GeekPolice Tech TutorialsLog in

 


Laptop Slow, No SMART HDD ERRORS

Share

descriptionSolvedLaptop Slow, No SMART HDD ERRORS

more_horiz
HI

After a long long time i am back with an Issue which is not solving. My Laptop is an i3, 4Gb Ram Win 10, Check HDD for errors, No errors. Plz Help Me out. Hiajck this log:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:52 AM, on 2/3/2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.14393.0000)
Boot mode: Normal

Running processes:
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Windows\system32\sihost.exe
C:\Windows\system32\svchost.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Windows\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Windows\system32\igfxTray.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\LAN Messenger\lmc.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Dropbox\Client\Dropbox.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\ApplicationFrameHost.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\DigiHead\Downloads\Programs\HijackThis.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\system32\SearchProtocolHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe" -s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Dropbox] "C:\Program Files\Dropbox\Client\Dropbox.exe" /systemstartup
O4 - HKLM\..\Run: [MagicPlusHelper] "C:\Program Files\MagicPlus\MagicPlus_helper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [IDMan] C:\Program Files\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [uTorrent] "C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [LAN Messenger] C:\Program Files\LAN Messenger\lmc.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Acrobat Synchronizer.lnk = C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download all links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\system32\IntelCpHeciSvc.exe
O23 - Service: Dropbox Update Service (dbupdate) (dbupdate) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: Dropbox Update Service (dbupdatem) (dbupdatem) - Dropbox, Inc. - C:\Program Files\Dropbox\Update\DropboxUpdate.exe
O23 - Service: DbxSvc - Dropbox, Inc. - C:\Windows\system32\DbxSvc.exe
O23 - Service: Digital Wave Update Service (DigitalWave.Update.Service) - Digital Wave Ltd. - C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @oem2.inf,%ServiceDisplayName%;ESIF Upper Framework Service (esifsvc) - Intel Corporation - C:\Windows\system32\esif_uf.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Intel Corporation - C:\Windows\system32\igfxCUIService.exe
O23 - Service: Realtek Audio Service (RtkAudioService) - Realtek Semiconductor - C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files\TeamViewer\TeamViewer_Service.exe

--
End of file - 10525 bytes




SYSTEM INFO:::



Host Name:                 DESKTOP-T6ECQPQ
OS Name:                   Microsoft Windows 10 Pro
OS Version:                10.0.14393 N/A Build 14393
OS Manufacturer:           Microsoft Corporation
OS Configuration:          Standalone Workstation
OS Build Type:             Multiprocessor Free
Registered Owner:          Windows User
Registered Organization:
Product ID:                00331-10000-00001-AA023
Original Install Date:     12/18/2016, 1:34:24 AM
System Boot Time:          1/31/2017, 6:27:59 PM
System Manufacturer:       HP
System Model:              HP Notebook
System Type:               X86-based PC
Processor(s):              1 Processor(s) Installed.
                           [01]: x64 Family 6 Model 61 Stepping 4 GenuineIntel ~2000 Mhz
BIOS Version:              Insyde F.21, 5/17/2016
Windows Directory:         C:\Windows
System Directory:          C:\Windows\system32
Boot Device:               \Device\HarddiskVolume1
System Locale:             en-us;English (United States)
Input Locale:              en-us;English (United States)
Time Zone:                 (UTC+05:30) Chennai, Kolkata, Mumbai, New Delhi
Total Physical Memory:     2,497 MB
Available Physical Memory: 356 MB
Virtual Memory: Max Size:  10,177 MB
Virtual Memory: Available: 7,242 MB
Virtual Memory: In Use:    2,935 MB
Page File Location(s):     C:\pagefile.sys
Domain:                    WORKGROUP
Logon Server:              \\DESKTOP-T6ECQPQ
Hotfix(s):                 4 Hotfix(s) Installed.
                           [01]: KB3199986
                           [02]: KB3211320
                           [03]: KB3214628
                           [04]: KB3213986
Network Card(s):           2 NIC(s) Installed.
                           [01]: Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter
                                 Connection Name: Wi-Fi
                                 DHCP Enabled:    Yes
                                 DHCP Server:     192.168.1.1
                                 IP address(es)
                                 [01]: 192.168.1.108
                                 [02]: fe80::14c:130e:a69c:84df
                           [02]: Realtek PCIe FE Family Controller
                                 Connection Name: Ethernet
                                 Status:          Media disconnected
Hyper-V Requirements:      VM Monitor Mode Extensions: Yes
                           Virtualization Enabled In Firmware: No
                           Second Level Address Translation: Yes
                           Data Execution Prevention Available: Yes

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Hello there and welcome back,

Are you wanting to check for malware or run diagnostics? We need this info before anyone helps.

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Hi, Thx for the reply, Yes i have done this earlier. I have this problem since months, Reinstalled OS 3 times, Virus/Malware check also done. Performance does not get better.

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Tell you what, we will research for tech problems and search a little bit for malware problems just in case...

Malwarebytes' scanner

If this program is already installed: Skip the installation and run only the scan! If you have an old version called "Malwarebytes' Anti-Malware" then you need to completely upgrade it to version 3.0. Please ensure to update according to instructions below.

Download and install: Please download Malwarebytes' scanner to your desktop.

  • Double-click mb3-setup-consumer-3.x.x.xxxx and follow the prompts to install the program.
  • Click Finish.
  • On the Dashboard, click the 'Check for Updates' button.
  • After the update completes, click the 'Scan Now' button.
  • A Threat Scan will begin. Please allow it to progress through the scanning process.
  • When the scan is complete, if there have been detections, click Quarantines Selected button to allow the program to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

How to get logs: (Export log to save as txt)

  • After the restart once you are back at your desktop, open Malwarebytes once more.
  • Click on the Reports tab > Scan Report. (if you have done more than one scan in the past, select the most recent that shows the Date and time of the scan just performed. Press View Report button.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Find the log on your Desktop and Attach that saved log to your next reply.
(Copy to clipboard for pasting into forum replies or tickets)


Farbar Service Scanner


Please download Farbar Service Scanner and run it on the computer with the issue.

    Check "Include All Files" option.Press "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply.



MiniToolBox


Please download MiniToolBox to Desktop and run it.

Checkmark the following boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP Configuration
  • Lst Last 10 Event Viewer Errors
  • List Users, Partitions and Memory Size


Click Go and copy/paste the log (Result.txt) into your next post.

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Thx Dr. Jay for your response

Please note Malwarebytes showed 3 Malwares out of which 1 is cleaned and 2 are not as i require those softwares(the same softwares are installed in a different laptop and no problem in performance.

The Logs:::

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 2/4/17
Scan Time: 10:19 AM
Logfile: malware bytes.txt
Administrator: Yes

-Software Information-
Version: 3.0.6.1469
Components Version: 1.0.50
Update Package Version: 1.0.1177
License: Trial

-System Information-
OS: Windows 10
CPU: x86
File System: NTFS
User: DESKTOP-T6ECQPQ\DigiHead

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 312400
Time Elapsed: 3 min, 5 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 3
PUP.Optional.AshampooRegistryCleaner, C:\PROGRAMDATA\ASHAMPOO\ICO_ASHAMPOO_MARKETPLACE.ICO, Quarantined, [2912], [355157],1.0.1177
HackTool.FilePatch, C:\PROGRAM FILES\EMAIL EXTRACTOR\EMAIL.EXTRACTOR.V.5.6.0.0-PATCH.EXE, No Action By User, [9906], [281135],1.0.1177
HackTool.FilePatch, C:\USERS\DIGIHEAD\DOWNLOADS\HARD DISK SENTINEL PRO 4.71.10 BUILD 8128 BETA MULTILINGUAL + PATCH [SADEEMPC].ZIP, No Action By User, [9906], [281135],1.0.1177

Physical Sector: 0
(No malicious items detected)


(end)





Farbar Service Scanner Version: 27-01-2016
Ran by DigiHead (administrator) on 04-02-2017 at 10:28:34
Running from "C:\Users\DigiHead\Downloads\Programs"
Microsoft Windows 10 Pro  (X86)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy: 
==================


System Restore:
============

System Restore Policy: 
========================


Security Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy: 
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\ipnathlp.dll => File is digitally signed
C:\Windows\system32\iphlpsvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed


**** End of log ****



MiniToolBox by Farbar  Version: 17-06-2016
Ran by DigiHead (administrator) on 04-02-2017 at 10:30:49
Running from "C:\Users\DigiHead\Downloads\Programs"
Microsoft Windows 10 Pro  (X86)
Model: HP Notebook Manufacturer: HP
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
========================= IP Configuration: ================================

Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter = Wi-Fi (Connected)
Realtek PCIe FE Family Controller = Ethernet (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global
set interface interface="Wi-Fi" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Ethernet" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 1" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 2" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Bluetooth Network Connection" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled
set interface interface="Local Area Connection* 12" forwarding=enabled advertise=enabled nud=enabled ignoredefaultroutes=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : DESKTOP-T6ECQPQ
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Ethernet:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
   Physical Address. . . . . . . . . : 94-57-A5-06-DF-F2
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Local Area Connection* 2:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
   Physical Address. . . . . . . . . : 72-77-81-BF-9E-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter
   Physical Address. . . . . . . . . : 70-77-81-BF-9E-55
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::14c:130e:a69c:84df%2(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.108(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Friday, February 3, 2017 12:03:45 PM
   Lease Expires . . . . . . . . . . : Sunday, February 5, 2017 9:48:52 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 40925057
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-E7-53-C8-94-57-A5-06-DF-F2
   DNS Servers . . . . . . . . . . . : 4.2.2.2
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:2871:ccae:1ccb:90cc:d403:396b(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1ccb:90cc:d403:396b%5(Preferred) 
   Default Gateway . . . . . . . . . : ::
   DHCPv6 IAID . . . . . . . . . . . : 587202560
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1F-E7-53-C8-94-57-A5-06-DF-F2
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter isatap.{0646145C-3A3A-4912-B2BA-6D2F8D95C0F1}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  4.2.2.2

