Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Problem with AVG blocking Exploit Fake Flash Player (type 82)
Message
<blockquote data-quote="Ken Carrothers" data-source="post: 413320" data-attributes="member: 38508"><p>Hi and thanks for the prompt response to my appeal for assistance, I just hope my computer ability is sufficient to follow your requests and advice.</p><p></p><p>Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015</p><p>Ran by alan (administrator) on VAIO on 22-07-2015 06:39:15</p><p>Running from C:\Users\alan\Downloads</p><p>Loaded Profiles: alan (Available Profiles: alan)</p><p>Platform: Windows 8.1 (X64) OS Language: English (United States)</p><p>Internet Explorer Version 11 (Default browser: Opera)</p><p>Boot Mode: Normal</p><p>Tutorial for Farbar Recovery Scan Tool: <a href="http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/" target="_blank">http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/</a></p><p></p><p>==================== Processes (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)</p><p></p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe</p><p>(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxCUIService.exe</p><p>(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe</p><p>(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe</p><p>(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe</p><p>(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dasHost.exe</p><p>(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe</p><p>() C:\Program Files (x86)\Knowhow Cloud\VSSService.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe</p><p>(Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\VPNService.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe</p><p>(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe</p><p>(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe</p><p>(Microsoft Corporation) C:\Windows\System32\vds.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe</p><p>(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe</p><p>(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe</p><p>(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe</p><p>(Microsoft Corporation) C:\Windows\System32\dllhost.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe</p><p>(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxEM.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxHK.exe</p><p>(Intel Corporation) C:\Windows\System32\igfxTray.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe</p><p>(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe</p><p>(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe</p><p>(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe</p><p>(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe</p><p>(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe</p><p>() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe</p><p>(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe</p><p>(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe</p><p>(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE</p><p>(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe</p><p>(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe</p><p>(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe</p><p>(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe</p><p>(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe</p><p>(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p>(Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe</p><p></p><p></p><p>==================== Registry (Whitelisted) ==================</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)</p><p></p><p>HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-18] (Realtek Semiconductor)</p><p>HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe</p><p>HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe</p><p>HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)</p><p>HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Qualcomm Atheros Commnucations)</p><p>HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-28] (Intel Corporation)</p><p>HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)</p><p>HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)</p><p>HKLM-x32\...\Run: [Intel AT Service signup] => c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation)</p><p>HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)</p><p>HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)</p><p>HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)</p><p>HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited)</p><p>HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)</p><p>HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5214632 2015-07-03] (AVG Technologies CZ, s.r.o.)</p><p>HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)</p><p>HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\Run: [Livedrive] => C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe [3497632 2013-11-29] (DSG Retail Limited)</p><p>HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22035560 2014-08-27] (Skype Technologies S.A.)</p><p>Startup: C:\Users\alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2014-09-29]</p><p>ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)</p><p>Startup: C:\Users\alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2013-04-09]</p><p>ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)</p><p>SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)</p><p>SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)</p><p>ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)</p><p>ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd)</p><p>ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd)</p><p>ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd)</p><p>ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd)</p><p>ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)</p><p>CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION</p><p></p><p>==================== Internet (Whitelisted) ====================</p><p></p><p>(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)</p><p></p><p>SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = </p><p>SearchScopes: HKU\S-1-5-21-2643011527-16499615-3103602312-1001 -> {537620BC-003C-4C77-A1E6-E6B5B0A5D288} URL = <a href="http://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=http://shop.ebay.co.uk/?oemInLn=ieSrch-Q312&_nkw={searchTerms}" target="_blank">http://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=http://shop.ebay.co.uk/?oemInLn=ieSrch-Q312&_nkw={searchTerms}</a></p><p>BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2013-04-02] (Microsoft Corporation)</p><p>BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-09] (Qualcomm Atheros Commnucations)</p><p>BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2013-04-02] (Microsoft Corporation)</p><p>BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-04-02] (Microsoft Corporation)</p><p>BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)</p><p>BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2013-04-02] (Microsoft Corporation)</p><p>BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)</p><p>Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2013-04-02] (Microsoft Corporation)</p><p>Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254</p><p>Tcpip\..\Interfaces\{2066C8ED-4CF8-48A9-AB9D-C38BB5D8024C}: [DhcpNameServer] 192.168.1.254</p><p>Tcpip\..