015-2-26 2557136]
R2 DellDataVaultWiz;Dell Data Vault Wizard;C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [2015-2-26 201936]
R2 DockLoginService;Dock Login Service;C:\Program Files\Dell\DellDock\DockLogin.exe [2009-6-9 155648]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2013-8-14 39056]
R2 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2011-10-13 994360]
R2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2011-10-13 399416]
R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe [2010-10-22 1692480]
R2 SupportAssistAgent;Dell SupportAssist Agent;C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2015-3-4 19288]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2015-1-23 271752]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2015-1-23 4012248]
R3 DDDriver;DDDriver;C:\Windows\System32\drivers\DDDriver64Dcsa.sys [2015-1-30 23760]
R3 DellProf;DellProf;C:\Windows\System32\drivers\DellProf.sys [2015-1-30 23312]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-22 56344]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2010-10-22 271872]
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2010-10-22 321064]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2015-4-11 25816]
R3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-5-20 36720]
R3 PSI;PSI;C:\Windows\System32\drivers\psi_mf.sys [2010-9-1 17976]
R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2015-4-11 1080120]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-1-2 315488]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2015-4-14 114688]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-10-22 158976]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2015-4-11 136408]
S3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2015-4-11 63704]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-4-12 59392]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-11-7 1255736]
.
=============== Created Last 30 ================
.
2015-04-15 07:53:22   2777088   ----a-w-   C:\Windows\System32\msmpeg2vdec.dll
2015-04-15 07:53:21   2285056   ----a-w-   C:\Windows\SysWow64\msmpeg2vdec.dll
2015-04-14 18:33:56   5557696   ----a-w-   C:\Windows\System32\ntoskrnl.exe
2015-04-14 18:32:59   1016832   ----a-w-   C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2015-04-14 18:32:45   559104   ----a-w-   C:\Windows\System32\spoolsv.exe
2015-04-14 18:32:44   67072   ----a-w-   C:\Windows\splwow64.exe
2015-04-14 18:32:43   367552   ----a-w-   C:\Windows\System32\clfs.sys
2015-04-14 18:32:42   79360   ----a-w-   C:\Windows\System32\clfsw32.dll
2015-04-14 18:32:42   58880   ----a-w-   C:\Windows\SysWow64\clfsw32.dll
2015-04-14 18:32:41   2565120   ----a-w-   C:\Windows\System32\d3d10warp.dll
2015-04-14 18:32:41   1987584   ----a-w-   C:\Windows\SysWow64\d3d10warp.dll
2015-04-14 18:28:28   1424896   ----a-w-   C:\Windows\System32\WindowsCodecs.dll
2015-04-14 18:28:28   1230848   ----a-w-   C:\Windows\SysWow64\WindowsCodecs.dll
2015-04-14 18:28:26   465920   ----a-w-   C:\Windows\System32\WMPhoto.dll
2015-04-14 18:28:26   417792   ----a-w-   C:\Windows\SysWow64\WMPhoto.dll
2015-04-14 16:22:43   --------   d-s---w-   C:\Windows\SysWow64\GWX
2015-04-14 16:22:43   --------   d-s---w-   C:\Windows\System32\GWX
2015-04-14 15:24:40   9728   ---ha-w-   C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-14 14:37:55   2560   ----a-w-   C:\Windows\System32\drivers\en-US\wdf01000.sys.mui
2015-04-14 13:47:47   87040   ----a-w-   C:\Windows\System32\drivers\WUDFPf.sys
2015-04-14 13:47:47   198656   ----a-w-   C:\Windows\System32\drivers\WUDFRd.sys
2015-04-14 13:47:45   84992   ----a-w-   C:\Windows\System32\WUDFSvc.dll
2015-04-14 13:47:45   194048   ----a-w-   C:\Windows\System32\WUDFPlatform.dll
2015-04-14 13:47:44   45056   ----a-w-   C:\Windows\System32\WUDFCoinstaller.dll
2015-04-14 13:47:43   744448   ----a-w-   C:\Windows\System32\WUDFx.dll
2015-04-14 13:47:43   229888   ----a-w-   C:\Windows\System32\WUDFHost.exe
2015-04-14 13:34:45   23408   ----a-w-   C:\Windows\System32\drivers\fs_rec.sys
2015-04-14 13:34:44   5120   ----a-w-   C:\Windows\SysWow64\wmi.dll
2015-04-14 13:34:44   5120   ----a-w-   C:\Windows\System32\wmi.dll
2015-04-14 13:23:05   99480   ----a-w-   C:\Windows\SysWow64\infocardapi.dll
2015-04-14 13:23:05   619672   ----a-w-   C:\Windows\SysWow64\icardagt.exe
2015-04-14 13:23:05   171160   ----a-w-   C:\Windows\System32\infocardapi.dll
2015-04-14 13:23:05   1389208   ----a-w-   C:\Windows\System32\icardagt.exe
2015-04-14 13:23:03   8856   ----a-w-   C:\Windows\SysWow64\icardres.dll
2015-04-14 13:23:03   8856   ----a-w-   C:\Windows\System32\icardres.dll
2015-04-14 13:22:30   35480   ----a-w-   C:\Windows\SysWow64\TsWpfWrp.exe
2015-04-14 13:22:30   35480   ----a-w-   C:\Windows\System32\TsWpfWrp.exe
2015-04-13 21:14:32   950272   ----a-w-   C:\Windows\System32\perftrack.dll
2015-04-13 21:14:32   91136   ----a-w-   C:\Windows\System32\wdi.dll
2015-04-13 21:14:32   76800   ----a-w-   C:\Windows\SysWow64\wdi.dll
2015-04-13 21:14:32   29696   ----a-w-   C:\Windows\System32\powertracker.dll
2015-04-13 21:11:50   509952   ----a-w-   C:\Windows\System32\ntshrui.dll
2015-04-13 21:11:49   442880   ----a-w-   C:\Windows\SysWow64\ntshrui.dll
2015-04-13 21:09:27   210432   ----a-w-   C:\Windows\System32\profsvc.dll
2015-04-13 21:08:50   683520   ----a-w-   C:\Windows\System32\termsrv.dll
2015-04-13 21:08:37   515584   ----a-w-   C:\Windows\System32\timedate.cpl
2015-04-13 21:08:37   478720   ----a-w-   C:\Windows\SysWow64\timedate.cpl
2015-04-13 21:08:14   52224   ----a-w-   C:\Windows\SysWow64\nlaapi.dll
2015-04-13 21:08:14   303616   ----a-w-   C:\Windows\System32\nlasvc.dll
2015-04-13 21:08:14   156672   ----a-w-   C:\Windows\SysWow64\ncsi.dll
2015-04-13 21:08:13   2002432   ----a-w-   C:\Windows\System32\msxml6.dll
2015-04-13 21:08:12   2048   ----a-w-   C:\Windows\SysWow64\msxml6r.dll
2015-04-13 21:08:12   2048   ----a-w-   C:\Windows\System32\msxml6r.dll
2015-04-13 21:08:12   1389056   ----a-w-   C:\Windows\SysWow64\msxml6.dll
2015-04-13 21:06:55   99840   ----a-w-   C:\Windows\System32\drivers\usbccgp.sys
2015-04-13 21:05:55   76800   ----a-w-   C:\Windows\System32\drivers\hidclass.sys
2015-04-13 21:05:55   42496   ----a-w-   C:\Windows\System32\drivers\usbscan.sys
2015-04-13 21:05:55   32896   ----a-w-   C:\Windows\System32\drivers\hidparse.sys
2015-04-13 21:05:55   119296   ----a-w-   C:\Windows\System32\drivers\tdx.sys
2015-04-13 21:03:46   878080   ----a-w-   C:\Windows\System32\IMJP10K.DLL