Name:    google.com
Addresses:  2404:6800:4009:806::200e
 216.58.203.142


Pinging google.com [216.58.197.46] with 32 bytes of data:
Reply from 216.58.197.46: bytes=32 time=49ms TTL=55
Reply from 216.58.197.46: bytes=32 time=47ms TTL=55

Ping statistics for 216.58.197.46:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 47ms, Maximum = 49ms, Average = 48ms
Server:  b.resolvers.Level3.net
Address:  4.2.2.2

Name:    yahoo.com
Addresses:  2001:4998:c:a06::2:4008
 2001:4998:58:c02::a9
 2001:4998:44:204::a7
 206.190.36.45
 98.138.253.109
 98.139.183.24


Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=283ms TTL=46
Reply from 206.190.36.45: bytes=32 time=278ms TTL=46

Ping statistics for 206.190.36.45:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 278ms, Maximum = 283ms, Average = 280ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
  9...94 57 a5 06 df f2 ......Realtek PCIe FE Family Controller
 11...72 77 81 bf 9e 55 ......Microsoft Wi-Fi Direct Virtual Adapter
  2...70 77 81 bf 9e 55 ......Realtek RTL8723BE 802.11 bgn Wi-Fi Adapter
  1...........................Software Loopback Interface 1
  5...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 10...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1    192.168.1.108     50
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    331
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    331
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    331
      192.168.1.0    255.255.255.0         On-link     192.168.1.108    306
    192.168.1.108  255.255.255.255         On-link     192.168.1.108    306
    192.168.1.255  255.255.255.255         On-link     192.168.1.108    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    331
        224.0.0.0        240.0.0.0         On-link     192.168.1.108    306
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    331
  255.255.255.255  255.255.255.255         On-link     192.168.1.108    306
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  5    331 ::/0                     On-link
  1    331 ::1/128                  On-link
  5    331 2001::/32                On-link
  5    331 2001:0:2871:ccae:1ccb:90cc:d403:396b/128
                                    On-link
  2    306 fe80::/64                On-link
  5    331 fe80::/64                On-link
  2    306 fe80::14c:130e:a69c:84df/128
                                    On-link
  5    331 fe80::1ccb:90cc:d403:396b/128
                                    On-link
  1    331 ff00::/8                 On-link
  2    306 ff00::/8                 On-link
  5    331 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

========================= Event log errors: ===============================

Application errors:
==================
Error: (02/04/2017 10:30:09 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2017 10:28:21 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2017 10:15:15 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2017 09:55:52 AM) (Source: Application Error) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.6.1.0, time stamp: 0x57abad48
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x58256d13
Exception code: 0xe0434352
Fault offset: 0x000c24c2
Faulting process id: 0x12e4
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
Faulting package full name: AutoKMS.exe4
Faulting package-relative application ID: AutoKMS.exe5

Error: (02/04/2017 09:55:50 AM) (Source: .NET Runtime) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileInfo.Delete()
   at ..(System.String)
   at ..()
   at ..(., System.String, Boolean, System.String, Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
   at ..(Boolean, System.String, Boolean, System.String, System.String, Boolean, Int32, Boolean, Boolean, Boolean, Boolean, System.String, ., System.String)
   at ..(.)
   at ..()

Error: (02/04/2017 09:54:36 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2017 10:32:43 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2017 10:32:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.6.1.0, time stamp: 0x57abad48
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x58256d13
Exception code: 0xe0434352
Fault offset: 0x000c24c2
Faulting process id: 0x10e0
Faulting application start time: 0xAutoKMS.exe0
Faulting application path: AutoKMS.exe1
Faulting module path: AutoKMS.exe2
Report Id: AutoKMS.exe3
Faulting package full name: AutoKMS.exe4
Faulting package-relative application ID: AutoKMS.exe5

Error: (02/03/2017 10:32:19 PM) (Source: .NET Runtime) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileInfo.Delete()
   at ..(System.String)
   at ..()
   at ..(., System.String, Boolean, System.String, Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
   at ..(Boolean, System.String, Boolean, System.String, System.String, Boolean, Int32, Boolean, Boolean, Boolean, Boolean, System.String, ., System.String)
   at ..(.)
   at ..()

Error: (02/03/2017 06:35:33 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (02/04/2017 09:51:22 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/04/2017 09:48:41 AM) (Source: TPM) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (02/03/2017 10:38:56 PM) (Source: DCOM) (User: DESKTOP-T6ECQPQ)
Description: {DC4537C3-CA73-4AC7-9E1D-B2CE27C3A7A6}

Error: (02/03/2017 10:38:56 PM) (Source: DCOM) (User: DESKTOP-T6ECQPQ)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (02/03/2017 10:38:54 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/03/2017 10:30:32 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}{F72671A9-012C-4725-9D2F-2A4D32D65169}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable

Error: (02/03/2017 10:29:59 PM) (Source: TPM) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (02/03/2017 06:36:37 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (02/04/2017 10:30:09 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL

Error: (02/04/2017 10:28:21 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL

Error: (02/04/2017 10:15:15 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL

Error: (02/04/2017 09:55:52 AM) (Source: Application Error)(User: )
Description: AutoKMS.exe2.6.1.057abad48KERNELBASE.dll10.0.14393.47958256d13e0434352000c24c212e401d27e9e22c2e575C:\Windows\AutoKMS\AutoKMS.exeC:\Windows\System32\KERNELBASE.dll5907a7e1-4f48-44e1-be36-4ea1ba64ca91

Error: (02/04/2017 09:55:50 AM) (Source: .NET Runtime)(User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileInfo.Delete()
   at ..(System.String)
   at ..()
   at ..(., System.String, Boolean, System.String, Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
   at ..(Boolean, System.String, Boolean, System.String, System.String, Boolean, Int32, Boolean, Boolean, Boolean, Boolean, System.String, ., System.String)
   at ..(.)
   at ..()

Error: (02/04/2017 09:54:36 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL

Error: (02/03/2017 10:32:43 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL

Error: (02/03/2017 10:32:20 PM) (Source: Application Error)(User: )
Description: AutoKMS.exe2.6.1.057abad48KERNELBASE.dll10.0.14393.47958256d13e0434352000c24c210e001d27e3f05f30a1bC:\Windows\AutoKMS\AutoKMS.exeC:\Windows\System32\KERNELBASE.dlldebe19d2-211e-4fa8-bd22-7a94f2c5baf3

Error: (02/03/2017 10:32:19 PM) (Source: .NET Runtime)(User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileInfo.Delete()
   at ..(System.String)
   at ..()
   at ..(., System.String, Boolean, System.String, Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
   at ..(Boolean, System.String, Boolean, System.String, System.String, Boolean, Int32, Boolean, Boolean, Boolean, Boolean, System.String, ., System.String)
   at ..(.)
   at ..()

Error: (02/03/2017 06:35:33 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL


CodeIntegrity Errors:
===================================
  Date: 2016-12-17 13:19:36.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 13:19:36.607
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


========================= Memory info: ===================================

Percentage of memory in use: 74%
Total physical RAM: 2496.67 MB
Available physical RAM: 640.8 MB
Total Virtual: 10176.67 MB
Available Virtual: 7654.68 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:146 GB) (Free:103.71 GB) NTFS
2 Drive e: () (Fixed) (Total:488.28 GB) (Free:451.57 GB) NTFS
3 Drive f: () (Fixed) (Total:296.75 GB) (Free:237 GB) NTFS

========================= Users: ========================================

User accounts for \\DESKTOP-T6ECQPQ

Administrator            DefaultAccount           defaultuser0             
DigiHead                 Guest                    


**** End of log ****

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool x86 and save it to your Desktop.

  • Right-click on FRST icon and select Run as Administrator to start the tool.
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2017
Ran by DigiHead (administrator) on DESKTOP-T6ECQPQ (04-02-2017 11:52:10)
Running from C:\Users\DigiHead\Downloads
Loaded Profiles: DigiHead (Available Profiles: defaultuser0 & DigiHead)
Platform: Microsoft Windows 10 Pro Version 1607 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Digital Wave Ltd.) C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe
(Intel Corporation) C:\Windows\System32\esif_uf.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Update\DropboxUpdate.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(H.D.S. Hungary) C:\Program Files\Hard Disk Sentinel\HDSentinel.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Lenovo) C:\Program Files\MagicPlus\MagicPlus_helper.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe
(Dropbox, Inc.) C:\Program Files\Dropbox\Client\Dropbox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IDMan.exe
(BitTorrent Inc.) C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
(LAN Messenger) C:\Program Files\LAN Messenger\lmc.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Tonec Inc.) C:\Program Files\Internet Download Manager\IEMonitor.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office15\EXCEL.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI.exe [7894536 2016-10-04] (Realtek Semiconductor)
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [620152 2006-10-22] (Adobe Systems Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Dropbox] => C:\Program Files\Dropbox\Client\Dropbox.exe [26219896 2017-01-30] (Dropbox, Inc.)
HKLM\...\Run: [MagicPlusHelper] => C:\Program Files\MagicPlus\MagicPlus_helper.exe [2499240 2014-09-29] (Lenovo)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\Run: [IDMan] => C:\Program Files\Internet Download Manager\IDMan.exe [3952696 2016-07-14] (Tonec Inc.)
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\Run: [uTorrent] => C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe [2710208 2016-12-17] (BitTorrent Inc.)
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\Run: [LAN Messenger] => C:\Program Files\LAN Messenger\lmc.exe [1721344 2012-07-25] (LAN Messenger)
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\MountPoints2: {3ec0bd50-d946-11e6-b1ff-9457a506dff2} - "D:\WD Drive Unlock.exe" autoplay=true
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\MountPoints2: {3ec0bffb-d946-11e6-b1ff-9457a506dff2} - "D:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\MountPoints2: {3ec0c007-d946-11e6-b1ff-9457a506dff2} - "D:\Lenovo_Suite.exe" 
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\MountPoints2: {8b46e981-c43c-11e6-b1f0-707781bf9e56} - "D:\Lenovo_Suite.exe" 
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> 
IFEO\SppExtComObj.exe: [Debugger] SppExtComObjPatcher.exe
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files\Dropbox\Client\DropboxExt.14.0.dll [2017-01-30] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll [2015-08-14] (Tonec Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Speed Launcher.lnk [2016-12-20]
ShortcutTarget: Adobe Acrobat Speed Launcher.lnk -> C:\Windows\Installer\{AC76BA86-1033-F400-7760-000000000003}\_SC_Acrobat.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Acrobat Synchronizer.lnk [2016-12-20]
ShortcutTarget: Adobe Acrobat Synchronizer.lnk -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AdobeCollabSync.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 4.2.2.2 8.8.8.8
Tcpip\..\Interfaces\{0646145c-3a3a-4912-b2ba-6d2f8d95c0f1}: [DhcpNameServer] 4.2.2.2 8.8.8.8