\Interfaces\{C646BB03-C794-4931-B733-E30B696B74C2}: [DhcpNameServer] 192.168.1.254 192.168.1.254</p><p></p><p>FireFox:</p><p>========</p><p>FF ProfilePath: C:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\4mhhn669.default</p><p>FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-22] (Oracle Corporation)</p><p>FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)</p><p>FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()</p><p>FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)</p><p>FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)</p><p>FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2012-10-22] (Oracle Corporation)</p><p>FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll No File</p><p>FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)</p><p>FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)</p><p>FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-04-02] (Microsoft Corporation)</p><p>FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2013-04-03] ()</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)</p><p>FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)</p><p>FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] ()</p><p>FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)</p><p>FF HKLM-x32\...\Thunderbird\Extensions: [<a href="mailto:msktbird@mcafee.com">msktbird@mcafee.com</a>] - C:\Program Files\McAfee\MSK</p><p>FF Extension: No Name - C:\Program Files\McAfee\MSK [2012-10-22]</p><p></p><p>Chrome: </p><p>=======</p><p>CHR Profile: C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default</p><p>CHR Extension: (Google Docs) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-30]</p><p>CHR Extension: (Google Drive) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-30]</p><p>CHR Extension: (OkayFreedom) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2013-05-31]</p><p>CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-03]</p><p>CHR Extension: (YouTube) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-30]</p><p>CHR Extension: (Google Search) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-30]</p><p>CHR Extension: (Google Wallet) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]</p><p>CHR Extension: (Gmail) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-30]</p><p>CHR HKU\S-1-5-21-2643011527-16499615-3103602312-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - <a href="https://clients2.google.com/service/update2/crx" target="_blank">https://clients2.google.com/service/update2/crx</a></p><p>CHR HKU\S-1-5-21-2643011527-16499615-3103602312-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bckipplcmnfhblnpibpbehenelnkpecd] - C:\Program Files (x86)\OkayFreedom\okayfreedom.crx [2013-04-26]</p><p></p><p>Opera: </p><p>=======</p><p>StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe</p><p></p><p>==================== Services (Whitelisted) =================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations) [File not signed]</p><p>R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2015-07-03] (AVG Technologies CZ, s.r.o.)</p><p>R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-03] (AVG Technologies CZ, s.r.o.)</p><p>R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-03] (AVG Technologies CZ, s.r.o.)</p><p>R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited) [File not signed]</p><p>S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation)</p><p>S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)</p><p>S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-28] (Intel Corporation) [File not signed]</p><p>R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)</p><p>R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)</p><p>R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)</p><p>R2 LivedriveVSSService; C:\Program Files (x86)\Knowhow Cloud\VSSService.exe [210592 2013-11-29] ()</p><p>S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)</p><p>S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.)</p><p>S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)</p><p>R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1860264 2013-02-21] (Microsoft Corporation)</p><p>R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\VPNService.exe [303344 2013-05-02] (Steganos Software GmbH)</p><p>R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)</p><p>R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2222360 2015-06-02] (IBM Corp.)</p><p>R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc)</p><p>R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)</p><p>S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)</p><p>R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)</p><p>S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)</p><p>S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)</p><p>R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros) [File not signed]</p><p></p><p>==================== Drivers (Whitelisted) ====================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)</p><p>R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)</p><p>R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)</p><p>R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.)</p><p>R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.)</p><p>R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.)</p><p>R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.)</p><p>R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.)</p><p>R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)</p><p>R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [287208 2015-05-27] (AVG Technologies CZ, s.r.o.)</p><p>S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)</p><p>S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)</p><p>S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation)</p><p>R1 CbFs; C:\Windows\system32\drivers\cbfs.sys [191960 2010-02-16] (EldoS Corporation)</p><p>R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)</p><p>R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)</p><p>S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)</p><p>R1 RapportCerberus_1412112; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys [917112 2015-06-18] (IBM Corp.)</p><p>R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [485368 2015-06-02] (IBM Corp.)</p><p>R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [121432 2015-06-02] (IBM Corp.)</p><p>R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [376184 2015-06-02] (IBM Corp.)</p><p>R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [480440 2015-06-02] (IBM Corp.)</p><p>R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)</p><p>S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-05] ()</p><p>R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)</p><p>R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)</p><p>S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)</p><p>U3 aswMBR; \??