2015-04-13 21:02:25   861696   ----a-w-   C:\Windows\System32\oleaut32.dll
2015-04-13 21:02:24   571904   ----a-w-   C:\Windows\SysWow64\oleaut32.dll
2015-04-13 21:02:20   878080   ----a-w-   C:\Windows\System32\advapi32.dll
2015-04-13 21:02:20   859648   ----a-w-   C:\Windows\System32\tdh.dll
2015-04-13 21:02:20   619520   ----a-w-   C:\Windows\SysWow64\tdh.dll
2015-04-13 21:02:19   640512   ----a-w-   C:\Windows\SysWow64\advapi32.dll
2015-04-13 21:02:13   75120   ----a-w-   C:\Windows\System32\drivers\partmgr.sys
2015-04-13 21:02:09   241152   ----a-w-   C:\Windows\System32\pku2u.dll
2015-04-13 21:02:09   186880   ----a-w-   C:\Windows\SysWow64\pku2u.dll
2015-04-13 21:01:17   27584   ----a-w-   C:\Windows\System32\drivers\Diskdump.sys
2015-04-13 21:01:17   274880   ----a-w-   C:\Windows\System32\drivers\msiscsi.sys
2015-04-13 21:01:17   190912   ----a-w-   C:\Windows\System32\drivers\storport.sys
2015-04-13 21:01:16   2048   ----a-w-   C:\Windows\SysWow64\iologmsg.dll
2015-04-13 21:01:16   2048   ----a-w-   C:\Windows\System32\iologmsg.dll
2015-04-13 21:01:11   95744   ----a-w-   C:\Windows\System32\synceng.dll
2015-04-13 21:01:11   78336   ----a-w-   C:\Windows\SysWow64\synceng.dll
2015-04-13 20:59:31   77824   ----a-w-   C:\Windows\System32\packager.dll
2015-04-13 20:58:51   59392   ----a-w-   C:\Windows\System32\browcli.dll
2015-04-13 20:58:51   136704   ----a-w-   C:\Windows\System32\browser.dll
2015-04-13 20:58:50   41984   ----a-w-   C:\Windows\SysWow64\browcli.dll
2015-04-13 20:56:24   956928   ----a-w-   C:\Windows\System32\localspl.dll
2015-04-13 20:54:32   859648   ----a-w-   C:\Windows\System32\IKEEXT.DLL
2015-04-13 20:54:31   830464   ----a-w-   C:\Windows\System32\nshwfp.dll
2015-04-13 20:54:31   656896   ----a-w-   C:\Windows\SysWow64\nshwfp.dll
2015-04-13 20:54:31   324096   ----a-w-   C:\Windows\System32\FWPUCLNT.DLL
2015-04-13 20:54:31   216576   ----a-w-   C:\Windows\SysWow64\FWPUCLNT.DLL
2015-04-13 20:54:29   461312   ----a-w-   C:\Windows\System32\scavengeui.dll
2015-04-13 20:34:27   664064   ----a-w-   C:\Windows\SysWow64\rpcrt4.dll
2015-04-13 20:34:27   1216000   ----a-w-   C:\Windows\System32\rpcrt4.dll
2015-04-13 20:20:26   1031680   ----a-w-   C:\Windows\System32\rdpcore.dll
2015-04-13 20:20:25   826880   ----a-w-   C:\Windows\SysWow64\rdpcore.dll
2015-04-13 20:20:25   23552   ----a-w-   C:\Windows\System32\drivers\tdtcp.sys
2015-04-13 12:49:04   --------   d-s---w-   C:\Windows\System32\CompatTel
2015-04-13 12:49:04   --------   d-----w-   C:\Windows\System32\appraiser
2015-04-13 04:36:59   --------   d-----w-   C:\Windows\System32\SPReview
2015-04-13 04:36:45   --------   d-----w-   C:\Windows\System32\EventProviders
2015-04-13 04:28:07   --------   d-----w-   C:\Windows\System32\MRT
2015-04-12 22:57:59   598016   ----a-w-   C:\Windows\System32\spinstall.exe
2015-04-12 22:56:59   246272   ----a-w-   C:\Windows\SysWow64\scansetting.dll
2015-04-12 22:55:59   623104   ----a-w-   C:\Windows\System32\FXSAPI.dll
2015-04-12 22:54:50   606208   ----a-w-   C:\Windows\SysWow64\wbem\fastprox.dll
2015-04-12 22:54:50   363008   ----a-w-   C:\Windows\SysWow64\wbemcomn.dll
2015-04-12 22:54:50   189952   ----a-w-   C:\Program Files (x86)\Windows Portable Devices\sqmapi.dll
2015-04-12 22:51:59   529408   ----a-w-   C:\Windows\System32\wbemcomn.dll
2015-04-12 22:51:59   244736   ----a-w-   C:\Program Files\Windows Portable Devices\sqmapi.dll
2015-04-12 22:51:45   244736   ----a-w-   C:\Windows\System32\sqmapi.dll
2015-04-12 22:27:33   1239720   ----a-w-   C:\Windows\System32\aitstatic.exe
2015-04-12 20:43:33   --------   d-----w-   C:\Users\SASHAISVETA\AppData\Roaming\PCDr
2015-04-12 20:43:05   --------   d-----w-   C:\ProgramData\PCDr
2015-04-12 03:07:27   --------   d-----w-   C:\FRST
2015-04-12 02:40:10   35064   ----a-w-   C:\Windows\System32\drivers\TrueSight.sys
2015-04-12 02:40:08   --------   d-----w-   C:\ProgramData\RogueKiller
2015-04-12 02:33:59   --------   d-----w-   C:\RegBackup
2015-04-12 02:16:25   --------   d-----w-   C:\AdwCleaner
2015-04-12 01:48:57   136408   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-04-12 01:48:47   63704   ----a-w-   C:\Windows\System32\drivers\mwac.sys
2015-04-12 01:48:47   25816   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2015-04-12 01:48:47   107736   ----a-w-   C:\Windows\System32\drivers\mbamchameleon.sys
2015-04-12 01:48:47   --------   d-----w-   C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-07 09:38:12   --------   d-----w-   C:\Users\SASHAISVETA\Doctor Web
2015-03-30 22:04:43   --------   d-----w-   C:\ProgramData\PC-Doctor for Windows
2015-03-30 22:04:41   --------   d-----w-   C:\Program Files\Dell Support Center
2015-03-21 03:43:52   --------   d-----w-   C:\Users\SASHAISVETA\AppData\Roaming\com.adobe.formscentral.FormsCentralForAcrobat
2015-03-21 02:12:05   --------   d-----w-   C:\Users\SASHAISVETA\AppData\Roaming\PDAppFlex
2015-03-19 03:53:45   --------   d-----w-   C:\ProgramData\regid.1986-12.com.adobe
2015-03-19 03:30:01   --------   d-----w-   C:\Users\SASHAISVETA\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
2015-03-19 03:23:35   --------   d-----w-   C:\ProgramData\Package Cache
.
==================== Find3M  ====================
.
2015-04-15 06:20:11   778416   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2015-04-15 06:20:11   142512   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-14 15:24:40   9728   ---ha-w-   C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2015-04-13 12:57:22   175616   ----a-w-   C:\Windows\System32\msclmd.dll
2015-04-13 12:57:22   152576   ----a-w-   C:\Windows\SysWow64\msclmd.dll
2015-03-25 03:24:41   98304   ----a-w-   C:\Windows\System32\wudriver.dll
2015-03-25 03:24:41   3298816   ----a-w-   C:\Windows\System32\wucltux.dll
2015-03-25 03:24:41   191488   ----a-w-   C:\Windows\System32\wuwebv.dll
2015-03-25 03:24:08   60416   ----a-w-   C:\Windows\System32\WinSetupUI.dll
2015-03-25 03:23:58   12288   ----a-w-   C:\Windows\System32\wu.upgrade.ps.dll
2015-03-25 03:23:55   36864   ----a-w-   C:\Windows\System32\wuapp.exe
2015-03-25 03:00:57   92672   ----a-w-   C:\Windows\SysWow64\wudriver.dll
2015-03-25 03:00:57   173056   ----a-w-   C:\Windows\SysWow64\wuwebv.dll
2015-03-25 03:00:15   33792   ----a-w-   C:\Windows\SysWow64\wuapp.exe
2015-03-23 03:25:15   726528   ----a-w-   C:\Windows\System32\generaltel.dll
2015-03-23 03:25:01   769536   ----a-w-   C:\Windows\System32\invagent.dll