Internet Explorer:
==================
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll [2016-07-13] (Internet Download Manager, Tonec Inc.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-07-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-23] (Oracle Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-07-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-23] (Oracle Corporation)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2006-10-22] (Adobe Systems Incorporated)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)

FireFox:
========
FF HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\DigiHead\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\DigiHead\AppData\Roaming\IDM\idmmzcc5 [2017-02-04] [not signed]
FF HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files\Internet Download Manager\idmmzcc2.xpi [2016-06-08]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-23] (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-07-19] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-07-19] (Microsoft Corporation)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.co.in/","hxxps://www.google.com/"
CHR Profile: C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default [2017-02-04]
CHR Extension: (Google Translate) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2016-12-17]
CHR Extension: (Google Slides) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-17]
CHR Extension: (Allow Copy - Click to activate on this tab) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\abidndjnodakeaicodfpgcnlkpppapah [2016-12-17]
CHR Extension: (Google Docs) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-17]
CHR Extension: (Google Drive) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-17]
CHR Extension: (YouTube) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-17]
CHR Extension: (Adblock Plus) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-17]
CHR Extension: (OneTab) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall [2016-12-17]
CHR Extension: (Copy All Urls) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\djdmadneanknadilpjiknlnanaolmbfk [2017-02-03]
CHR Extension: (Google Sheets) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-17]
CHR Extension: (Chrome Remote Desktop) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-02-03]
CHR Extension: (Google Docs Offline) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-17]
CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-01-13]
CHR Extension: (Pinterest Save Button) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2016-12-17]
CHR Extension: (Hunter) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgmhmanijnjhaffoampdlllchpolkdnj [2017-01-28]
CHR Extension: (goo.gl URL Shortener) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2016-12-17]
CHR Extension: (Cisco WebEx Extension) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2017-01-28]
CHR Extension: (Linkedin Search Page Scraper) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfdambiipdjjbjdoooaffbhffajoomkp [2016-12-17]
CHR Extension: (IDM Integration Module) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-12-31]
CHR Extension: (Chrome Web Store Payments) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19]
CHR Extension: (Gmail) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-28]
CHR Extension: (Scraper) - C:\Users\DigiHead\AppData\Local\Google\Chrome\User Data\Default\Extensions\poegfpiagjgnenagjphgdklmgcpjaofi [2016-12-17]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files\Internet Download Manager\IDMGCExt.crx [2016-07-13]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 cphs; C:\Windows\system32\IntelCpHeciSvc.exe [292832 2016-12-22] (Intel Corporation)
S2 dbupdate; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-02] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files\Dropbox\Update\DropboxUpdate.exe [143144 2017-01-02] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [40256 2017-01-30] (Dropbox, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe [391656 2016-08-24] (Digital Wave Ltd.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2166040 2016-12-17] (ESET)
R2 esifsvc; C:\Windows\system32\esif_uf.exe [1304728 2015-12-21] (Intel Corporation)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2016-12-20] (Macrovision Europe Ltd.) [File not signed]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [310752 2016-12-22] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [3303888 2017-01-20] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe [275464 2016-10-04] (Realtek Semiconductor)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [1887272 2016-09-15] (Microsoft Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [238192 2016-05-27] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [7183632 2016-07-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84928 2016-07-16] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [47080 2015-12-21] (Intel Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [206472 2016-12-17] (ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [14976 2016-12-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [156288 2016-12-17] (ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [122496 2016-12-17] (ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [162952 2016-12-17] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [52872 2016-12-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [71304 2016-12-17] (ESET)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [227816 2015-12-21] (Intel Corporation)
R2 giveio; C:\Windows\system32\giveio.sys [5248 1996-04-04] () [File not signed]
R0 iaStorA; C:\Windows\System32\drivers\iaStorA.sys [1992192 2015-11-24] (Intel Corporation)
R3 int0800; C:\Windows\System32\drivers\flashud.sys [42496 2009-09-09] (Intel Corporation)
R3 MEI; C:\Windows\System32\drivers\TeeDriverW8.sys [172096 2016-02-10] (Intel Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 rt640x86; C:\Windows\System32\drivers\rt640x86.sys [494080 2016-07-16] (Realtek                                            )
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [537880 2015-10-07] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\System32\drivers\rtwlane.sys [5236736 2017-02-01] (Realtek Semiconductor Corporation                           )
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [69744 2016-05-27] (Synaptics Incorporated)
R2 speedfan; C:\Windows\system32\speedfan.sys [24184 2012-12-30] (Almico Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 WirelessButtonDriver86; C:\Windows\System32\drivers\WirelessButtonDriver86.sys [29688 2015-08-13] (HP)
R3 WUDFWpdMtp; C:\Windows\system32\DRIVERS\WUDFRd.sys [161280 2016-07-16] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-04 11:52 - 2017-02-04 11:53 - 00022436 _____ C:\Users\DigiHead\Downloads\FRST.txt
2017-02-04 11:50 - 2017-02-04 11:52 - 00000000 ____D C:\FRST
2017-02-04 11:48 - 2017-02-04 11:50 - 01762816 _____ (Farbar) C:\Users\DigiHead\Downloads\FRST.exe
2017-02-04 10:32 - 2017-02-04 10:35 - 00009584 _____ C:\Users\DigiHead\Desktop\Prashant bhai.xlsx
2017-02-04 10:17 - 2017-02-04 10:19 - 00073672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-02-04 10:17 - 2017-02-04 10:17 - 00152512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-02-04 10:17 - 2017-02-04 10:17 - 00094656 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-02-04 10:17 - 2017-02-04 10:17 - 00039360 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-04 10:16 - 2017-02-04 10:16 - 00219584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-04 10:16 - 2017-02-04 10:16 - 00002097 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-04 10:16 - 2017-02-04 10:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-04 10:16 - 2017-02-04 10:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-04 10:16 - 2017-02-04 10:16 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-04 10:16 - 2017-01-20 07:47 - 00059976 _____ C:\Windows\system32\Drivers\mbae.sys
2017-02-04 09:57 - 2017-02-04 10:02 - 00000000 ____D C:\Users\DigiHead\Downloads\The.Blacklist.S04E12.HDTV.x264-KILLERS[ettv]
2017-02-03 15:05 - 2017-02-03 15:05 - 00003527 _____ C:\Users\DigiHead\Downloads\20206E644D895751C9E525CB8C376F7F4143484E.torrent
2017-02-03 14:44 - 2017-02-03 14:44 - 00023055 _____ C:\Users\DigiHead\Desktop\Manifest-0da972e28e5547ad-03-Feb-2017-14-44-35.pdf
2017-02-03 11:58 - 2017-02-03 12:04 - 00000000 ____D C:\SWSetup
2017-02-03 11:58 - 2017-02-03 11:58 - 00024576 __RSH C:\Backup.bcd
2017-02-03 11:58 - 2017-02-03 11:58 - 00000000 ____D C:\ProgramData\Hewlett-Packard
2017-02-03 11:10 - 2017-02-03 18:20 - 00090323 _____ C:\Users\DigiHead\Desktop\New Text Document.txt
2017-02-03 10:59 - 2017-02-03 10:59 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\Hard Disk Sentinel
2017-02-03 10:57 - 2017-02-03 14:28 - 00000000 ____D C:\Program Files\Hard Disk Sentinel
2017-02-03 10:57 - 2017-02-03 10:57 - 00001118 _____ C:\Users\DigiHead\Desktop\Hard Disk Sentinel.lnk
2017-02-03 10:57 - 2017-02-03 10:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel
2017-02-03 10:56 - 2017-02-03 10:56 - 00000000 ____D C:\Users\DigiHead\Downloads\Hard Disk Sentinel Pro 4.71.10 Build 8128 Beta Multilingual + Patch [SadeemPC]
2017-02-03 10:54 - 2017-02-03 10:56 - 24302835 _____ C:\Users\DigiHead\Downloads\Hard Disk Sentinel Pro 4.71.10 Build 8128 Beta Multilingual + Patch [SadeemPC].zip
2017-02-03 10:46 - 2017-02-03 10:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-02-03 10:37 - 2017-02-03 10:37 - 00018246 _____ C:\Users\DigiHead\Desktop\Flipkart-Labels-03-Feb-2017-10-37.pdf
2017-02-02 11:43 - 2017-02-02 11:43 - 00000000 ____D C:\Users\DigiHead\Downloads\Automatic Call Recorder Pro v1.09 Apk-XpoZ
2017-02-02 10:07 - 2017-02-02 10:07 - 00000000 ____D C:\Windows\LastGood
2017-02-01 14:28 - 2017-02-03 14:48 - 00000000 ____D C:\Users\DigiHead\Downloads\Black Hawk Down - Extend.Edtion (2001) HQ 1080p Blu-Ray x264 DTSHD-MA 5.1 -DDR
2017-02-01 00:35 - 2017-02-01 00:35 - 05236736 _____ (Realtek Semiconductor Corporation ) C:\Windows\system32\Drivers\rtwlane.sys
2017-02-01 00:35 - 2017-02-01 00:35 - 01026560 _____ (Realtek Semiconductor Corp. ) C:\Windows\system32\Rtlihvs.dll
2017-01-31 17:08 - 2017-02-03 15:06 - 00000000 ____D C:\Users\DigiHead\Desktop\Jammu & Kashmir
2017-01-31 09:52 - 2017-01-31 09:52 - 00099796 _____ C:\Users\DigiHead\Downloads\16032944606_BLJxxxxx7M_A4.pdf
2017-01-30 19:32 - 2017-01-30 19:32 - 00040256 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-01-30 19:32 - 2017-01-30 19:32 - 00035440 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-01-30 19:32 - 2017-01-30 19:32 - 00035440 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-01-30 19:32 - 2017-01-30 19:32 - 00035440 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-01-30 18:18 - 2017-01-30 18:24 - 00016588 _____ C:\Users\DigiHead\Desktop\Rajasthan Super Stockists FINAL.xlsx
2017-01-30 13:41 - 2017-01-30 13:41 - 00048608 _____ C:\Users\DigiHead\Desktop\01880100017892.pdf
2017-01-30 13:38 - 2017-01-30 14:09 - 303971872 _____ C:\Users\DigiHead\Downloads\All Activation Windows 7-8-10 v12.0 (Windows & Office Activator) [SadeemPC].zip
2017-01-30 12:06 - 2017-01-30 12:11 - 00000000 ____D C:\Users\DigiHead\Downloads\Dangal (2017) 1GB x264 DesiSCR AAC 2.0 -DDR
2017-01-29 18:49 - 2017-01-29 20:40 - 00009680 _____ C:\Users\DigiHead\Desktop\Ronak Group.xlsx
2017-01-28 16:33 - 2017-01-28 16:34 - 01928703 _____ C:\Users\DigiHead\Desktop\report.pdf
2017-01-28 15:59 - 2017-01-28 15:59 - 00000877 _____ C:\Users\DigiHead\Downloads\4364237279017137.txt
2017-01-28 15:06 - 2017-01-28 15:06 - 00141123 _____ C:\Users\DigiHead\Downloads\APF List.xlsx
2017-01-28 12:15 - 2016-02-27 10:57 - 07332825 _____ C:\Users\DigiHead\Desktop\VID-20160227-WA0000.mp4
2017-01-27 16:50 - 2017-01-27 16:50 - 00000000 ____D C:\Users\DigiHead\Desktop\AMAZON
2017-01-27 10:50 - 2017-01-27 10:51 - 00000000 ____D C:\Windows\LastGood.Tmp
2017-01-25 17:24 - 2016-12-21 10:14 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2017-01-24 17:02 - 2017-01-24 17:02 - 00528838 _____ C:\Users\DigiHead\Desktop\Challan for Ronak ( 23035040 ).pdf
2017-01-24 17:00 - 2017-01-24 17:00 - 00532175 _____ C:\Users\DigiHead\Desktop\23035040 - Ronak - Baroda.pdf
2017-01-24 15:53 - 2017-01-24 15:53 - 00000839 _____ C:\Users\DigiHead\Downloads\4934415653017190.txt
2017-01-24 15:50 - 2017-01-24 15:50 - 00002406 _____ C:\Users\DigiHead\Downloads\4933486145017190.txt
2017-01-24 10:13 - 2017-02-04 11:43 - 00000000 ____D C:\Users\DigiHead\Desktop\STONE
2017-01-23 17:07 - 2017-01-23 17:07 - 00000000 ____D C:\Program Files\Common Files\Java
2017-01-20 13:54 - 2017-01-20 13:54 - 01520509 _____ C:\Users\DigiHead\183797492-PUNJAB-Industry.pdf
2017-01-20 12:10 - 2017-01-31 17:09 - 00000000 ____D C:\Users\DigiHead\Desktop\PUNJAB
2017-01-20 11:21 - 2016-10-29 12:29 - 00729182 _____ C:\Users\DigiHead\Desktop\Laction e_broucher.pdf
2017-01-20 11:21 - 2016-10-29 12:26 - 00510339 _____ C:\Users\DigiHead\Desktop\FUGEN e_broucher.pdf
2017-01-17 12:14 - 2017-01-17 12:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Assistant
2017-01-17 12:14 - 2017-01-17 12:14 - 00000000 ____D C:\Program Files\MagicPlus
2017-01-16 18:56 - 2017-01-16 18:56 - 00000000 ____D C:\ProgramData\Western Digital
2017-01-16 18:15 - 2017-01-16 18:16 - 00000000 ____D C:\Users\DigiHead\Downloads\Wondershare Data Recovery 5.0.6.1 FULL + Crack [TechTools.ME]