\C:\Users\alan\AppData\Local\Temp\aswMBR.sys [X]</p><p></p><p>==================== NetSvcs (Whitelisted) ===================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p></p><p>==================== One Month Created files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2015-07-22 06:38 - 2015-07-22 06:38 - 00000000 ____D C:\Users\alan\Downloads\FRST-OlderVersion</p><p>2015-07-22 06:21 - 2015-07-22 06:21 - 00074703 _____ C:\WINDOWS\SysWOW64\mfc45.dll</p><p>2015-07-22 06:20 - 2015-07-22 06:20 - 00000000 ____D C:\Users\alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software</p><p>2015-07-21 22:51 - 2015-07-21 22:51 - 00001786 _____ C:\Users\alan\Desktop\aswMBR.txt</p><p>2015-07-21 22:51 - 2015-07-21 22:51 - 00000512 _____ C:\Users\alan\Desktop\MBR.dat</p><p>2015-07-21 22:49 - 2015-07-21 22:49 - 04745728 _____ (AVAST Software) C:\Users\alan\Downloads\aswMBR.exe</p><p>2015-07-21 22:34 - 2015-07-21 22:34 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208 (3).exe</p><p>2015-07-21 22:27 - 2015-07-21 22:27 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208 (2).exe</p><p>2015-07-21 21:35 - 2015-07-21 21:35 - 11032736 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64 (3).exe</p><p>2015-07-21 21:04 - 2015-07-21 21:33 - 00000000 ____D C:\ProgramData\HitmanPro</p><p>2015-07-21 21:04 - 2015-07-21 21:05 - 11032736 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64 (2).exe</p><p>2015-07-21 21:03 - 2015-07-21 21:04 - 09741664 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64 (1).exe</p><p>2015-07-21 21:02 - 2015-07-21 21:02 - 11032736 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64.exe</p><p>2015-07-21 20:39 - 2015-07-21 20:39 - 01798288 _____ (Malwarebytes Corporation) C:\Users\alan\Downloads\JRT (1).exe</p><p>2015-07-21 20:28 - 2015-07-21 20:28 - 01798288 _____ (Malwarebytes Corporation) C:\Users\alan\Downloads\JRT.exe</p><p>2015-07-21 20:25 - 2015-07-21 20:25 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208 (1).exe</p><p>2015-07-21 20:11 - 2015-07-21 20:11 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208.exe</p><p>2015-07-21 20:00 - 2015-07-21 20:00 - 00003172 _____ C:\WINDOWS\System32\Tasks\{27C80A67-26B9-4E66-B266-715456BD1336}</p><p>2015-07-21 18:44 - 2015-07-22 06:37 - 00000003 _____ C:\Users\alan\Downloads\Addition.txt</p><p>2015-07-21 18:43 - 2015-07-22 06:39 - 00025577 _____ C:\Users\alan\Downloads\FRST.txt</p><p>2015-07-21 18:39 - 2015-07-22 06:39 - 00000000 ____D C:\FRST</p><p>2015-07-21 18:39 - 2015-07-22 06:38 - 02135552 _____ (Farbar) C:\Users\alan\Downloads\FRST64.exe</p><p>2015-07-21 18:22 - 2015-07-21 18:22 - 00000241 _____ C:\Users\alan\Desktop\Preparation Guide Before Requesting Malware Removal Help malwaretips.com.url</p><p>2015-07-21 17:26 - 2015-07-21 20:41 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys</p><p>2015-07-21 17:26 - 2015-07-21 17:26 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk</p><p>2015-07-21 17:26 - 2015-07-21 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware</p><p>2015-07-21 17:26 - 2015-07-21 17:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware</p><p>2015-07-21 17:26 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys</p><p>2015-07-21 17:26 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys</p><p>2015-07-21 17:26 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys</p><p>2015-07-21 17:24 - 2015-07-21 17:24 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\alan\Downloads\mbam-setup-2.1.8.1057 (2).exe</p><p>2015-07-21 17:23 - 2015-07-21 17:24 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\alan\Downloads\mbam-setup-2.1.8.1057 (1).exe</p><p>2015-07-21 17:23 - 2015-07-21 17:23 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\alan\Downloads\mbam-setup-2.1.8.1057.exe</p><p>2015-07-21 15:47 - 2015-07-14 15:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll</p><p>2015-07-21 15:47 - 2015-07-14 15:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll</p><p>2015-07-21 15:47 - 2015-07-14 15:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll</p><p>2015-07-21 15:47 - 2015-07-14 15:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll</p><p>2015-07-18 14:21 - 2015-07-18 14:21 - 00000185 _____ C:\Users\alan\Desktop\Etsy.url</p><p>2015-07-18 00:19 - 2015-06-29 23:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe</p><p>2015-07-18 00:19 - 2015-06-29 16:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll</p><p>2015-07-18 00:19 - 2015-06-29 16:07 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll</p><p>2015-07-18 00:19 - 2015-06-29 16:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll</p><p>2015-07-18 00:19 - 2015-06-29 16:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll</p><p>2015-07-18 00:19 - 2015-06-29 16:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll</p><p>2015-07-18 00:19 - 2015-06-27 00:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll</p><p>2015-07-18 00:19 - 2015-06-27 00:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll</p><p>2015-07-15 20:23 - 2015-06-25 03:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys</p><p>2015-07-15 20:23 - 2015-05-07 16:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll</p><p>2015-07-15 20:23 - 2015-05-07 16:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll</p><p>2015-07-15 20:23 - 2015-05-03 01:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll</p><p>2015-07-15 20:23 - 2015-04-30 00:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll</p><p>2015-07-15 20:22 - 2015-06-28 06:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll</p><p>2015-07-15 20:22 - 2015-06-28 06:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys</p><p>2015-07-15 20:22 - 2015-06-28 06:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll</p><p>2015-07-15 20:22 - 2015-06-28 06:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll</p><p>2015-07-15 20:22 - 2015-06-27 17:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll</p><p>2015-07-15 20:22 - 2015-06-27 04:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys</p><p>2015-07-15 20:22 - 2015-06-27 04:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys</p><p>2015-07-15 20:22 - 2015-06-27 04:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys</p><p>2015-07-15 20:22 - 2015-06-27 03:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll</p><p>2015-07-15 20:22 - 2015-06-27 03:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll</p><p>2015-07-15 20:22 - 2015-06-27 03:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll</p><p>2015-07-15 20:22 - 2015-06-27 02:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll</p><p>2015-07-15 20:22 - 2015-06-27 02:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll</p><p>2015-07-15 20:22 - 2015-06-15 23:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe</p><p>2015-07-15 20:22 - 2015-06-15 23:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll</p><p>2015-07-15 20:22 - 2015-06-15 22:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe</p><p>2015-07-15 20:22 - 2015-06-15 22:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll</p><p>2015-07-15 20:22 - 2015-06-15 21:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll</p><p>2015-07-15 20:22 - 2015-06-15 20:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll</p><p>2015-07-15 20:21 - 2015-05-30 22:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll</p><p>2015-07-15 20:21 - 2015-05-30 20:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll</p><p>2015-07-15 20:21 - 2015-05-30 20:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll</p><p>2015-07-15 18:38 - 2015-07-09 20:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe</p><p>2015-07-15 18:38 - 2015-07-09 19:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll</p><p>2015-07-15 18:38 - 2015-07-09 17:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe</p><p>2015-07-15 18:38 - 2015-07-09 16:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe</p><p>2015-07-15 18:38 - 2015-07-09 16:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll</p><p>2015-07-15 18:38 - 2015-07-09 16:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll</p><p>2015-07-15 18:38 - 2015-06-27 04:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll</p><p>2015-07-15 18:38 - 2015-06-27 04:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll</p><p>2015-07-15 18:38 - 2015-06-27 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll</p><p>2015-07-15 13:08 - 2015-06-15 23:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll</p><p>2015-07-15 13:08 - 2015-06-15 23:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll</p><p>2015-07-15 13:08 - 2015-06-15 23:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll</p><p>2015-07-15 13:08 - 