2015-03-23 03:24:56   419840   ----a-w-   C:\Windows\System32\devinv.dll
2015-03-23 03:24:54   957952   ----a-w-   C:\Windows\System32\appraiser.dll
2015-03-23 03:24:53   30720   ----a-w-   C:\Windows\System32\acmigration.dll
2015-03-23 03:24:53   227328   ----a-w-   C:\Windows\System32\aepdu.dll
2015-03-23 03:24:53   192000   ----a-w-   C:\Windows\System32\aepic.dll
2015-03-23 03:17:39   1111552   ----a-w-   C:\Windows\System32\aeinv.dll
2015-03-17 05:22:35   95672   ----a-w-   C:\Windows\System32\drivers\ksecdd.sys
2015-03-17 05:22:35   155576   ----a-w-   C:\Windows\System32\drivers\ksecpkg.sys
2015-03-17 05:19:37   1727904   ----a-w-   C:\Windows\System32\ntdll.dll
2015-03-17 05:17:00   362496   ----a-w-   C:\Windows\System32\wow64win.dll
2015-03-17 05:17:00   243712   ----a-w-   C:\Windows\System32\wow64.dll
2015-03-17 05:17:00   13312   ----a-w-   C:\Windows\System32\wow64cpu.dll
2015-03-17 05:15:55   31232   ----a-w-   C:\Windows\System32\lsass.exe
2015-03-17 05:15:44   338432   ----a-w-   C:\Windows\System32\conhost.exe
2015-03-17 05:15:40   64000   ----a-w-   C:\Windows\System32\auditpol.exe
2015-03-17 05:13:29   60416   ----a-w-   C:\Windows\System32\msobjs.dll
2015-03-17 05:13:17   146432   ----a-w-   C:\Windows\System32\msaudite.dll
2015-03-17 05:01:09   3976632   ----a-w-   C:\Windows\SysWow64\ntkrnlpa.exe
2015-03-17 05:01:09   3920824   ----a-w-   C:\Windows\SysWow64\ntoskrnl.exe
2015-03-17 04:59:26   1309696   ----a-w-   C:\Windows\SysWow64\ntdll.dll
2015-03-17 04:57:25   172032   ----a-w-   C:\Windows\SysWow64\wdigest.dll
2015-03-17 04:57:21   65536   ----a-w-   C:\Windows\SysWow64\TSpkg.dll
2015-03-17 04:57:20   43008   ----a-w-   C:\Windows\SysWow64\srclient.dll
2015-03-17 04:57:17   248832   ----a-w-   C:\Windows\SysWow64\schannel.dll
2015-03-17 04:57:17   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2015-03-17 04:57:13   14336   ----a-w-   C:\Windows\SysWow64\ntvdm64.dll
2015-03-17 04:57:12   221184   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
2015-03-17 04:57:11   259584   ----a-w-   C:\Windows\SysWow64\msv1_0.dll
2015-03-17 04:57:07   550912   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2015-03-17 04:56:59   17408   ----a-w-   C:\Windows\SysWow64\credssp.dll
2015-03-17 04:56:56   44032   ----a-w-   C:\Windows\apppatch\acwow64.dll
2015-03-17 04:56:41   25600   ----a-w-   C:\Windows\SysWow64\setup16.exe
2015-03-17 04:56:15   50176   ----a-w-   C:\Windows\SysWow64\auditpol.exe
2015-03-17 04:56:01   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2015-03-17 04:56:01   5120   ----a-w-   C:\Windows\SysWow64\wow32.dll
2015-03-17 04:56:00   274944   ----a-w-   C:\Windows\SysWow64\KernelBase.dll
2015-03-17 04:53:35   60416   ----a-w-   C:\Windows\SysWow64\msobjs.dll
2015-03-17 04:53:13   146432   ----a-w-   C:\Windows\SysWow64\msaudite.dll
2015-03-17 03:45:24   7680   ----a-w-   C:\Windows\SysWow64\instnm.exe
2015-03-17 03:45:23   2048   ----a-w-   C:\Windows\SysWow64\user.exe
2015-03-17 03:43:04   4608   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2015-03-17 03:43:04   3584   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2015-03-17 03:43:04   3072   ---ha-w-   C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2015-03-17 03:43:03   6144   ---ha-w-   C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2015-03-13 04:25:14   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2015-03-13 04:25:01   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2015-03-13 04:09:12   66560   ----a-w-   C:\Windows\System32\iesetup.dll
2015-03-13 04:08:33   584192   ----a-w-   C:\Windows\System32\vbscript.dll
2015-03-13 04:08:27   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2015-03-13 04:08:17   417280   ----a-w-   C:\Windows\System32\html.iec
2015-03-13 04:06:54   88064   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2015-03-13 03:54:11   144384   ----a-w-   C:\Windows\System32\ieUnatt.exe
2015-03-13 03:54:00   114688   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2015-03-13 03:53:22   814080   ----a-w-   C:\Windows\System32\jscript9diag.dll
2015-03-13 03:50:45   6025216   ----a-w-   C:\Windows\System32\jscript9.dll
2015-03-13 03:44:48   968704   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2015-03-13 03:42:18   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2015-03-13 03:32:48   77824   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-03-13 03:28:48   503296   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2015-03-13 03:28:37   62464   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2015-03-13 03:27:51   47616   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2015-03-13 03:27:35   340992   ----a-w-   C:\Windows\SysWow64\html.iec
2015-03-13 03:26:19   64000   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2015-03-13 03:16:26   115712   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2015-03-13 03:15:40   620032   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2015-03-13 03:05:50   1359360   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2015-03-13 03:05:24   2125824   ----a-w-   C:\Windows\System32\inetcpl.cpl
2015-03-13 03:01:16   60416   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2015-03-13 02:49:21   4305408   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2015-03-13 02:45:57   2358784   ----a-w-   C:\Windows\System32\wininet.dll
2015-03-13 02:43:41   2052608   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2015-03-13 02:42:47   1155072   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2015-03-13 02:20:28   1888256   ----a-w-   C:\Windows\SysWow64\wininet.dll
2015-03-10 03:25:10   1882624   ----a-w-   C:\Windows\System32\msxml3.dll
2015-03-10 03:21:42   2048   ----a-w-   C:\Windows\System32\msxml3r.dll
2015-03-10 03:08:26   1237504   ----a-w-   C:\Windows\SysWow64\msxml3.dll
2015-03-10 03:05:39   2048   ----a-w-   C:\Windows\SysWow64\msxml3r.dll
2015-03-05 05:12:33   404480   ----a-w-   C:\Windows\System32\gdi32.dll
2015-03-05 04:05:06   311808   ----a-w-   C:\Windows\SysWow64\gdi32.dll
2015-02-26 03:25:44   3204096   ----a-w-   C:\Windows\System32\win32k.sys
2015-02-25 03:18:01   754688   ----a-w-   C:\Windows\System32\drivers\http.sys
2015-02-20 04:41:01   41984   ----a-w-   C:\Windows\System32\lpk.dll
2015-02-20 04:40:59   100864   ----a-w-   C:\Windows\System32\fontsub.dll
2015-02-20 04:40:56   14336   ----a-w-   C:\Windows\System32\dciman32.dll
.
============= FINISH: 20:05:36.42 ===============
« Last Edit: May 21, 2015, 02:15:14 AM by kevinf80 »



Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Slow, freezing
« Reply #1 on: April 18, 2015, 03:48:55 AM »
Hello lsvetka and welcome,

Continue as follows please:

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it's always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
  • Note: the default location is C:\Windows\ERDNT which is acceptable.

  • Make sure that at least the first two check boxes are selected.


  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe
Next,

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Next,

Follow the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

Next,

Please open Malwarebytes Anti-Malware.

  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
'Could not load DDA driver'

  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

If Malwarebytes is not installed follow these instructions first:

Download Malwarebytes Anti-Malware to your desktop.
  • Double-click mbam-setup and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
  • Launch Malwarebytes Anti-Malware
  • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish. Follow the instructions above....
Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Let me see those logs in your reply....

Thank you,

Kevin...

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #2 on: April 18, 2015, 02:01:56 PM »
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 4/18/2015
Scan Time: 12:15:27 PM
Logfile: Malware bytes scan log.txt
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.04.18.03
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: SASHAISVETA

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 366658
Time Elapsed: 18 min, 28 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #3 on: April 18, 2015, 02:02:43 PM »
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-04-2015 01
Ran by SASHAISVETA at 2015-04-18 12:59:11
Running from C:\Users\SASHAISVETA\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {108DAC43-C256-20B7-BB05-914135DA5160}
AS: Microsoft Security Essentials (Disabled - Up to date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Torrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29126 - BitTorrent Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_2ac78060bc5856b0c1cf873bb919b58) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Data Vault (Version: 4.2.2.0 - Dell Inc.) Hidden
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 9.4.60 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.60 - Dell)
Dell Dock (HKLM-x32\...\Dell Dock) (Version:  - Stardock Corporation)
Dell Dock (Version: 2.0 - Stardock Corporation) Hidden
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.0.6584.81 - Dell)
Dell SupportAssistAgent (HKLM-x32\...\{287348C8-8B47-4C36-AF28-441A3B7D8722}) (Version: 1.0.2.57295 - Dell)
Dropbox (HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\Dropbox) (Version: 3.0.4 - Dropbox, Inc.)
DVD Photo Slideshow Professional 8.06 (HKLM-x32\...\DVD Photo Slideshow Professional_is1) (Version:  - dvd-photo-slideshow.com)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
Google Chrome (HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
GoToAssist 8.0.0.514 (HKLM-x32\...\GoToAssist) (Version:  - )
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{BB94D541-A747-4A5D-B0ED-72FA5C158EA5}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)
HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{5848A26C-E4BC-4A13-AA8D-810BA344475A}) (Version: 22.0.334.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3341 - HP Photo Creations Powered by RocketLife)
HP Update (HKLM-x32\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Internet TV for Windows Media Center (HKLM-x32\...\{9D318C86-AF4C-409F-A6AC-7183FF4CF424}) (Version: 4.2.2.0 - Microsoft Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Longman Dictionary of American English, 4th edition (HKLM-x32\...\NSIS_ldae_4) (Version:  - )
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Mavis Beacon Teaches Typing 16 (HKLM-x32\...\Mavis Beacon Teaches Typing 16) (Version:  - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4701.1002 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Multimedia Card Reader (HKLM-x32\...\InstallShield_{23B4636C-A780-4FEB-B4C9-A2564E9B9F7C}) (Version: 1.6.915.87 - Fitipower)
Multimedia Card Reader (x32 Version: 1.6.915.87 - Fitipower) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4701.1002 - Microsoft Corporation) Hidden
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9060 - ooVoo LLC.)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
PDF Settings (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6043 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Respondus LockDown Browser (HKLM-x32\...\{C0E5147E-C9F3-4360-9ED0-2E875F11766C}) (Version: 1.02.0001 - Respondus, Inc.)
Roxio Burn (HKLM-x32\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.01 - Roxio)
Secunia PSI (2.0.0.4003) (HKLM-x32\...\Secunia PSI) (Version: 2.0.0.4003 - Secunia)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.6.11664 - Skype Technologies S.A.)
Skype 7.1 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
Software602 Print2PDF (HKLM-x32\...\{32C74893-0243-4235-A6F3-201F0E5D2C03}) (Version: 9.0.11.0107 - Software602 Inc.)
SopCast 3.8.3 (HKLM-x32\...\SopCast) (Version: 3.8.3 - www.sopcast.com)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 -> c:\windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