2017-01-15 12:26 - 2017-02-01 15:56 - 00000000 ____D C:\Users\DigiHead\Desktop\FLIPKART
2017-01-13 11:35 - 2017-01-13 11:37 - 00058977 _____ C:\Users\DigiHead\Desktop\for one tab.xlsx
2017-01-13 09:42 - 2017-01-13 09:42 - 00000000 ____D C:\ProgramData\Synaptics
2017-01-12 12:49 - 2016-12-21 11:29 - 00101728 _____ (Microsoft Corporation) C:\Windows\system32\ImplatSetup.dll
2017-01-12 12:49 - 2016-12-21 10:50 - 06020448 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-01-12 12:49 - 2016-12-21 10:39 - 00263472 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Storage.ApplicationData.dll
2017-01-12 12:49 - 2016-12-21 10:32 - 03892864 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2017-01-12 12:49 - 2016-12-21 10:32 - 01852720 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2017-01-12 12:49 - 2016-12-21 10:32 - 01360464 _____ (Microsoft Corporation) C:\Windows\system32\mfnetsrc.dll
2017-01-12 12:49 - 2016-12-21 10:32 - 01277344 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2017-01-12 12:49 - 2016-12-21 10:32 - 01201872 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2017-01-12 12:49 - 2016-12-21 10:32 - 00980832 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2017-01-12 12:49 - 2016-12-21 10:32 - 00080224 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2017-01-12 12:49 - 2016-12-21 10:30 - 01384704 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2017-01-12 12:49 - 2016-12-21 10:17 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCsp.dll
2017-01-12 12:49 - 2016-12-21 10:15 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\ProvPluginEng.dll
2017-01-12 12:49 - 2016-12-21 10:14 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\KnobsCore.dll
2017-01-12 12:49 - 2016-12-21 10:13 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2017-01-12 12:49 - 2016-12-21 10:12 - 00330752 _____ (Microsoft Corporation) C:\Windows\system32\aadcloudap.dll
2017-01-12 12:49 - 2016-12-21 10:11 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2017-01-12 12:49 - 2016-12-21 10:10 - 00557568 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2017-01-12 12:49 - 2016-12-21 10:10 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\SyncSettings.dll
2017-01-12 12:49 - 2016-12-21 10:10 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-12 12:49 - 2016-12-21 10:10 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2017-01-12 12:49 - 2016-12-21 10:09 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2017-01-12 12:49 - 2016-12-21 10:08 - 00866816 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2017-01-12 12:49 - 2016-12-21 10:05 - 04612608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2017-01-12 12:49 - 2016-12-21 10:00 - 01255936 _____ (Microsoft Corporation) C:\Windows\system32\AzureSettingSyncProvider.dll
2017-01-12 12:49 - 2016-12-21 09:57 - 00640000 _____ (Microsoft Corporation) C:\Windows\system32\MCRecvSrc.dll
2017-01-12 12:49 - 2016-12-21 09:56 - 03776000 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2017-01-12 12:49 - 2016-12-21 09:55 - 07469056 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2017-01-12 12:49 - 2016-12-21 09:55 - 06474752 _____ (Microsoft Corporation) C:\Windows\system32\mspaint.exe
2017-01-12 12:49 - 2016-12-21 09:54 - 06044160 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2017-01-12 12:49 - 2016-12-21 09:54 - 00886272 _____ (Microsoft Corporation) C:\Windows\system32\aadtb.dll
2017-01-12 12:49 - 2016-12-21 09:52 - 03596800 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2017-01-12 12:49 - 2016-12-21 09:52 - 01883648 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2017-01-12 12:49 - 2016-12-14 10:51 - 02206496 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2017-01-12 12:49 - 2016-12-14 10:38 - 00341344 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-01-12 12:49 - 2016-12-14 10:36 - 00509792 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2017-01-12 12:49 - 2016-12-14 10:31 - 01557808 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2017-01-12 12:49 - 2016-12-14 10:15 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-01-12 12:49 - 2016-12-14 10:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2017-01-12 12:49 - 2016-12-14 10:11 - 00137728 _____ (Microsoft Corporation) C:\Windows\system32\ScDeviceEnum.dll
2017-01-12 12:49 - 2016-12-14 10:10 - 00318976 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2017-01-12 12:49 - 2016-12-14 10:10 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\cloudAP.dll
2017-01-12 12:49 - 2016-12-14 10:08 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\certprop.dll
2017-01-12 12:49 - 2016-12-14 10:06 - 00824320 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2017-01-12 12:49 - 2016-12-14 10:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2017-01-12 12:49 - 2016-12-14 10:06 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2017-01-12 12:49 - 2016-12-14 10:06 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2017-01-12 12:49 - 2016-12-14 10:05 - 01722368 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2017-01-12 12:49 - 2016-12-14 10:05 - 00755712 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-01-12 12:49 - 2016-12-14 10:05 - 00712192 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-01-12 12:49 - 2016-12-14 10:05 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\updatehandlers.dll
2017-01-12 12:49 - 2016-12-14 09:54 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\MSVP9DEC.dll
2017-01-12 12:49 - 2016-12-14 09:53 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2017-01-12 12:49 - 2016-12-14 09:53 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\wuuhext.dll
2017-01-12 12:49 - 2016-12-14 09:52 - 02998272 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2017-01-12 12:49 - 2016-12-14 09:52 - 02748416 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2017-01-12 12:49 - 2016-12-14 09:52 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-01-12 12:49 - 2016-12-14 09:52 - 01235456 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2017-01-12 12:49 - 2016-12-14 09:51 - 00860672 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2017-01-12 12:49 - 2016-08-02 10:00 - 00822784 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2017-01-12 12:48 - 2016-12-21 11:29 - 00218976 _____ (Microsoft Corporation) C:\Windows\system32\offlinesam.dll
2017-01-12 12:48 - 2016-12-21 10:35 - 00523784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2017-01-12 12:48 - 2016-12-21 10:31 - 00198496 _____ (Microsoft Corporation) C:\Windows\system32\CloudExperienceHost.dll
2017-01-12 12:48 - 2016-12-21 10:11 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-12 12:48 - 2016-12-21 10:05 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2017-01-12 12:48 - 2016-12-21 10:03 - 19413504 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2017-01-12 12:48 - 2016-12-21 10:02 - 19417600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-01-12 12:48 - 2016-12-21 10:00 - 05398016 _____ (Microsoft Corporation) C:\Windows\system32\aclui.dll
2017-01-12 12:48 - 2016-12-21 10:00 - 01406976 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2017-01-12 12:48 - 2016-12-21 10:00 - 00734208 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2017-01-12 12:48 - 2016-12-21 09:54 - 03733504 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-01-12 12:48 - 2016-12-21 09:53 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-01-12 12:48 - 2016-12-14 11:28 - 01026912 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 01469792 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystems32.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 01136992 _____ (Microsoft Corporation) C:\Windows\system32\AppVIntegration.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 01127040 _____ (Microsoft Corporation) C:\Windows\system32\ClipUp.exe
2017-01-12 12:48 - 2016-12-14 10:56 - 00911712 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntSubsystemController.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00812896 _____ (Microsoft Corporation) C:\Windows\system32\AppVPolicy.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00615264 _____ (Microsoft Corporation) C:\Windows\system32\AppVClient.exe
2017-01-12 12:48 - 2016-12-14 10:56 - 00558432 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntStreamingManager.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00550240 _____ (Microsoft Corporation) C:\Windows\system32\AppVOrchestration.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00541024 _____ (Microsoft Corporation) C:\Windows\system32\AppVReporting.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00498016 _____ (Microsoft Corporation) C:\Windows\system32\AppVEntVirtualization.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00492384 _____ (Microsoft Corporation) C:\Windows\system32\AppVPublishing.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00401248 _____ (Microsoft Corporation) C:\Windows\system32\AppVCatalog.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00372576 _____ (Microsoft Corporation) C:\Windows\system32\TransportDSA.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00290656 _____ (Microsoft Corporation) C:\Windows\system32\AppVScripting.dll
2017-01-12 12:48 - 2016-12-14 10:56 - 00141664 _____ (Microsoft Corporation) C:\Windows\system32\AppVNice.exe
2017-01-12 12:48 - 2016-12-14 10:31 - 00382784 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2017-01-12 12:48 - 2016-12-14 10:31 - 00076984 _____ (Microsoft Corporation) C:\Windows\system32\remoteaudioendpoint.dll
2017-01-12 12:48 - 2016-12-14 10:16 - 01631232 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.Resources.dll
2017-01-12 12:48 - 2016-12-14 10:10 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\CloudBackupSettings.dll
2017-01-12 12:48 - 2016-12-14 10:10 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-12 12:48 - 2016-12-14 10:08 - 13869056 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2017-01-12 12:48 - 2016-12-14 10:08 - 00213504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.CredDialogController.dll
2017-01-12 12:48 - 2016-12-14 10:07 - 00247296 _____ (Microsoft Corporation) C:\Windows\system32\domgmt.dll
2017-01-12 12:48 - 2016-12-14 10:07 - 00205312 _____ (Microsoft Corporation) C:\Windows\system32\ConsoleLogon.dll
2017-01-12 12:48 - 2016-12-14 10:07 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-01-12 12:48 - 2016-12-14 10:05 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2017-01-12 12:48 - 2016-12-14 10:02 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\D3D12.dll
2017-01-12 12:48 - 2016-12-14 10:02 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\LogonController.dll
2017-01-12 12:48 - 2016-12-14 09:52 - 00920064 _____ (Microsoft Corporation) C:\Windows\system32\dosvc.dll
2017-01-12 12:48 - 2016-11-02 17:31 - 00484584 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2017-01-12 12:48 - 2016-11-02 16:35 - 00313088 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2017-01-12 12:48 - 2016-11-02 16:02 - 00786432 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2017-01-12 12:47 - 2016-12-14 10:35 - 00544608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2017-01-12 12:47 - 2016-12-14 10:34 - 00261984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2017-01-12 12:42 - 2017-01-12 12:42 - 00000000 ____D C:\Program Files\Synaptics
2017-01-12 12:42 - 2016-05-27 15:42 - 00069744 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\Smb_driver_Intel.sys
2017-01-12 12:09 - 2017-01-12 12:09 - 00000000 ____D C:\Windows\system32\appmgmt
2017-01-12 10:32 - 2017-01-12 10:32 - 00000165 ____H C:\Users\DigiHead\Desktop\~$BUILDING STONE FINAL.xlsx
2017-01-10 12:40 - 2017-01-10 12:40 - 00000000 ____D C:\Users\DigiHead\Desktop\TRUSTSHOP
2017-01-10 11:15 - 2017-01-10 11:15 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\FFSJ
2017-01-10 11:02 - 2017-01-10 11:02 - 00794906 _____ C:\Windows\unins000.exe
2017-01-10 11:02 - 2017-01-10 11:02 - 00004161 _____ C:\Windows\unins000.dat
2017-01-10 11:02 - 2017-01-10 11:02 - 00000983 _____ C:\Users\Public\Desktop\File Splitter & Joiner.lnk
2017-01-10 11:02 - 2017-01-10 11:02 - 00000000 ____D C:\Windows\system32\FFSJ
2017-01-09 17:05 - 2017-01-09 17:05 - 00549034 _____ C:\Users\DigiHead\Documents\SCULPTURE HANDICRAFTS.csv
2017-01-09 16:41 - 2017-01-09 16:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2017-01-09 16:40 - 2017-01-09 16:41 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\DVDVideoSoft
2017-01-09 16:40 - 2017-01-09 16:41 - 00000000 ____D C:\Program Files\DVDVideoSoft
2017-01-09 16:40 - 2017-01-09 16:40 - 00000000 ____D C:\Program Files\Common Files\DVDVideoSoft
2017-01-09 16:30 - 2017-01-09 16:30 - 00000000 ____D C:\Users\DigiHead\AppData\Local\FreemakeVideoConverter
2017-01-09 16:29 - 2017-01-12 12:12 - 00000000 ____D C:\ProgramData\Freemake
2017-01-09 16:29 - 2017-01-09 16:30 - 00000000 ____D C:\Users\DigiHead\Documents\Freemake
2017-01-09 14:45 - 2017-01-30 15:43 - 00000000 ____D C:\Users\DigiHead\Desktop\PAYTM
2017-01-09 11:46 - 2017-01-09 11:46 - 00007000 _____ C:\Users\DigiHead\Downloads\0da972e28e5547ad_2016-11-01_2016-11-30.csv
2017-01-07 11:01 - 2017-01-07 11:02 - 16464331 _____ C:\Users\DigiHead\Downloads\com.whatsapp-2.11.515-450271-minAPI7.apk
2017-01-06 15:24 - 2017-01-06 15:24 - 03004235 _____ C:\Users\DigiHead\Downloads\fwsemiiicam.zip
2017-01-06 15:23 - 2017-01-06 15:24 - 03290034 _____ C:\Users\DigiHead\Downloads\fwfwstudymaterialforcomputers.zip