2015-06-15 23:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll</p><p>2015-07-15 13:08 - 2015-06-15 23:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx</p><p>2015-07-15 13:08 - 2015-06-15 22:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl</p><p>2015-07-15 13:08 - 2015-06-15 22:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll</p><p>2015-07-15 13:08 - 2015-06-15 22:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx</p><p>2015-07-15 13:08 - 2015-06-15 21:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl</p><p>2015-07-15 13:08 - 2015-06-15 21:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll</p><p>2015-07-15 13:08 - 2015-06-15 21:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll</p><p>2015-07-15 13:07 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll</p><p>2015-07-15 13:07 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll</p><p>2015-07-15 13:07 - 2015-05-11 19:17 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys</p><p>2015-07-15 13:07 - 2015-05-11 17:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll</p><p>2015-07-15 13:07 - 2015-05-07 18:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll</p><p>2015-07-15 13:07 - 2015-05-07 18:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll</p><p>2015-07-15 13:07 - 2015-05-07 17:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll</p><p>2015-07-15 13:07 - 2015-05-07 17:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll</p><p>2015-07-15 13:07 - 2015-05-03 16:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll</p><p>2015-07-15 13:07 - 2015-05-03 15:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll</p><p>2015-07-15 13:07 - 2015-05-03 15:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll</p><p>2015-07-15 13:07 - 2015-05-03 15:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll</p><p>2015-07-15 13:07 - 2015-04-25 03:25 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys</p><p>2015-07-15 13:07 - 2015-04-25 03:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys</p><p>2015-07-15 13:07 - 2015-04-23 18:01 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys</p><p>2015-07-15 13:07 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys</p><p>2015-07-15 13:07 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys</p><p>2015-07-15 13:07 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys</p><p>2015-07-15 13:07 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys</p><p>2015-07-15 13:07 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys</p><p>2015-07-15 13:07 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys</p><p>2015-07-15 13:06 - 2015-07-02 22:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll</p><p>2015-07-15 13:06 - 2015-07-02 21:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll</p><p>2015-07-15 13:06 - 2015-07-02 21:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll</p><p>2015-07-15 13:06 - 2015-07-02 21:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll</p><p>2015-07-15 13:06 - 2015-07-02 21:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll</p><p>2015-07-15 13:06 - 2015-07-02 20:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll</p><p>2015-07-15 13:06 - 2015-07-02 20:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll</p><p>2015-07-15 13:06 - 2015-07-02 19:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll</p><p>2015-07-15 13:06 - 2015-07-01 23:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll</p><p>2015-07-15 13:06 - 2015-07-01 22:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll</p><p>2015-07-15 13:06 - 2015-05-12 14:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll</p><p>2015-07-15 13:06 - 2015-04-28 14:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls</p><p>2015-07-15 13:06 - 2015-04-28 14:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls</p><p>2015-07-15 13:05 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll</p><p>2015-07-15 13:05 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll</p><p>2015-07-15 13:05 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll</p><p>2015-07-15 13:05 - 2015-05-03 16:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll</p><p>2015-07-15 13:05 - 2015-05-03 15:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll</p><p>2015-07-15 13:05 - 2015-05-02 00:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml</p><p>2015-07-15 13:05 - 2015-04-23 16:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll</p><p>2015-07-15 13:05 - 2015-04-23 16:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll</p><p>2015-07-07 17:50 - 2015-07-07 17:50 - 00000214 ____H C:\Users\alan\.swfinfo</p><p>2015-07-02 13:35 - 2015-07-02 13:35 - 00000180 _____ C:\Users\alan\Desktop\Aqua Card.url</p><p>2015-06-29 21:07 - 2015-06-29 21:07 - 00000247 _____ C:\Users\alan\Desktop\Splice loops in solid braid 100% knot strength. Fishing - Fishwrecked.com - Fishing WA. Fishing Photos & Videos.url</p><p>2015-06-29 20:31 - 2015-06-29 20:31 - 00000172 _____ C:\Users\alan\Desktop\skate & shark wind-on leaders & traces Photo gallery - Sea fishing Forums • Sea fishing Forums.url</p><p>2015-06-25 10:10 - 2015-06-25 10:10 - 00000000 ____D C:\Program Files\Common Files\AV</p><p>2015-06-22 19:11 - 2015-06-22 19:11 - 01028421 _____ C:\Users\alan\Downloads\Post Receipt 22 June 2015.zip</p><p>2015-06-22 19:09 - 2015-06-22 19:09 - 00378972 _____ C:\Users\alan\Downloads\Post_Receipt_22_June_2015.zip</p><p></p><p>==================== One Month Modified files and folders ========</p><p></p><p>(If an entry is included in the fixlist, the file/folder will be moved.)</p><p></p><p>2015-07-22 06:28 - 2015-01-21 20:50 - 02022061 _____ C:\WINDOWS\WindowsUpdate.log</p><p>2015-07-22 06:23 - 2015-01-21 21:47 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2643011527-16499615-3103602312-1001</p><p>2015-07-22 06:23 - 2014-03-22 19:01 - 00000000 ____D C:\ProgramData\MFAData</p><p>2015-07-22 06:21 - 2015-01-25 13:30 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{75CD5B13-09BB-4F3A-BB43-96B154377792}</p><p>2015-07-22 06:19 - 2013-03-29 10:30 - 00000000 ____D C:\Users\alan\AppData\Roaming\Skype</p><p>2015-07-22 06:18 - 2015-01-21 21:42 - 00000000 ___RD C:\Users\alan\OneDrive</p><p>2015-07-22 06:18 - 2014-10-21 23:46 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job</p><p>2015-07-22 06:17 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru</p><p>2015-07-21 23:12 - 2014-10-21 23:46 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job</p><p>2015-07-21 22:31 - 2013-08-22 15:46 - 00312665 _____ C:\WINDOWS\setupact.log</p><p>2015-07-21 22:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT</p><p>2015-07-21 22:31 - 2013-08-22 14:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI</p><p>2015-07-21 22:30 - 2014-09-06 10:28 - 00000000 ____D C:\AdwCleaner</p><p>2015-07-21 20:23 - 2013-08-22 15:44 - 00507424 _____ C:\WINDOWS\system32\FNTCACHE.DAT</p><p>2015-07-21 18:29 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp</p><p>2015-07-21 17:54 - 2014-11-21 09:34 - 00006940 _____ C:\WINDOWS\PFRO.log</p><p>2015-07-21 17:26 - 2014-09-06 10:46 - 00000000 ____D C:\ProgramData\Malwarebytes</p><p>2015-07-21 14:12 - 2015-05-21 18:16 - 00000000 ____D C:\Users\alan\AppData\Roaming\TVMC</p><p>2015-07-21 13:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness</p><p>2015-07-21 12:52 - 2015-04-10 08:55 - 00497152 ___SH C:\Users\alan\Desktop\Thumbs.db</p><p>2015-07-20 00:21 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache</p><p>2015-07-19 05:37 - 2015-01-29 09:56 - 00000000 ____D C:\WINDOWS\system32\appraiser</p><p>2015-07-19 05:37 - 2014-11-21 16:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel</p><p>2015-07-19 05:37 