20-02-2015 13:19:37 Scheduled Checkpoint
28-02-2015 10:08:33 Scheduled Checkpoint
08-03-2015 10:18:30 Scheduled Checkpoint
15-03-2015 18:55:48 Scheduled Checkpoint
18-03-2015 20:23:10 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
18-03-2015 20:23:57 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
18-03-2015 20:24:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
18-03-2015 20:25:26 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
18-03-2015 20:49:25 Installed Adobe Acrobat XI Pro.
26-03-2015 15:06:08 Scheduled Checkpoint
28-03-2015 11:53:32 Removed Adobe Acrobat XI Pro.
28-03-2015 12:02:01 Removed Adobe Download Assistant
05-04-2015 08:10:02 Scheduled Checkpoint
12-04-2015 14:42:09 Scheduled Checkpoint
12-04-2015 21:15:23 Windows Update
13-04-2015 13:04:23 Windows Update
14-04-2015 06:20:17 Windows Update
15-04-2015 00:52:29 Windows Update
16-04-2015 07:47:36 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-03-05 23:54 - 2012-03-05 23:54 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0BA28289-E293-4F8F-92DC-FAC77E8377B7} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {25E8F105-5A94-42B1-8A98-B107CCDFD8C8} - System32\Tasks\{F89D5431-2DBE-4430-9C9E-C7CE478B8786} => pcalua.exe -a C:\ProgramData\7531CC927F542C8C49A2299C4F147CE7\7531CC927F542C8C49A2299C4F147CE7.exe -c -u
Task: {38F0D98C-09EB-401C-8D39-60CEAF00A660} - System32\Tasks\{F346EE5E-54AC-4052-9CC9-36BCF9879C2A} => C:\Program Files (x86)\Opera\opera.exe [2014-04-22] (Opera Software)
Task: {44F5A3E6-889B-40D7-9543-EAA84ACC99F1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-23] (AVAST Software)
Task: {4BD39A1E-3B34-46CB-A75F-08E5ADD391B6} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-4184064448-517517793-26037721-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {4EBB31F1-43DE-400F-9AD5-77335ED63C84} - System32\Tasks\{9C6A98CC-DF96-44F1-BCF9-3D1413BC73A3} => pcalua.exe -a C:\Users\SASHAISVETA\Downloads\print2pdf9.exe
Task: {56A79996-C356-43C9-ADA3-82C9329E2A73} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {56BC5F94-2A0D-4CDC-B608-092744CD9993} - System32\Tasks\{655B23AA-8389-4186-80DA-88B9DB4D4D08} => C:\Program Files (x86)\PDFCreator\PDFCreator.exe
Task: {5845E089-4391-43F4-BD17-64DD99F8AE45} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {5BA131D7-00C2-4A08-8286-64C05A7966F4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {660A4079-6416-41B5-AB29-A2516B457D0F} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {6713B316-10A8-454E-81DD-3C2B9FA43C63} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {6932B0C2-17D8-48E2-87C5-BB7183F3CAC3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-02-10] (Microsoft Corporation)
Task: {6E655110-4A8E-4A5C-AF93-E230E9A2278D} - System32\Tasks\HPCustParticipation HP Deskjet 1050 J410 series => C:\Program Files\HP\HP Deskjet 1050 J410 series\Bin\HPCustPartic.exe [2010-06-14] (Hewlett-Packard Co.)
Task: {745F82E2-E4CB-456C-995D-95CB5DCAC9AE} - System32\Tasks\{B8734217-3CF2-4890-AC0A-A6DAB25AC5B5} => pcalua.exe -a C:\Users\SASHAISVETA\Downloads\SetupT_ailuhin@att!net.exe -d C:\Users\SASHAISVETA\Downloads
Task: {7D70A29A-A6BC-48B0-B435-F9A97916177B} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell\SupportAssist\uaclauncher.exe [2015-03-20] (PC-Doctor, Inc.)
Task: {86D7860A-7921-4170-A675-A39386D38787} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-4184064448-517517793-26037721-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {878B59B5-20D8-42E2-ABD4-DA4217778E33} - System32\Tasks\{AF48C592-86E6-4D4F-8058-A67295043928} => C:\Program Files (x86)\ooVoo\ooVoo.exe [2013-09-10] (ooVoo LLC)
Task: {89AC4788-2447-4004-9E8D-5BF4B69BD2D6} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {8C6309E2-E365-40A4-9816-00BEF7B67528} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {8D5F361D-4D7A-4CDA-A0A1-914F1A2723D3} - System32\Tasks\{79602257-B38B-44A4-836C-15C4D8473AF7} => C:\Program Files (x86)\ooVoo\ooVoo.exe [2013-09-10] (ooVoo LLC)
Task: {95F79B02-012E-4EF0-98E9-CA16BBC49162} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-02-10] (Microsoft Corporation)
Task: {9CA10FE6-AD6C-44F3-BD89-D28857127661} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4184064448-517517793-26037721-1000Core => C:\Users\SASHAISVETA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)
Task: {9F2AD6DA-A6E0-4982-8CEC-015144612744} - System32\Tasks\{9F70B393-FACC-4732-8136-066C380596DE} => C:\Program Files (x86)\PDFCreator\PDFCreator.exe
Task: {AF063A7A-A714-4495-B72D-D1D414984E0C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {AF546E69-B850-46B5-A48B-5679F73B29A0} - System32\Tasks\{5DAEFE6B-77E5-4DC7-B756-19E3A1039166} => C:\Program Files (x86)\ooVoo\ooVoo.exe [2013-09-10] (ooVoo LLC)
Task: {BE74F203-A9C4-41DB-B2AD-E56373B5697C} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {BF20B59B-6EC4-405C-BB78-D05A51236976} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-02-03] (Microsoft Corporation)
Task: {D8893FC1-0F12-49D1-89F6-F6499D10A9DF} - System32\Tasks\{8E179E37-4F54-4EC0-BB5B-CBF4851DC8E9} => pcalua.exe -a "C:\Users\SASHAISVETA\Desktop\movies\office 2007 (D)\setup.exe" -d "C:\Users\SASHAISVETA\Desktop\movies\office 2007 (D)"
Task: {DA940A0F-F6A6-486C-8051-1485DDDB4060} - System32\Tasks\Microsoft Office 15 Sync Maintenance for SASHAISVETA-PC-SASHAISVETA SASHAISVETA-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation)
Task: {DC26A411-C02A-4CC0-9371-832930961B57} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4184064448-517517793-26037721-1000UA => C:\Users\SASHAISVETA\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-25] (Google Inc.)
Task: {DD53B717-8367-4FC3-8B87-1620DE5F3EEA} - System32\Tasks\task14832793 => C:\Users\SASHAISVETA\AppData\Roaming\Strong Malware Defender\ScanDisk_.exe <==== ATTENTION
Task: {DE0E91B9-E88D-4D05-9190-B332EAB5D2F0} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssist.exe [2015-03-04] (Dell Inc.)
Task: {E047ABB2-9A26-49FE-A238-DB7B7683B788} - System32\Tasks\{A939A5FC-E8DB-49E1-ABAE-6874094FE2AD} => C:\Program Files (x86)\ooVoo\ooVoo.exe [2013-09-10] (ooVoo LLC)
Task: {E9196AF7-B3C2-4A01-AE3E-4F0E5E53D287} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-4184064448-517517793-26037721-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {ED99670E-329F-4CF6-9F10-85335D1554B0} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {EF21D2CE-35A7-4767-AFA5-E7B84535FA17} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F8E47635-663A-41D8-B19D-E50BE62DC80C} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-4184064448-517517793-26037721-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4184064448-517517793-26037721-1000Core.job => C:\Users\SASHAISVETA\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4184064448-517517793-26037721-1000UA.job => C:\Users\SASHAISVETA\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2015-02-11 15:13 - 2015-02-11 15:13 - 00997536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-03-14 08:27 - 2015-01-27 08:29 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2011-02-08 21:22 - 2010-12-02 02:13 - 00216576 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\Software602.dll
2015-01-19 13:53 - 2014-05-20 08:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2010-10-22 07:58 - 2011-08-18 08:05 - 02751808 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE
2015-01-23 07:06 - 2015-01-23 07:06 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2015-01-23 07:06 - 2015-01-23 07:06 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2015-04-14 09:45 - 2015-04-14 09:45 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\c29d8779b3a3599f44e21e017541cd0c\VistaBridgeLibrary.ni.dll
2009-10-15 01:10 - 2009-10-15 01:10 - 00498160 _____ () C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
2015-03-30 15:04 - 2015-02-25 15:22 - 00107256 _____ () C:\Program Files\Dell\SupportAssist\libCSharpCommonCS.dll
2015-03-30 15:04 - 2015-02-25 15:22 - 00545528 _____ () C:\Program Files\Dell\SupportAssist\libAsapiCSharp.dll
2015-04-17 07:17 - 2015-04-17 07:17 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15041700\algo.dll
2015-01-23 07:06 - 2015-01-23 07:06 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-14 08:27 - 2015-01-27 07:13 - 08898720 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2011-02-08 21:22 - 2008-09-29 14:09 - 00073728 _____ () C:\Program Files (x86)\Software602\Print2PDF\wcs.dll
2011-02-08 21:22 - 2008-09-29 14:09 - 00532480 _____ () C:\Program Files (x86)\Software602\Print2PDF\wc.dll
2015-03-13 19:06 - 2015-03-13 19:06 - 38714440 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-04-03 20:05 - 2015-03-30 14:07 - 01174856 _____ () C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\41.0.2272.118\libglesv2.dll
2015-04-03 20:05 - 2015-03-30 14:07 - 00080200 _____ () C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\41.0.2272.118\libegl.dll
2015-04-03 20:05 - 2015-03-30 14:07 - 09279304 _____ () C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\41.0.2272.118\pdf.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\GoToAssist => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4184064448-517517793-26037721-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\SASHAISVETA\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== Accounts: =============================