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-04 11:52 - 2016-12-17 14:31 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\uTorrent
2017-02-04 11:14 - 2016-12-18 01:26 - 00000000 ____D C:\Windows\system32\SleepStudy
2017-02-04 10:23 - 2016-12-19 13:14 - 00000000 ____D C:\ProgramData\Ashampoo
2017-02-04 10:17 - 2016-12-17 13:45 - 00000000 ____D C:\Users\DigiHead\Documents\Outlook Files
2017-02-04 10:15 - 2016-12-17 19:48 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\MPC-HC
2017-02-04 10:13 - 2016-12-17 14:28 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\IDM
2017-02-04 09:53 - 2016-07-16 13:59 - 00000000 ____D C:\Windows\AppReadiness
2017-02-04 09:52 - 2016-12-28 14:35 - 00000000 ___RD C:\Users\DigiHead\Dropbox
2017-02-04 09:51 - 2016-12-17 12:32 - 00000000 __SHD C:\Users\DigiHead\IntelGraphicsProfiles
2017-02-04 09:51 - 2016-12-17 12:30 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-03 22:38 - 2016-12-17 14:28 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\DMCache
2017-02-03 18:37 - 2016-12-18 01:35 - 00000000 ____D C:\Users\DigiHead
2017-02-03 18:34 - 2016-07-16 13:58 - 00000000 ____D C:\Windows\INF
2017-02-03 12:03 - 2016-12-18 01:26 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-03 11:59 - 2016-07-16 07:52 - 00262144 _____ C:\Windows\system32\config\BBI
2017-02-03 11:10 - 2016-12-17 12:28 - 00000000 ____D C:\Users\DigiHead\AppData\Local\VirtualStore
2017-02-03 10:46 - 2016-12-28 14:25 - 00000000 ____D C:\Program Files\Dropbox
2017-02-03 09:46 - 2016-07-16 13:59 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-02 14:01 - 2016-12-18 01:36 - 00000000 ____D C:\Users\DigiHead\AppData\Local\Packages
2017-02-02 11:53 - 2016-12-18 01:37 - 01191310 _____ C:\Windows\system32\PerfStringBackup.INI
2017-02-02 09:59 - 2016-12-17 12:40 - 00002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-02-02 09:59 - 2016-12-17 12:40 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-02-01 15:55 - 2016-12-19 17:39 - 00000000 ___HD C:\Users\DigiHead\Desktop\.picasaoriginals
2017-01-30 18:17 - 2016-12-17 14:48 - 00000000 ____D C:\Users\DigiHead\Documents\Received Files
2017-01-27 10:51 - 2016-12-17 12:30 - 00000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-01-27 10:51 - 2016-12-17 12:16 - 00000000 ____D C:\Program Files\Intel
2017-01-25 18:09 - 2016-07-16 13:49 - 00000000 ____D C:\Windows\CbsTemp
2017-01-23 17:07 - 2016-12-17 12:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-01-23 17:07 - 2016-12-17 12:41 - 00000000 ____D C:\ProgramData\Oracle
2017-01-23 17:07 - 2016-12-17 12:41 - 00000000 ____D C:\Program Files\Java
2017-01-23 17:06 - 2016-12-17 12:42 - 00095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-01-20 18:03 - 2017-01-04 09:45 - 00000000 ____D C:\Users\DigiHead\Desktop\SNap Deal
2017-01-18 17:14 - 2016-12-17 12:38 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\vlc
2017-01-17 12:14 - 2016-12-19 17:20 - 00000527 _____ C:\Users\DigiHead\ticket1.xml
2017-01-16 11:06 - 2016-07-16 13:59 - 00000000 ____D C:\Windows\rescache
2017-01-13 09:41 - 2016-12-18 01:25 - 00343496 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-13 08:12 - 2016-07-16 13:59 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2017-01-13 08:12 - 2016-07-16 13:59 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2017-01-13 08:12 - 2016-07-16 13:59 - 00000000 ____D C:\Windows\system32\oobe
2017-01-13 08:12 - 2016-07-16 13:59 - 00000000 ____D C:\Windows\ShellExperiences
2017-01-13 08:12 - 2016-07-16 13:59 - 00000000 ____D C:\Windows\Provisioning
2017-01-13 08:12 - 2016-07-16 13:59 - 00000000 ____D C:\Windows\PolicyDefinitions
2017-01-12 18:13 - 2016-12-17 12:58 - 00000000 ____D C:\Users\DigiHead\AppData\Local\Microsoft Help
2017-01-12 13:20 - 2016-12-17 13:58 - 00000000 ____D C:\Windows\system32\MRT
2017-01-12 13:14 - 2016-12-17 13:57 - 133456224 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-12 12:14 - 2016-12-19 17:19 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\Lenovo
2017-01-12 12:14 - 2016-12-18 01:38 - 00000000 ___RD C:\Users\DigiHead\OneDrive
2017-01-12 12:13 - 2016-12-19 12:22 - 00000000 ____D C:\ProgramData\Wondershare
2017-01-12 12:13 - 2016-12-19 12:22 - 00000000 ____D C:\Program Files\Wondershare
2017-01-12 12:13 - 2016-12-17 12:28 - 00000000 ____D C:\Users\DigiHead\AppData\Roaming\Synaptics
2017-01-12 12:09 - 2016-12-17 15:50 - 00000000 ____D C:\Program Files\Adobe
2017-01-11 16:42 - 2016-12-17 14:34 - 00002669 _____ C:\Users\DigiHead\Desktop\µTorrent.lnk
2017-01-05 09:47 - 2017-01-02 11:44 - 00000932 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-01-05 09:47 - 2017-01-02 11:44 - 00000928 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-03 09:53