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData</p><p>2015-07-19 05:37 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore</p><p>2015-07-17 13:17 - 2013-07-17 10:37 - 00000000 ____D C:\WINDOWS\system32\MRT</p><p>2015-07-17 13:17 - 2013-04-04 13:02 - 00000000 ____D C:\ProgramData\Microsoft Help</p><p>2015-07-17 13:11 - 2015-04-06 11:06 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX</p><p>2015-07-17 13:11 - 2015-04-06 11:06 - 00000000 ___SD C:\WINDOWS\system32\GWX</p><p>2015-07-16 21:06 - 2013-04-03 15:54 - 00000000 ____D C:\Users\alan\AppData\Local\Microsoft Help</p><p>2015-07-16 10:07 - 2014-10-21 23:46 - 00003888 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA</p><p>2015-07-16 10:07 - 2014-10-21 23:46 - 00003652 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore</p><p>2015-07-15 20:22 - 2013-04-04 16:52 - 00000000 ____D C:\Users\alan\AppData\Local\Adobe</p><p>2015-07-15 12:52 - 2015-06-09 12:12 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 30.lnk</p><p>2015-07-15 12:52 - 2014-09-06 15:00 - 00003822 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1410012020</p><p>2015-07-15 12:52 - 2014-09-06 15:00 - 00000000 ____D C:\Program Files (x86)\Opera</p><p>2015-07-15 12:47 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM</p><p>2015-07-13 22:10 - 2014-11-21 17:03 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe</p><p>2015-07-13 22:10 - 2014-11-21 17:03 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl</p><p>2015-07-10 10:49 - 2014-03-31 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG</p><p>2015-07-07 17:50 - 2015-01-21 20:53 - 00000000 ____D C:\Users\alan</p><p>2015-07-03 08:43 - 2013-03-30 04:02 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe</p><p>2015-06-23 18:59 - 2014-11-21 09:44 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI</p><p></p><p>==================== Files in the root of some directories =======</p><p></p><p>2013-04-09 22:47 - 2014-09-11 09:08 - 0002496 _____ () C:\Users\alan\AppData\Roaming\Rim.Desktop.Exception.log</p><p>2013-04-09 22:46 - 2013-04-09 22:46 - 0001111 _____ () C:\Users\alan\AppData\Roaming\Rim.Desktop.HttpServerSetup.log</p><p>2013-04-09 22:47 - 2014-09-11 09:08 - 0000539 _____ () C:\Users\alan\AppData\Roaming\Rim.DesktopHelper.Exception.log</p><p>2013-06-24 17:58 - 2013-06-24 17:58 - 0006144 _____ () C:\Users\alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini</p><p>2013-06-04 16:11 - 2013-06-04 16:11 - 0000049 _____ () C:\Users\alan\AppData\Local\mm-device-08.ini</p><p>2013-07-29 10:37 - 2013-07-29 10:37 - 0000057 _____ () C:\ProgramData\Ament.ini</p><p>ZeroAccess:</p><p>C:\Program Files (x86)\Google\Desktop\Install</p><p></p><p>Some files in TEMP:</p><p>====================</p><p>C:\Users\alan\AppData\Local\Temp\HitmanPro_x64 (2).exe</p><p>C:\Users\alan\AppData\Local\Temp\Quarantine.exe</p><p>C:\Users\alan\AppData\Local\Temp\sqlite3.dll</p><p></p><p></p><p>==================== Bamital & volsnap Check =================</p><p></p><p>(There is no automatic fix for files that do not pass verification.)</p><p></p><p>C:\Windows\System32\winlogon.exe => File is digitally signed</p><p>C:\Windows\System32\wininit.exe => File is digitally signed</p><p>C:\Windows\explorer.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\explorer.exe => File is digitally signed</p><p>C:\Windows\System32\svchost.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\svchost.exe => File is digitally signed</p><p>C:\Windows\System32\services.exe => File is digitally signed</p><p>C:\Windows\System32\User32.dll => File is digitally signed</p><p>C:\Windows\SysWOW64\User32.dll => File is digitally signed</p><p>C:\Windows\System32\userinit.exe => File is digitally signed</p><p>C:\Windows\SysWOW64\userinit.exe => File is digitally signed</p><p>C:\Windows\System32\rpcss.dll => File is digitally signed</p><p>C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed</p><p></p><p></p><p>LastRegBack: 2015-07-21 21:15</p><p></p><p>==================== End of log ============================</p><p></p><p>Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015</p><p>Ran by alan at 2015-07-22 06:40:07</p><p>Running from C:\Users\alan\Downloads</p><p>Boot Mode: Normal</p><p>==========================================================</p><p></p><p></p><p>==================== Accounts: =============================</p><p></p><p>Administrator (S-1-5-21-2643011527-16499615-3103602312-500 - Administrator - Disabled)</p><p>alan (S-1-5-21-2643011527-16499615-3103602312-1001 - Administrator - Enabled) => C:\Users\alan</p><p>Guest (S-1-5-21-2643011527-16499615-3103602312-501 - Limited - Disabled)</p><p>HomeGroupUser$ (S-1-5-21-2643011527-16499615-3103602312-1003 - Limited - Enabled)</p><p></p><p>==================== Security Center ========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed.)</p><p></p><p>AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AV: AVG Internet Security 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}</p><p>AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}</p><p>AS: AVG Internet Security 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}</p><p>FW: AVG Internet Security 2014 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}</p><p></p><p>==================== Installed Programs ======================</p><p></p><p>(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)</p><p></p><p>ACDSee Free (HKLM-x32\...\ACDSee Free) (Version: 1.1.21 - ACD Systems International Inc.)</p><p>Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)</p><p>Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)</p><p>Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)</p><p>Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)</p><p>AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4821 - AVG Technologies)</p><p>AVG 2014 (Version: 14.0.4365 - AVG Technologies) Hidden</p><p>AVG 2014 (Version: 14.0.4821 - AVG Technologies) Hidden</p><p>Behind The Reflection 2: Witch's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden</p><p>BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.)</p><p>BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden</p><p>BlackBerry Device Software Updater (HKLM-x32\...\{9CC0C9F6-CEA7-49D5-BE86-CF236C7621AA}) (Version: 7.1.0.84 - Research In Motion Ltd)</p><p>Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)</p><p>Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - )</p><p>CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - )</p><p>Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)</p><p>Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>Golden Trails 2: The Lost Legacy Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>Google Chrome (HKLM-x32\...\{54DF35BD-4A36-35DA-B029-A0C083C88614}) (Version: 10.2.35021 - Google, Inc.)</p><p>Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)</p><p>Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden</p><p>Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden</p><p>Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)</p><p>HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard)</p><p>HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)</p><p>HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)</p><p>HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden</p><p>Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel)</p><p>Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)</p><p>Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)</p><p>Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)</p><p>Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)</p><p>Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)</p><p>Intel® AT Service signup (HKLM-x32\...