Administrator (S-1-5-21-4184064448-517517793-26037721-500 - Administrator - Disabled)
Guest (S-1-5-21-4184064448-517517793-26037721-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4184064448-517517793-26037721-1002 - Limited - Enabled)
SASHAISVETA (S-1-5-21-4184064448-517517793-26037721-1000 - Administrator - Enabled) => C:\Users\SASHAISVETA

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/18/2015 07:44:24 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Activation context generation failed for "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1".Error in manifest or policy file "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" on line UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3.
Component identity found in manifest does not match the identity of the component requested.
Reference is UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definition is UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Please use sxstrace.exe for detailed diagnosis.

Error: (04/17/2015 06:08:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11091

Error: (04/17/2015 06:08:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11091

Error: (04/17/2015 06:08:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/17/2015 06:08:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10077

Error: (04/17/2015 06:08:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10077

Error: (04/17/2015 06:08:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/17/2015 06:08:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9079

Error: (04/17/2015 06:08:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9079

Error: (04/17/2015 06:08:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (04/18/2015 07:28:24 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/18/2015 07:27:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (04/17/2015 10:58:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/17/2015 10:57:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (04/17/2015 10:57:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Dell SupportAssist Agent service failed to start due to the following error:
%%1053

Error: (04/17/2015 10:57:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Dell SupportAssist Agent service to connect.

Error: (04/17/2015 06:25:16 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HomeGroup Listener service terminated with service-specific error %%-2147023143.

Error: (04/17/2015 06:24:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Computer Browser service terminated with the following error:
%%1060

Error: (04/17/2015 06:23:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 6:19:05 PM on ‎4/‎17/‎2015 was unexpected.

Error: (04/17/2015 06:12:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Network Location Awareness service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
Percentage of memory in use: 47%
Total physical RAM: 5943.12 MB
Available physical RAM: 3111.33 MB
Total Pagefile: 11884.43 MB
Available Pagefile: 8851.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:921.59 GB) (Free:574.37 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 259D4594)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=9.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=921.6 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #4 on: April 18, 2015, 02:05:43 PM »
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-04-2015 01
Ran by SASHAISVETA (administrator) on SASHAISVETA-PC on 18-04-2015 12:57:52
Running from C:\Users\SASHAISVETA\Desktop
Loaded Profiles: SASHAISVETA (Available profiles: SASHAISVETA)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Dell Inc.) C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Toaster.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\Scheduler\STService.exe
(SoftThinks - Dell) C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Alcor Micro Corp.) C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Software602) C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe
(Dell Inc.) C:\Program Files\Dell\DellDataVault\DellDataVault.exe
(Google Inc.) C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe
(PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssist\imstrayicon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\splwow64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10060832 2010-02-08] (Realtek Semiconductor)
HKLM-x32\...\Run: [ShwiconXP9106] => C:\Program Files (x86)\Multimedia Card Reader(9106)\ShwiconXP9106.exe [237568 2010-01-27] (Alcor Micro Corp.)
HKLM-x32\...\Run: [Desktop Disc Tool] => c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-03-12] (Hewlett-Packard)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [Print2PDF Print Monitor] => C:\Program Files (x86)\Software602\Print2PDF\Print2PDF.exe [141368 2010-12-03] (Software602)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-10-25] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-11] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227648 2015-03-13] (AVAST Software)
HKLM-x32\...\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe [559616 2011-10-08] (Dell)
Winlogon\Notify\GoToAssist: C:\Program Files (x86)\Citrix\GoToAssist\514\G2AWinLogon_x64.dll [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\Run: [ooVoo.exe] => C:\Program Files (x86)\ooVoo\ooVoo.exe [35253312 2013-09-10] (ooVoo LLC)
HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\Run: [Google Update] => C:\Users\SASHAISVETA\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-09-25] (Google Inc.)
HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31087200 2015-01-23] (Skype Technologies S.A.)
HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\MountPoints2: {ace32b9c-2d02-11e3-b64c-842b2bad37cf} - J:\LG_PC_Programs.exe
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-13] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2015-04-12] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\SASHAISVETA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\SASHAISVETA\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy-x32: Group Policy on Chrome detected <======= ATTENTION
CHR HKU\S-1-5-21-4184064448-517517793-26037721-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Main,Search Page = https://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://mail.ru/cnt/10445
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/USCON/1
SearchScopes: HKLM -> {16AF6C75-2840-4A6F-8BE6-CB7B091620B0} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://search.yahoo.com/yhs/search?type=odc179&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKLM-x32 -> {F598173A-7DD5-4846-8054-3D0C04D62619} URL = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> {16AF6C75-2840-4A6F-8BE6-CB7B091620B0} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO: No Name -> {53504356-3700-A76A-76A7-7A786E7484D7} ->  No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-01-23] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31] (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} ->  No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-01-23] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31] (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll [2007-02-16] (IDM)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-02-10] (Microsoft Corporation)
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {7AEB3EFD-E564-43F1-B658-5058A7C5743B} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {53504356-3700-A76A-76A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2013-01-31] (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-01-31] (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\Firefox\Profiles\w4nonczc.default
FF DefaultSearchEngine: Поиск@Mail.Ru
FF DefaultSearchEngine.US: Поиск@Mail.Ru
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Поиск@Mail.Ru
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-02-20] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2013-07-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-07-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-01-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-01-19] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2013-09-11] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-05-31] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2013-09-11] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-22] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-02] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-02-15] (Adobe Systems)
FF Plugin-x32: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\Program Files (x86)\Yahoo!\Common\npyaxmpb.dll No File
FF Plugin HKU\S-1-5-21-4184064448-517517793-26037721-1000: @tools.google.com/Google Update;version=3 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin HKU\S-1-5-21-4184064448-517517793-26037721-1000: @tools.google.com/Google Update;version=9 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-03] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL [2006-10-26] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2013-09-11] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-03-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-03-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-03-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-03-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-03-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll [2013-03-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll [2013-03-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2013-09-11] (RealPlayer)
FF Plugin ProgramFiles/Appdata: C:\Users\SASHAISVETA\AppData\Roaming\mozilla\plugins\npatgpc.dll [2014-10-12] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\Firefox\Profiles\w4nonczc.default\searchplugins\mailru.xml [2015-02-10]
FF SearchPlugin: C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\Firefox\Profiles\w4nonczc.default\searchplugins\yahoo-avast.xml [2014-10-14]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2015-04-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-04-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-07-29]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-09-11]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\Firefox\Extensions: [{C1D13916-D911-11E1-8270-B8AC6F996F26}] - C:\Users\SASHAISVETA\AppData\Local\{C1D13916-D911-11E1-8270-B8AC6F996F26}
FF Extension: Mozilla Safe Browsing - C:\Users\SASHAISVETA\AppData\Local\{C1D13916-D911-11E1-8270-B8AC6F996F26} [2012-07-28]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.rambler.ru/
CHR StartupUrls: Default -> "hxxp://www.rambler.ru/"
CHR Profile: C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (YouTube) - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-09-25]
CHR Extension: (Adblock Plus) - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-11-22]
CHR Extension: (Adblock for Youtube) - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-11-22]
CHR Extension: (Google Search) - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-09-25]
CHR Extension: (AdBlock) - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-11-22]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Google Wallet) - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-23]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-01-31]
CHR HKLM-x32\...\Chrome\Extension: [odnmefdnonkjkjnmmccgofnjlchlopdo] - C:\Users\SASHAI~1\AppData\Local\Temp\tbch.crx [Not Found]
StartMenuInternet: Google Chrome.KCSD4QK27KIAZJSFIXC5HTYZFA - C:\Users\SASHAISVETA\AppData\Local\Google\Chrome\Application\chrome.exe