==================== End of FRST.txt ============================

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2017
Ran by DigiHead (04-02-2017 11:54:05)
Running from C:\Users\DigiHead\Downloads
Microsoft Windows 10 Pro Version 1607 (X86) (2016-12-17 20:04:24)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3518530213-2598402463-2486072489-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3518530213-2598402463-2486072489-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3518530213-2598402463-2486072489-1000 - Limited - Disabled) => C:\Users\defaultuser0
DigiHead (S-1-5-21-3518530213-2598402463-2486072489-1001 - Administrator - Enabled) => C:\Users\DigiHead
Guest (S-1-5-21-3518530213-2598402463-2486072489-501 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\uTorrent) (Version: 3.4.9.42606 - BitTorrent Inc.)
Adobe Acrobat 8 Professional - English, Français, Deutsch (HKLM\...\Adobe Acrobat 8 Professional - English, Français, Deutsch) (Version: 8.0.0 - Adobe Systems)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
Dropbox (HKLM\...\Dropbox) (Version: 19.4.12 - Dropbox, Inc.)
Dropbox Update Helper (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Email Extractor (HKLM\...\Email Extractor) (Version: 5.5 - WebPro Software)
Email Extractor (Version: 5.5 - WebPro Solutions) Hidden
ESET Smart Security (HKLM\...\{EE928C63-34BF-4157-8B20-C20404A22A34}) (Version: 9.0.349.0 - ESET, spol. s r.o.)
File Splitter and Joiner (FFSJ v3.3) (HKLM\...\File Splitter and Joiner_is1) (Version:  - Le Minh Hoang)
Free Video to MP3 Converter (HKLM\...\Free Video to MP3 Converter_is1) (Version: 5.0.99.823 - Digital Wave Ltd)
Google Chrome (HKLM\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Update Helper (Version: 1.3.32.7 - Google Inc.) Hidden
Hard Disk Sentinel PRO (HKLM\...\Hard Disk Sentinel_is1) (Version: 4.71 - Janos Mathe)
IDM Crack 6.25 build 23 (HKLM\...\IDM Crack 6.25 build 23) (Version: build 23 - Crackingpatching.com Team)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4568 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
K-Lite Mega Codec Pack 11.7.5 (HKLM\...\KLiteCodecPack_is1) (Version: 11.7.5 - )
LAN Messenger (HKLM\...\LAN Messenger) (Version: 1.2.35 - LAN Messenger)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Mobile Assistant (HKLM\...\{48D6D221-9262-4159-9DBF-E40DA8478648}) (Version: 1.4.1.10090 - Lenovo)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7944 - Realtek Semiconductor Corp.)
SpeedFan (remove only) (HKLM\...\SpeedFan) (Version:  - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.4.0 - Synaptics Incorporated)
TeamViewer 11 (HKLM\...\TeamViewer) (Version: 11.0.63017 - TeamViewer)
Update for Skype for Business 2015 (KB3039776) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{9F6B3627-AF9E-40A5-AAD5-3497C4327616}) (Version:  - Microsoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WebHarvy (HKLM\...\{B1D083B1-550E-4BA8-8021-E9E58C1ABA79}) (Version: 3.4.1.121 - SysNucleus)
WinRAR 5.30 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {26D700A4-0DF7-4858-96CA-A5B86870030B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {2C88B84E-79B8-42B4-ABE2-F1C3897B2E96} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_DigiHead => C:\Program Files\Hard Disk Sentinel\HDSentinel.exe [2017-02-03] (H.D.S. Hungary)
Task: {9BD6B009-B6E9-4F1D-AB73-B7561B689F1C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2017-01-02] (Dropbox, Inc.)
Task: {A24098A6-1692-48F8-8732-62BFA390A088} - System32\Tasks\lenovo mobile auto run => C:\Program Files\MagicPlus\MagicPlus_helper.exe [2014-09-29] (Lenovo)
Task: {AC7348D0-D708-4CC6-A66A-638A0A3FA159} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.)
Task: {B65E1C9C-D02D-4C20-B21D-264424953E93} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcTrigger
Task: {CD2EB39A-7CF1-489D-BFC5-4806D103E977} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files\Dropbox\Update\DropboxUpdate.exe [2017-01-02] (Dropbox, Inc.)
Task: {D5DC5581-3554-4A76-A6F9-9171A03E089D} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2016-12-17] ()
Task: {D87C2C88-3EB7-4AD1-9B1B-A86B893A802C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {DA9F79E9-00DD-4542-9B52-FE153CC058D0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {E7303FBF-9AFC-41E8-AA82-1DB58429A961} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-12-17] (Google Inc.)
Task: {F2C0EA2F-562D-44DE-B927-E3AC284A6B9F} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\DigiHead\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Chrome Remote Desktop.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp

==================== Loaded Modules (Whitelisted) ==============

2017-01-03 11:06 - 2012-09-18 15:26 - 00169472 _____ () C:\Windows\System32\zlhp1020.dll
2017-01-03 11:06 - 2012-09-18 15:26 - 00059904 _____ () C:\Windows\system32\spool\PRTPROCS\W32X86\pphp1020.dll
2017-01-09 16:40 - 2016-08-24 17:47 - 00114664 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\zlib1.dll
2017-01-09 16:40 - 2016-08-24 17:47 - 00108008 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2017-01-09 16:40 - 2016-08-24 17:47 - 00024040 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2017-01-09 16:40 - 2016-08-24 17:47 - 00048104 _____ () C:\Program Files\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-07-16 13:55 - 2016-07-16 13:55 - 00190976 _____ () C:\Windows\SYSTEM32\ism32k.dll
2016-12-17 13:50 - 2016-12-09 15:41 - 02048496 _____ () C:\Windows\System32\CoreUIComponents.dll
2016-12-17 13:50 - 2016-12-09 15:41 - 02048496 _____ () C:\Windows\system32\CoreUIComponents.dll
2014-09-29 15:05 - 2014-09-29 15:05 - 00109736 _____ () C:\Program Files\MagicPlus\crashreport.dll
2014-09-29 15:05 - 2014-09-29 15:05 - 00351400 _____ () C:\Program Files\MagicPlus\UsbHelper.dll
2016-11-17 00:42 - 2016-12-22 00:40 - 00415200 _____ () C:\Windows\system32\igfxTray.exe
2016-12-17 13:50 - 2016-12-09 15:41 - 02048496 _____ () C:\Windows\SYSTEM32\CoreUIComponents.dll
2016-07-12 18:38 - 2016-07-12 18:38 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-07-16 13:55 - 2016-07-16 13:55 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-12 12:49 - 2016-12-21 10:12 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-12 12:48 - 2016-12-21 09:55 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-12 12:48 - 2016-12-21 09:51 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-12-17 13:49 - 2016-08-06 08:51 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-12 12:48 - 2016-12-21 09:51 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-12 12:48 - 2016-12-21 09:52 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-12 12:48 - 2016-12-21 09:54 - 03158016 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-03 10:44 - 2017-01-30 19:42 - 00801600 _____ () C:\Program Files\Dropbox\Client\dropbox_watchdog.dll
2017-02-03 10:45 - 2017-01-14 05:23 - 00035792 _____ () C:\Program Files\Dropbox\Client\_multiprocessing.pyd
2017-02-03 10:45 - 2017-01-14 05:23 - 00100296 _____ () C:\Program Files\Dropbox\Client\_ctypes.pyd
2017-02-03 10:45 - 2017-01-14 05:23 - 00018888 _____ () C:\Program Files\Dropbox\Client\select.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00019776 _____ () C:\Program Files\Dropbox\Client\tornado.speedups.pyd
2017-02-03 10:45 - 2017-01-14 05:23 - 00694224 _____ () C:\Program Files\Dropbox\Client\unicodedata.pyd
2017-02-03 10:44 - 2017-01-30 19:44 - 00020824 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-02-03 10:45 - 2017-01-14 05:24 - 00123856 _____ () C:\Program Files\Dropbox\Client\_cffi_backend.pyd
2017-02-03 10:44 - 2017-01-30 19:44 - 01682768 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-02-03 10:44 - 2017-01-30 19:44 - 00020816 _____ () C:\Program Files\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-02-03 10:45 - 2017-01-14 05:23 - 00145864 _____ () C:\Program Files\Dropbox\Client\pyexpat.pyd
2017-02-03 10:44 - 2017-01-14 05:24 - 00019408 _____ () C:\Program Files\Dropbox\Client\faulthandler.pyd
2017-02-03 10:45 - 2017-01-14 05:23 - 00116688 _____ () C:\Program Files\Dropbox\Client\pywintypes27.dll
2017-02-03 10:45 - 2017-01-14 05:26 - 00105928 _____ () C:\Program Files\Dropbox\Client\win32api.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00022864 _____ () C:\Program Files\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00052544 _____ () C:\Program Files\Dropbox\Client\psutil._psutil_windows.pyd
2017-02-03 10:44 - 2017-01-30 19:44 - 00038712 _____ () C:\Program Files\Dropbox\Client\fastpath.pyd
2017-02-03 10:45 - 2017-01-14 05:23 - 00392144 _____ () C:\Program Files\Dropbox\Client\pythoncom27.dll
2017-02-03 10:45 - 2017-01-14 05:26 - 00020936 _____ () C:\Program Files\Dropbox\Client\mmapfile.pyd
2017-02-03 10:45 - 2017-01-14 05:26 - 00024528 _____ () C:\Program Files\Dropbox\Client\win32event.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00116176 _____ () C:\Program Files\Dropbox\Client\win32security.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00381760 _____ () C:\Program Files\Dropbox\Client\win32com.shell.shell.pyd
2017-02-03 10:45 - 2017-01-14 05:26 - 00124880 _____ () C:\Program Files\Dropbox\Client\win32file.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00026456 _____ () C:\Program Files\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-02-03 10:45 - 2017-01-14 05:26 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32clipboard.pyd
2017-02-03 10:45 - 2017-01-14 05:26 - 00175560 _____ () C:\Program Files\Dropbox\Client\win32gui.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00030160 _____ () C:\Program Files\Dropbox\Client\win32pipe.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00043472 _____ () C:\Program Files\Dropbox\Client\win32process.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00048592 _____ () C:\Program Files\Dropbox\Client\win32service.pyd
2017-02-03 10:45 - 2017-01-14 05:26 - 00057808 _____ () C:\Program Files\Dropbox\Client\win32evtlog.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00024016 _____ () C:\Program Files\Dropbox\Client\win32profile.pyd
2017-02-03 10:44 - 2017-01-30 19:44 - 00246608 _____ () C:\Program Files\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-02-03 10:44 - 2017-01-30 19:44 - 00027488 _____ () C:\Program Files\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-02-03 10:45 - 2017-01-14 05:25 - 00241104 _____ () C:\Program Files\Dropbox\Client\_jpegtran.pyd
2017-02-03 10:44 - 2017-01-30 19:44 - 00022336 _____ () C:\Program Files\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00028616 _____ () C:\Program Files\Dropbox\Client\win32ts.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 01826104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtCore.pyd
2017-02-03 10:45 - 2017-01-14 05:24 - 00083912 _____ () C:\Program Files\Dropbox\Client\sip.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 01972536 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtGui.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 03928896 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00531264 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00025432 _____ () C:\Program Files\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00133432 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00224064 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00207680 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00021840 _____ () C:\Program Files\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00069968 _____ () C:\Program Files\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00022872 _____ () C:\Program Files\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00021848 _____ () C:\Program Files\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00022872 _____ () C:\Program Files\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00350152 _____ () C:\Program Files\Dropbox\Client\winxpgui.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00103232 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWinExtras.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00023896 _____ () C:\Program Files\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00025936 _____ () C:\Program Files\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-02-03 10:45 - 2017-01-14 05:21 - 00036296 _____ () C:\Program Files\Dropbox\Client\librsync.dll
2017-02-03 10:44 - 2017-01-30 19:44 - 00033112 _____ () C:\Program Files\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2017-02-03 10:44 - 2016-12-06 01:45 - 00293392 _____ () C:\Program Files\Dropbox\Client\EnterpriseDataAdapter.dll
2017-02-03 10:44 - 2017-01-30 19:44 - 00084288 _____ () C:\Program Files\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-02-03 10:45 - 2017-01-14 05:32 - 00017864 _____ () C:\Program Files\Dropbox\Client\libEGL.dll
2017-02-03 10:45 - 2017-01-14 05:32 - 01631184 _____ () C:\Program Files\Dropbox\Client\libGLESv2.dll
2017-02-03 10:45 - 2017-01-30 19:44 - 00042816 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00171336 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00357688 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQml.pyd
2017-02-03 10:45 - 2017-01-14 05:27 - 00060880 _____ () C:\Program Files\Dropbox\Client\win32print.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00026456 _____ () C:\Program Files\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-03 10:45 - 2017-01-30 19:44 - 00546104 _____ () C:\Program Files\Dropbox\Client\PyQt5.QtQuick.pyd
2017-02-03 10:45 - 2017-01-14 05:34 - 00697304 _____ () C:\Program Files\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2009-01-11 01:02 - 2009-01-11 01:02 - 00011362 _____ () C:\Program Files\LAN Messenger\mingwm10.dll
2009-06-23 08:12 - 2009-06-23 08:12 - 00043008 _____ () C:\Program Files\LAN Messenger\libgcc_s_dw2-1.dll
2017-02-02 09:59 - 2017-02-01 14:31 - 01870168 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-02 09:59 - 2017-02-01 14:31 - 00085848 _____ () C:\Program Files\Google\Chrome\Application\56.0.2924.87\libegl.dll
2017-01-03 11:06 - 2012-09-18 15:26 - 02223104 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\suhp1020.dll
2017-01-03 11:05 - 2012-09-18 15:26 - 00949248 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\gchp1020.dll
2017-01-03 11:06 - 2012-09-18 15:26 - 00532992 _____ () C:\Windows\system32\spool\DRIVERS\W32X86\3\sdhp1020.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\DigiHead\Desktop\cities.csv:com.dropbox.attributes [168]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 14:00 - 2016-07-16 13:57 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\Control Panel\Desktop\\Wallpaper -> E:\funny-wallpapers-21.jpg
DNS Servers: 4.2.2.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Speed Launcher.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Adobe Acrobat Synchronizer.lnk"
HKLM\...\StartupApproved\Run: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run: => "Acrobat Assistant 8.0"
HKU\S-1-5-21-3518530213-2598402463-2486072489-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [{D01F1939-6548-4460-B495-25847104E14C}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{44CDB65F-4E15-4CCD-B4A2-2D65E561CAA7}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9B1176AE-819F-48D4-9DD9-11164E4A8D21}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{43140312-676D-4D03-AD23-9D2FCED48E13}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{1E182949-6917-437D-8875-499DDC5A150A}] => C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{645D2F3A-7CC1-4B08-BED7-D30E82DB6600}] => C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{04507893-A777-4BB7-8A57-7944DF93F2A1}] => C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{42DEE60A-CF44-4537-A322-6306296BE8AD}] => C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B4FFE43C-CDD3-4A00-A28A-8878C14FA4F2}] => C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BB6C5947-3B57-4D67-A938-5DD4BA82C9F1}] => C:\Users\DigiHead\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{82E060B2-C3E7-41C8-A94C-C1DFF1317E57}] => C:\Program Files\LAN Messenger\lmc.exe
FirewallRules: [{8B621B84-9855-4C7A-BD92-A1DB646C084D}] => C:\Program Files\LAN Messenger\lmc.exe
FirewallRules: [{B9B44C7B-E5CD-405D-90B4-45F8B1C9CB5C}] => C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{BC752AC0-9BAB-488D-9159-F1094EA6FC98}] => C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{60188305-2883-4C31-9B23-5C8DD797D42B}] => C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C7752775-1B12-4655-8EAA-2A3DB5A1DACE}] => C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{40337B21-33A3-49B5-A81D-E23F6945FB21}] => C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{EB47F8B9-2872-4B62-93F7-2AE6C61C720C}] => C:\Program Files\Dropbox\Client\Dropbox.exe
FirewallRules: [{32C33CC0-928A-46F7-9EE9-F309CA6B219E}] => C:\Windows\AutoKMS\AutoKMS.exe
FirewallRules: [{D5333895-C6E3-4593-9DAC-93157157AB26}] => C:\Windows\AutoKMS\AutoKMS.exe