\{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}) (Version: 2.0.0.3 - Intel Corporation)</p><p>iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)</p><p>Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)</p><p>Knowhow Cloud (HKLM\...\{FE24E834-46AF-4B4C-B09B-921784B4EE45}) (Version: 2.0.6 - DSG Retail Limited)</p><p>KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>Lost Souls 2: Enchanted Paintings Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden</p><p>Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden</p><p>Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)</p><p>Memory-Map European Edition (HKLM-x32\...\{3724743C-C279-4ACA-A451-56479745208A}) (Version: 5.4.2 - Memory-Map)</p><p>Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)</p><p>Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)</p><p>Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)</p><p>Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4454.1513 - Microsoft Corporation)</p><p>Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)</p><p>Microsoft SkyDrive (HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)</p><p>Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)</p><p>Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)</p><p>Midnight Mysteries: Devil on the Mississippi (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)</p><p>Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)</p><p>My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden</p><p>MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom)</p><p>Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden</p><p>Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1513 - Microsoft Corporation) Hidden</p><p>Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1513 - Microsoft Corporation) Hidden</p><p>Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1513 - Microsoft Corporation) Hidden</p><p>OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.0.9 - Steganos Software GmbH)</p><p>Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA)</p><p>Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)</p><p>PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)</p><p>Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)</p><p>Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.212 - Qualcomm Atheros Communications)</p><p>Rapport (x32 Version: 3.5.1412.176 - Trusteer) Hidden</p><p>Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)</p><p>Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)</p><p>Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>Safari (HKLM-x32\...\{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}) (Version: 5.33.19.4 - Apple Inc.)</p><p>Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)</p><p>Skype™ 6.20 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.20.104 - Skype Technologies S.A.)</p><p>SRWare Iron version SRWare Iron 36.0.1950.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 36.0.1950.0 - SRWare)</p><p>SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden</p><p>SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden</p><p>Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.31 - Stardock Software, Inc.)</p><p>Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)</p><p>TrackLogs Digital Mapping v3 (HKLM-x32\...\{8B603C7C-2F53-429F-BEA7-7C4CA143E691}) (Version: 3.15.01 - TrackLogs)</p><p>Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer)</p><p>TVMC (HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\TVMC) (Version: - TVADDONS.ag)</p><p>Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)</p><p>Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden</p><p>VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.2.11280 - Sony Corporation)</p><p>VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)</p><p>VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)</p><p>VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)</p><p>VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)</p><p>VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)</p><p>VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden</p><p>VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)</p><p>VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)</p><p>VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden</p><p>VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)</p><p>VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden</p><p>VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)</p><p>VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)</p><p>VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.0.08240 - Sony Corporation)</p><p>VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)</p><p>VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden</p><p>VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden</p><p>VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)</p><p>VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)</p><p>VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden</p><p>VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)</p><p>Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)</p><p>Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)</p><p>VIx64 (Version: 1.0.0 - Sony Corporation) Hidden</p><p>VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden</p><p>VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden</p><p>VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden</p><p>VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden</p><p>VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden</p><p>VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden</p><p>VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden</p><p>VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden</p><p>VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p>WildTangent Games (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent)</p><p>WildTangent Games App (x32 Version: 4.0.8.7 - WildTangent) Hidden</p><p>XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden</p><p></p><p>==================== Custom CLSID (Whitelisted): ==========================</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\SkyDriveShell64.dll (Microsoft Corporation)</p><p>CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\FileSyncApi64.dll (Microsoft Corporation)</p><p></p><p>==================== Restore Points =========================</p><p></p><p>01-07-2015 18:36:35 Scheduled Checkpoint</p><p>08-07-2015 18:53:14 Scheduled Checkpoint</p><p>17-07-2015 13:09:07 Windows Update</p><p>21-07-2015 18:28:20 Windows Update</p><p></p><p>==================== Hosts content: ===============================</p><p></p><p>(If needed Hosts: directive could be included in the fixlist to reset Hosts.)