Opera:
=======
OPR StartupUrls: "hxxp://mail.ru/cnt/10445"

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ElevationManager\AdobeUpdateService.exe [710320 2015-02-15] (Adobe Systems Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-23] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-23] (Avast Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2714800 2015-02-10] (Microsoft Corporation)
R2 DellDataVault; C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2557136 2015-02-26] (Dell Inc.)
R2 DellDataVaultWiz; C:\Program Files\Dell\DellDataVault\DellDataVaultWiz.exe [201936 2015-02-26] (Dell Inc.)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2009-06-09] (Stardock Corporation) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [994360 2011-10-13] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [399416 2011-10-13] (Secunia)
R2 SupportAssistAgent; C:\Program Files (x86)\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [19288 2015-03-04] (Dell Inc.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-23] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-23] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-23] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-23] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-23] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-23] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-23] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-23] ()
R3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-30] (Dell Computer Corporation)
R3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-30] (Dell Computer Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-04-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [513080 2011-03-26] () [File not signed]
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-04-11] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-23] (Avast Software)
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 LVUVC64; system32\DRIVERS\lvuvc64.sys [X]

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #5 on: April 18, 2015, 02:09:08 PM »
I've attached FRST.txt. It was too big and wouldn't let me copy and paste it here. Thanks.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Slow, freezing
« Reply #6 on: April 18, 2015, 04:36:44 PM »
There are two AV programs installed on your system, Avast and Microsoft Security Essential. One of those must be UNinstalled asap... <<--Very Important

Avast removal tool: https://www.avast.com/uninstall-utility

MSE removal tool:   http://www.bleepingcomputer.com/download/microsoft-security-essentials-removal-tool/

Next,

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Download AdwCleaner by Xplode onto your Desktop.
  • Double click on Adwcleaner.exe to run the tool.
  • Click on Scan
  • Once the scan is done, click on the Clean button. <<<--- Ensure this option is completed
  • You will get a prompt asking to close all programs. Click OK.
  • Click OK again to reboot your computer.
  • A text file will open after the restart. Please post the content of that logfile in your reply.
  • You can also find the logfile at C:\AdwCleaner[Sn].txt. Where n in the scan reference number
Next,

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next,

Scan with ESET Online Scanner

This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
Please visit ESET Online Scanner website.

Click there Run ESET Online Scanner.

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.
If using Mozilla Firefox or Google Chrome:
  • Download esetsmartinstaller_enu.exe that you'll be given link to.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.
To perform the scan:
  • Make sure that Remove found threats is Checked.
  • Scan archives is checked.
  • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Under Enable Stealth Technology select Change select any extra drives in that window.
  • Click Start
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When the scan is done, click Finish.
  • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
Please include this logfile in your next reply.

Don't forget to re-enable protection software!

Post those logs, also give an update on any remaining issues or concerns...

Thanks,

Kevin


Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #7 on: April 18, 2015, 05:34:56 PM »
Which one would you suggest to remove: Avast or MSE?

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Slow, freezing
« Reply #8 on: April 19, 2015, 02:04:15 AM »
I would recommend to remove MSE and keep Avast....

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #9 on: April 20, 2015, 02:38:29 PM »
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-04-2015 01
Ran by SASHAISVETA at 2015-04-19 11:43:30 Run:1
Running from C:\Users\SASHAISVETA\Desktop
Loaded Profiles: SASHAISVETA (Available profiles: SASHAISVETA)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
HKU\S-1-5-21-4184064448-517517793-26037721-1000\...\MountPoints2: {ace32b9c-2d02-11e3-b64c-842b2bad37cf} - J:\LG_PC_Programs.exe
GroupPolicy-x32: Group Policy on Chrome detected <======= ATTENTION
CHR HKU\S-1-5-21-4184064448-517517793-26037721-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO-x32: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} ->  No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {7AEB3EFD-E564-43F1-B658-5058A7C5743B} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {53504356-3700-A76A-76A7-7A786E7484D7} -  No File
Toolbar: HKU\S-1-5-21-4184064448-517517793-26037721-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 LVUVC64; system32\DRIVERS\lvuvc64.sys [X]
C:\Users\SASHAISVETA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\Users\SASHAISVETA\AppData\Local\t021o375hp3yq51r1r8465
C:\Users\SASHAISVETA\AppData\Local\
C:\ProgramData\ezsidmv.dat
C:\ProgramData\repository.xml
C:\ProgramData\t021o375hp3yq51r1r8465
C:\Users\SASHAISVETA\AppData\Local\Temp\dllnt_dump.dll
C:\Users\SASHAISVETA\AppData\Local\Temp\Quarantine.exe
C:\Users\SASHAISVETA\AppData\Local\Temp\sqlite3.dll
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\SASHAISVETA\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {DD53B717-8367-4FC3-8B87-1620DE5F3EEA} - System32\Tasks\task14832793 => C:\Users\SASHAISVETA\AppData\Roaming\Strong Malware Defender\ScanDisk_.exe <==== ATTENTION
C:\Users\SASHAISVETA\AppData\Roaming\Strong Malware Defender
AlternateDataStreams: C:\ProgramData\TEMP:A31FAD21
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
EmptyTemp:
end