==================== Restore Points =========================

16-01-2017 10:31:12 Windows Update
19-01-2017 14:56:19 Windows Update
25-01-2017 18:09:03 Windows Update
02-02-2017 10:06:58 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/04/2017 11:10:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-T6ECQPQ)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927142 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (02/04/2017 10:30:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2017 10:28:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2017 10:15:15 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/04/2017 09:55:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.6.1.0, time stamp: 0x57abad48
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x58256d13
Exception code: 0xe0434352
Fault offset: 0x000c24c2
Faulting process id: 0x12e4
Faulting application start time: 0x01d27e9e22c2e575
Faulting application path: C:\Windows\AutoKMS\AutoKMS.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: 5907a7e1-4f48-44e1-be36-4ea1ba64ca91
Faulting package full name: 
Faulting package-relative application ID:

Error: (02/04/2017 09:55:50 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileInfo.Delete()
   at ..(System.String)
   at ..()
   at ..(., System.String, Boolean, System.String, Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
   at ..(Boolean, System.String, Boolean, System.String, System.String, Boolean, Int32, Boolean, Boolean, Boolean, Boolean, System.String, ., System.String)
   at ..(.)
   at ..()

Error: (02/04/2017 09:54:36 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2017 10:32:43 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.163_none_0c187ef99ee1d25a\MFC80U.DLL".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (02/03/2017 10:32:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: AutoKMS.exe, version: 2.6.1.0, time stamp: 0x57abad48
Faulting module name: KERNELBASE.dll, version: 10.0.14393.479, time stamp: 0x58256d13
Exception code: 0xe0434352
Fault offset: 0x000c24c2
Faulting process id: 0x10e0
Faulting application start time: 0x01d27e3f05f30a1b
Faulting application path: C:\Windows\AutoKMS\AutoKMS.exe
Faulting module path: C:\Windows\System32\KERNELBASE.dll
Report Id: debe19d2-211e-4fa8-bd22-7a94f2c5baf3
Faulting package full name: 
Faulting package-relative application ID:

Error: (02/03/2017 10:32:19 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: AutoKMS.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.UnauthorizedAccessException
   at System.IO.__Error.WinIOError(Int32, System.String)
   at System.IO.FileInfo.Delete()
   at ..(System.String)
   at ..()
   at ..(., System.String, Boolean, System.String, Int32, System.String, System.String, Boolean, Boolean, Boolean, Boolean, Boolean, Boolean, System.String, System.String)
   at ..(Boolean, System.String, Boolean, System.String, System.String, Boolean, Int32, Boolean, Boolean, Boolean, Boolean, System.String, ., System.String)
   at ..(.)
   at ..()


System errors:
=============
Error: (02/04/2017 09:51:22 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/04/2017 09:48:41 AM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (02/03/2017 10:38:56 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6ECQPQ)
Description: The server {DC4537C3-CA73-4AC7-9E1D-B2CE27C3A7A6} did not register with DCOM within the required timeout.

Error: (02/03/2017 10:38:56 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T6ECQPQ)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Error: (02/03/2017 10:38:54 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/03/2017 10:30:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 and APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/03/2017 10:29:59 PM) (Source: TPM) (EventID: 15) (User: )
Description: The device driver for the Trusted Platform Module (TPM) encountered a non-recoverable error in the TPM hardware, which prevents TPM services (such as data encryption) from being used. For further help, please contact the computer manufacturer.

Error: (02/03/2017 06:36:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.


CodeIntegrity:
===================================
  Date: 2016-12-17 13:19:36.718
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-12-17 13:19:36.607
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\aepic.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 90%
Total physical RAM: 2496.67 MB
Available physical RAM: 238.14 MB
Total Virtual: 10176.67 MB
Available Virtual: 6210.66 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:146 GB) (Free:102.32 GB) NTFS
Drive e: () (Fixed) (Total:488.28 GB) (Free:451.57 GB) NTFS
Drive f: () (Fixed) (Total:296.75 GB) (Free:237 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0A62826B)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=488.3 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=296.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Just a warning... Having P2P, cracked software, and web scrapers leaves the door wide open for infection to your PC. We're not here to provide support for such things; however, we will still do our best to assist you. However, it is not our responsibility to reinstall anything that is removed incidentally.


Nonetheless, I do not see anything revealing in the logs; however, it appears there is a technical issue with the side-by-side configuration and can be easily solved.

Here we go for the next steps...

Please download Malwarebytes' AdwCleaner onto your Desktop.

  • Double click on AdwCleaner_xxxx.exe to run the tool.
  • Click on Scan.
  • After done scanning, please hit Logfile. Locate the logfile in the Scan tab, double-click on it, copy the information inside of it, and paste it into your next reply.
  • You can find the logfile at C:\AdwCleaner[Sx].txt as well.





Tweaking.com - Windows Repair All-In-One (Portable)

- Download Windows Repair All-In-One (Portable Version) from here .

- Extract tweaking.com_windows_repair_aio.zip to your Desktop.

- Disable all your antivirus and antimalware software - see how to do that here .
- Right click on and select Run as Administrator (XP users just double click) to start Windows Repair All-In-One.
(Windows Vista/7/8 users: Accept UAC warning if it is enabled.)

- A window will appear. Click Step 2.


- Click the Open Pre-Scan button, then click Start Scan. Wait for Windows Repair to finish scanning.

- Depending on which error Windows Repair found, click Repair Reparse Point or Repair Environment Variable accordingly. When the button changes to "Done!", click the close button to return to Windows Repair.

- Go to Step 3, then click Check in the See If Check Disk Is Needed.

- If Windows Repair stated that errors are found, click Open Check Disk At Next Boot. Choose (/R) Fixes errors on the disk also locate bad sectors and recovers readable information, then click Add To Next Boot. Reboot the computer to let Windows check the disk.


- Go to Step 4, then click Do It.


- Go to Step 5. Under System Restore click Create.


- Go to Repairs and click Open Repairs. Leave all checkmarks as they are, then click Start Repairs.


- By default Windows Repair All-In-One will create a "Logs" folder in its folder on the Desktop. Please post the contents of the log in your next reply.

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
# AdwCleaner v6.043 - Logfile created 04/02/2017 at 14:26:18
# Updated on 27/01/2017 by Malwarebytes
# Database : 2017-02-03.2 [Server]
# Operating System : Windows 10 Pro  (X86)
# Username : DigiHead - DESKTOP-T6ECQPQ
# Running from : C:\Users\DigiHead\Downloads\adwcleaner_6.043.exe
# Mode: Scan
# Support : https://www.malwarebytes.com/support



***** [ Services ] *****

No malicious services found.


***** [ Folders ] *****

Folder Found:  C:\Users\DigiHead\AppData\Local\PackageAware
Folder Found:  C:\Program Files\ReviverSoft


***** [ Files ] *****

No malicious files found.


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

No malicious task found.


***** [ Registry ] *****

No malicious registry entries found.


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[S0].txt - [1081 Bytes] - [04/02/2017 14:26:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1154 Bytes] ##########

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
BTW Jay, Do i need to Post all the Logs(nearly 15)  or just on in particular??

System Performance has Improved but freezes as usual in multitasking.

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
No worried on the log for now... Let's do the following:

Remove the Adware

  • Please close all open programs and internet browsers.
  • Double click on adwcleaner_xxxx.exe to run the tool.
  • Press Scan, wait for it to finish, and then hit Clean.
  • Your computer will be rebooted automatically. If it does not, please reboot the computer manually.
  • Once it is restarted and you're back in Windows, double-click adwcleaner_xxxx.exe, hit "Logfile." On the Cleaning tab, double-click the latest logfile, copy the contents, and paste it into your next reply.
  • You can find the logfile at C:\AdwCleaner[Sx].txt as well.





Fix with Junkware Removal Tool

Please download Malwarebytes' Junkware Removal Tool and save the file to your desktop.

  • Right-click on the JRT.exe or Junkware Removal Tool icon and select Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.


Please include the contents of that file in your reply.

Please also manually reboot your machine after this procedure.




ESET SCANNER:

  • Please visit the ESET Online Scanner website
  • Click the SCAN NOW button to download the esetonlinescanner_enu.exe file to the Desktop
  • Double click esetonlinescanner_enu.exe. Accept the Terms of Use
  • Select Enable detection of potentially unwanted applications
  • In Advanced Settings: make sure that Clean threats automatically is unchecked
  • And Enable detection of potentially unsafe applications, Enable detection of suspicious applications, Scan archives, and Enable Anti-Stealth technology are all checked.
  • Click Scan
  • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
  • When completed, the program will begin to scan. This may take several hours. Please, be patient.
  • Do not do anything on your machine as it may interrupt the scan.
  • When completed it'll show a list of "Threats found", click beneath it on Save to text file.... and save it as ESET log.txt on your Desktop.
  • Then click Do not clean. Place a checkmark at Delete application's data on close, click Finish and close the program.
  • Please copy and paste the log it generated (the one you just saved on your Desktop) here.

Don't forget to re-enable previously switched-off protection software!

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Thanks Dr. Jay, Been Using the laptop for some time after a restart, Works like a charm, will still reply with the Logs. Thanks again ...

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Excellent... Yeah, doing the final scans should be able to really boost the computer.. Smile...

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Yes Jay, Things are well now... You may Mark it as Solved.

Thanks and Great Day !!!

descriptionSolvedRe: Laptop Slow, No SMART HDD ERRORS

more_horiz
Permissions in this forum:
You cannot reply to topics in this forum