</p><p></p><p>2012-07-26 06:26 - 2013-09-02 07:04 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts</p><p>127.0.0.1 localhost</p><p></p><p>==================== Scheduled Tasks (Whitelisted) =============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>Task: {05B17CD9-1F11-465E-8311-F3E4B6E7DF91} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)</p><p>Task: {1A746A40-D438-4D6A-A759-F85FDD074641} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"</p><p>Task: {209E52B2-7C97-4B57-B676-C702B3C5838A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {2D94AA44-C67F-4B6C-9D2E-755550481343} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {2EB6C5C3-44B7-4180-9AC2-5682145204E5} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {3B5C8CE9-57E4-42C9-807C-E47371B64CC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)</p><p>Task: {4082161F-6FBA-425D-84F2-529D1F99DC08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-04-02] (Microsoft Corporation)</p><p>Task: {439B6FAC-3876-4A33-8BD6-A8335262D754} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)</p><p>Task: {52DD103F-953A-4932-AC23-4C276DF47272} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)</p><p>Task: {54B10C30-6809-4A0E-9DF0-9D626D037A1E} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)</p><p>Task: {552B5301-1BCA-4B9A-B626-329E69965C57} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-02-21] (Microsoft Corporation)</p><p>Task: {5E18AC76-9806-49B1-8864-575856ED67C5} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {6087A3A7-F52C-4465-B282-756B5760B7C6} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-29] (Sony Corporation)</p><p>Task: {65C5FAD7-8A56-4C43-A0AF-208B7D6540DF} - System32\Tasks\{27C80A67-26B9-4E66-B266-715456BD1336} => pcalua.exe -a C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe -c -maintain pepperplugin</p><p>Task: {694C9E35-C23D-4A27-96FA-E2663C24164C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)</p><p>Task: {6CC720EB-5B61-47EB-97E2-EA9B47BEC513} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe</p><p>Task: {6DE2BC2D-F196-4CB0-A76D-F679473C90D5} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)</p><p>Task: {6EF106D3-3CE7-49B7-9020-CFD6183BBF4D} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {745E151B-D881-486B-97BD-2A82C746215A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)</p><p>Task: {76A1FF70-2AEB-49FE-8BD8-ACACF8CBF62D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {79C2902F-9169-4853-8A7E-E44EA9882EB2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated)</p><p>Task: {A983D89E-119A-4EDF-A985-44CC7AE1F2C6} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)</p><p>Task: {AA2C9788-9A6C-4920-B441-E45BB7D1CA64} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {AECDEA9E-0DFF-466F-BFF6-703E7C5907C0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {B7BC98F2-5FC0-42AB-AFBC-B87CF2D3F5FC} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {BB69C25A-334D-4F98-8B4B-2D271FB03388} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)</p><p>Task: {C2BDA618-9883-497E-AF41-4EF8388957B6} - System32\Tasks\Opera scheduled Autoupdate 1410012020 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)</p><p>Task: {CB06F6E4-15E7-4FBD-A1E1-E5EE10D9AC29} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-04-02] (Microsoft Corporation)</p><p>Task: {D7A836C4-E71A-45A7-8F62-0D434E25F37B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)</p><p>Task: {E0D6BA80-0838-4C32-9252-C9B1EEF17BED} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)</p><p>Task: {E1D46AC2-D89E-49F6-A6DF-71D09681413E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation)</p><p>Task: {E5DD488A-626E-451E-809B-EBA698799E57} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient</p><p>Task: {EA4DC4B4-D9A1-492B-99B8-928DD96F1EE1} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)</p><p>Task: {F2EEBC38-58BE-4815-BB50-E1A88FAE66D5} - System32\Tasks\{67B69EE8-421D-4F84-8F15-C981904ECA30} => pcalua.exe -a C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe -c /remove /q0</p><p>Task: {F82E839E-A390-4EBF-9B03-61007277543A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)</p><p></p><p>(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)</p><p></p><p>Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p>Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe</p><p></p><p>==================== Loaded Modules (Whitelisted) ==============</p><p></p><p>2013-04-05 10:00 - 2009-11-05 07:40 - 00085504 _____ () C:\WINDOWS\System32\cpwmon64.dll</p><p>2013-11-29 17:20 - 2013-11-29 17:20 - 00210592 _____ () C:\Program Files (x86)\Knowhow Cloud\VSSService.exe</p><p>2013-03-28 20:16 - 2013-02-21 17:39 - 00373392 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll</p><p>2013-03-28 20:16 - 2013-02-21 17:39 - 00513680 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll</p><p>2013-03-28 20:16 - 2013-02-21 17:40 - 00607400 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll</p><p>2013-04-01 11:37 - 2013-04-02 13:07 - 06522944 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll</p><p>2012-10-09 13:02 - 2012-10-09 13:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll</p><p>2012-10-09 12:59 - 2012-10-09 12:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll</p><p>2012-10-09 13:02 - 2012-10-09 13:02 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe</p><p>2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll</p><p>2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll</p><p>2012-10-22 11:49 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll</p><p>2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll</p><p>2013-04-01 11:00 - 2013-04-02 10:43 - 00312896 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll</p><p>2013-04-01 11:00 - 2013-04-02 10:44 - 00354448 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll</p><p>2012-10-22 12:14 - 2012-06-25 14:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll</p><p>2009-02-26 11:46 - 2009-02-26 11:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll</p><p>2011-06-22 09:46 - 2011-06-22 09:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll</p><p>2013-07-10 16:07 - 2013-07-10 16:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL</p><p>2015-07-15 12:52 - 2015-07-10 14:44 - 00157304 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\message_center_win8.dll</p><p>2015-07-15 12:52 - 2015-07-10 14:44 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libglesv2.dll</p><p>2015-07-15 12:52 - 2015-07-10 14:44 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libegl.dll</p><p>2013-11-19 11:21 - 2013-11-19 11:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll</p><p></p><p>==================== Alternate Data Streams (Whitelisted) =========</p><p></p><p>(If an entry is included in the fixlist, only the ADS will be removed.)</p><p></p><p>AlternateDataStreams: C:\Users\alan\OneDrive:ms-properties</p><p></p><p>==================== Safe Mode (Whitelisted) ===================</p><p></p><p>(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)</p><p></p><p></p><p>==================== EXE Association (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, the registry item will be restored to default or removed.)</p><p></p><p></p><p>==================== Internet Explorer trusted/restricted ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry.)</p><p></p><p></p><p>==================== Other Areas ============================</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKU\S-1-5-21-2643011527-16499615-3103602312-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\alan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\vaio 11 img4 wallpaper 1600x900.jpg</p><p>DNS Servers: 192.168.1.254</p><p>HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)</p><p>Windows Firewall is enabled.</p><p></p><p>==================== MSCONFIG/TASK MANAGER disabled items ==</p><p></p><p>(Currently there is no automatic fix for this section.)</p><p></p><p>HKLM\...\StartupApproved\Run32: => "ISBMgr.exe"</p><p>HKLM\...\StartupApproved\Run32: => "Adobe ARM"</p><p>HKLM\...\StartupApproved\Run32: => "HP Software Update"</p><p>HKLM\...