*****************

"HKU\S-1-5-21-4184064448-517517793-26037721-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{ace32b9c-2d02-11e3-b64c-842b2bad37cf}" => Key deleted successfully.
HKCR\CLSID\{ace32b9c-2d02-11e3-b64c-842b2bad37cf} => Key not found.
C:\Windows\SysWOW64\GroupPolicy\Machine => Moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.
"HKU\S-1-5-21-4184064448-517517793-26037721-1000\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully.
"HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => Key deleted successfully.
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => Key not found.
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7AEB3EFD-E564-43F1-B658-5058A7C5743B} => value deleted successfully.
HKCR\CLSID\{7AEB3EFD-E564-43F1-B658-5058A7C5743B} => Key not found.
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{09900DE8-1DCA-443F-9243-26FF581438AF} => value deleted successfully.
HKCR\CLSID\{09900DE8-1DCA-443F-9243-26FF581438AF} => Key not found.
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{53504356-3700-A76A-76A7-7A786E7484D7} => value deleted successfully.
HKCR\CLSID\{53504356-3700-A76A-76A7-7A786E7484D7} => Key not found.
HKU\S-1-5-21-4184064448-517517793-26037721-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => value deleted successfully.
HKCR\CLSID\{47833539-D0C5-4125-9FA8-0819E2EAAC93} => Key not found.
LVPr2M64 => Service deleted successfully.
LVUVC64 => Service deleted successfully.
C:\Users\SASHAISVETA\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => Moved successfully.
C:\Users\SASHAISVETA\AppData\Local\t021o375hp3yq51r1r8465 => Moved successfully.
C:\Users\SASHAISVETA\AppData\Local\ => Moved successfully.
C:\ProgramData\ezsidmv.dat => Moved successfully.
C:\ProgramData\repository.xml => Moved successfully.
C:\ProgramData\t021o375hp3yq51r1r8465 => Moved successfully.
C:\Users\SASHAISVETA\AppData\Local\Temp\dllnt_dump.dll => Moved successfully.
C:\Users\SASHAISVETA\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\SASHAISVETA\AppData\Local\Temp\sqlite3.dll => Moved successfully.
"HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => Key deleted successfully.
"HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => Key deleted successfully.
"HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => Key deleted successfully.
"HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => Key deleted successfully.
"HKU\S-1-5-21-4184064448-517517793-26037721-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DD53B717-8367-4FC3-8B87-1620DE5F3EEA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DD53B717-8367-4FC3-8B87-1620DE5F3EEA}" => Key deleted successfully.
C:\Windows\System32\Tasks\task14832793 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\task14832793" => Key deleted successfully.
"C:\Users\SASHAISVETA\AppData\Roaming\Strong Malware Defender" => File/Directory not found.
C:\ProgramData\TEMP => ":A31FAD21" ADS removed successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
EmptyTemp: => Removed 1.9 GB temporary data.


The system needed a reboot.

==== End of Fixlog 11:44:02 ====

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #10 on: April 20, 2015, 02:40:57 PM »
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=caeb022258a0a646b55ed7f9a619da26
# engine=23462
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-04-20 08:23:29
# local_time=2015-04-20 01:23:29 (-0800, Pacific Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 72 2293933 193895499 0 0
# scanned=681186
# found=7
# cleaned=6
# scan_time=48034
sh=1153FA55F278B473FBC206748243AB05798BE6B1 ft=1 fh=c8e25c9d8b4e7fc1 vn="Win32/PornTool.PCHDPlay.A potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\EroScr.scr"
sh=BD3C685B5F9C5FDDBCF46DAF1C89E094C69F87B0 ft=1 fh=62591177f2e83ca9 vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\hstart.exe"
sh=3963D8A5B82F5DD540BB1DDEE8BA5B8D9098C549 ft=1 fh=d69ca3895677d6e5 vn="a variant of Win32/HiddenStart.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\hstart.exe"
sh=5BAEB2240062E868ADE45E8AEC1577B9A03CE9DF ft=1 fh=942b0aee0877266e vn="a variant of Win32/Adware.LoadMoney.AFH application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\SASHAISVETA\Desktop\music\vyacheslav dobrynin tfile ru.exe"
sh=62006B670C55D5E894315BBF13AE29FD70D3DF85 ft=1 fh=554db64b6bcf3986 vn="a variant of Win32/Toolbar.SearchSuite.Z potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\SASHAISVETA\Downloads\BearShareV9.exe"
sh=64131EBCE68286BAAEFAC74F12628EBFC159B7CB ft=1 fh=252d3f247af8095f vn="Win32/InstallMonetizer.AQ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\SASHAISVETA\Downloads\PDFCreator-1_6_1_setup.exe"
sh=1153FA55F278B473FBC206748243AB05798BE6B1 ft=1 fh=c8e25c9d8b4e7fc1 vn="Win32/PornTool.PCHDPlay.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\EroScr.scr"

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #11 on: April 20, 2015, 02:42:28 PM »
# AdwCleaner v4.201 - Logfile created 19/04/2015 at 11:52:08
# Updated 08/04/2015 by Xplode
# Database : 2015-04-19.4 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : SASHAISVETA - SASHAISVETA-PC
# Running from : C:\Users\SASHAISVETA\Desktop\adwcleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

File Deleted : C:\Users\SASHAISVETA\AppData\Roaming\Mozilla\Firefox\Profiles\w4nonczc.default\invalidprefs.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17728


-\\ Mozilla Firefox v37.0.1 (x86 en-US)


-\\ Google Chrome v


-\\ Opera v0.0.0.0


*************************

AdwCleaner[R0].txt - [8468 bytes] - [11/04/2015 19:16:27]
AdwCleaner[R1].txt - [1053 bytes] - [19/04/2015 11:50:23]
AdwCleaner[S0].txt - [8148 bytes] - [11/04/2015 19:27:02]
AdwCleaner[S1].txt - [982 bytes] - [19/04/2015 11:52:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1040  bytes] ##########

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #12 on: April 20, 2015, 02:43:18 PM »
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.8 (04.17.2015:1)
OS: Windows 7 Home Premium x64
Ran by SASHAISVETA on Sun 04/19/2015 at 11:59:58.92
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\ProgramData\pcdr
Successfully deleted: [Folder] C:\Users\SASHAISVETA\AppData\Roaming\pcdr





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 04/19/2015 at 12:02:41.74
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Offline lsvetka

  • Bronze Member
  • Posts: 43
Re: [Inactive - K] Slow, freezing
« Reply #13 on: April 20, 2015, 02:45:50 PM »
Some files appeared on my desktop, some are word files, some look like system files. But they look kind of faded compared to other desktop icons. I was wondering what's that.

Offline kevinf80

  • Malware Removal Staff
  • Diamond Member
  • Posts: 7656
Re: [Inactive - K] Slow, freezing
« Reply #14 on: April 20, 2015, 04:14:05 PM »
The files you mention will go when we clean up. What is the current status of your system, do you have any remaining issues or concerns?

Run FRST one more time, ensure all boxes are checkmarked under "Whitelist" but only Addition.txt under "Optional scan" Select scan, when done post the two logs....

Thank you,

Kevin...

 

Click Here