\StartupApproved\Run32: => "iTunesHelper"</p><p>HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\StartupApproved\Run: => "Livedrive"</p><p></p><p>==================== FirewallRules (Whitelisted) ===============</p><p></p><p>(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)</p><p></p><p>FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139</p><p>FirewallRules: [TCP Query User{99811D4A-0934-475D-93B5-9B5F74AE119C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe</p><p>FirewallRules: [UDP Query User{56EE289E-B687-431C-92C8-2E994D558B7C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe</p><p>FirewallRules: [TCP Query User{985D49D5-F001-4A4E-BABF-FC38281C1BA8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe</p><p>FirewallRules: [UDP Query User{C6367705-3D3C-45B0-BACF-753D1ABD99EA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe</p><p>FirewallRules: [TCP Query User{C456DDA2-9289-4204-AF1A-63E74B2CF7DD}C:\program files\sony\vaio care\vcsystemtray.exe] => (Block) C:\program files\sony\vaio care\vcsystemtray.exe</p><p>FirewallRules: [UDP Query User{4DFF1AC9-AFAD-4536-95F1-F5E5AC575A6B}C:\program files\sony\vaio care\vcsystemtray.exe] => (Block) C:\program files\sony\vaio care\vcsystemtray.exe</p><p>FirewallRules: [{F77F5941-6188-4149-B467-269254D71743}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe</p><p>FirewallRules: [{07C60CFB-7B42-4EF3-A5EA-8A8AABB6F709}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe</p><p>FirewallRules: [{DE28ABA8-790B-4B5D-AEBA-429830BBCD90}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe</p><p>FirewallRules: [{B66FCAB0-5F73-4CE4-9282-ACD1AA986F8E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe</p><p>FirewallRules: [{ED43B401-96D9-4FE4-A50D-B5E7BC3FA320}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe</p><p>FirewallRules: [{9773FD72-19A9-453D-97CD-31644C4064CE}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe</p><p>FirewallRules: [TCP Query User{878BC965-7E37-4E39-BC41-8F086C016F2D}C:\program files (x86)\tvmc\tvmc.exe] => (Block) C:\program files (x86)\tvmc\tvmc.exe</p><p>FirewallRules: [UDP Query User{A908AAD7-AC5B-4808-9260-20DC8CFB9FA5}C:\program files (x86)\tvmc\tvmc.exe] => (Block) C:\program files (x86)\tvmc\tvmc.exe</p><p>FirewallRules: [{2F496275-DB4C-485B-8D5B-D8413C6FAFCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe</p><p></p><p>==================== Faulty Device Manager Devices =============</p><p></p><p>Name: Qualcomm Atheros AR3012 Bluetooth(R) Adapter</p><p>Description: Qualcomm Atheros AR3012 Bluetooth(R) Adapter</p><p>Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}</p><p>Manufacturer: Qualcomm Atheros Communications</p><p>Service: BTHUSB</p><p>Problem: : This device is disabled. (Code 22)</p><p>Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.</p><p></p><p></p><p>==================== Event log errors: =========================</p><p></p><p>Application errors:</p><p>==================</p><p>Error: (07/21/2015 10:34:05 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.4.1001, time stamp: 0x502d5a1d</p><p>Faulting module name: IAStorUtil.ni.dll, version: 11.5.4.1001, time stamp: 0x502d5a19</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0002f3fd</p><p>Faulting process id: 0x1b08</p><p>Faulting application start time: 0xIAStorDataMgrSvc.exe0</p><p>Faulting application path: IAStorDataMgrSvc.exe1</p><p>Faulting module path: IAStorDataMgrSvc.exe2</p><p>Report Id: IAStorDataMgrSvc.exe3</p><p>Faulting package full name: IAStorDataMgrSvc.exe4</p><p>Faulting package-relative application ID: IAStorDataMgrSvc.exe5</p><p></p><p>Error: (07/21/2015 10:34:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: )</p><p>Description: Application: IAStorDataMgrSvc.exe</p><p>Framework Version: v4.0.30319</p><p>Description: The process was terminated due to an unhandled exception.</p><p>Exception Info: System.NullReferenceException</p><p>Stack:</p><p> at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()</p><p> at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()</p><p> at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)</p><p> at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)</p><p> at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()</p><p> at System.Threading.ThreadPoolWorkQueue.Dispatch()</p><p> at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()</p><p></p><p>Error: (07/21/2015 09:45:54 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.4.1001, time stamp: 0x502d5a1d</p><p>Faulting module name: IAStorUtil.ni.dll, version: 11.5.4.1001, time stamp: 0x502d5a19</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0002f3fd</p><p>Faulting process id: 0x12f4</p><p>Faulting application start time: 0xIAStorDataMgrSvc.exe0</p><p>Faulting application path: IAStorDataMgrSvc.exe1</p><p>Faulting module path: IAStorDataMgrSvc.exe2</p><p>Report Id: IAStorDataMgrSvc.exe3</p><p>Faulting package full name: IAStorDataMgrSvc.exe4</p><p>Faulting package-relative application ID: IAStorDataMgrSvc.exe5</p><p></p><p>Error: (07/21/2015 09:45:53 PM) (Source: .NET Runtime) (EventID: 1026) (User: )</p><p>Description: Application: IAStorDataMgrSvc.exe</p><p>Framework Version: v4.0.30319</p><p>Description: The process was terminated due to an unhandled exception.</p><p>Exception Info: System.NullReferenceException</p><p>Stack:</p><p> at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()</p><p> at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()</p><p> at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)</p><p> at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)</p><p> at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()</p><p> at System.Threading.ThreadPoolWorkQueue.Dispatch()</p><p> at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()</p><p></p><p>Error: (07/21/2015 09:42:48 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099</p><p>Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x00007ffeb367baf1</p><p>Faulting process id: 0x15ac</p><p>Faulting application start time: 0xVCAgent.exe0</p><p>Faulting application path: VCAgent.exe1</p><p>Faulting module path: VCAgent.exe2</p><p>Report Id: VCAgent.exe3</p><p>Faulting package full name: VCAgent.exe4</p><p>Faulting package-relative application ID: VCAgent.exe5</p><p></p><p>Error: (07/21/2015 09:42:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: )</p><p>Description: Application: VCAgent.exe</p><p>Framework Version: v4.0.30319</p><p>Description: The process was terminated due to an unhandled exception.</p><p>Exception Info: System.NullReferenceException</p><p>Stack:</p><p> at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)</p><p> at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)</p><p> at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)</p><p> at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)</p><p> at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)</p><p> at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)</p><p> at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)</p><p> at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)</p><p> at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)</p><p> at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)</p><p> at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)</p><p> at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)</p><p> at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)</p><p> at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)</p><p> at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)</p><p> at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)</p><p> at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)</p><p> at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)</p><p> at System.Windows.Application.RunInternal(System.Windows.Window)</p><p> at System.Windows.Application.Run()</p><p> at VCAgent.App.Main()</p><p></p><p>Error: (07/21/2015 09:24:43 PM) (Source: Perflib) (EventID: 1008) (User: )</p><p>Description: BITSC:\Windows\System32\bitsperf.dll8</p><p></p><p>Error: (07/21/2015 09:21:47 PM) (Source: Perflib) (EventID: 1008) (User: )</p><p>Description: BITSC:\Windows\System32\bitsperf.dll8</p><p></p><p>Error: (07/21/2015 08:25:50 PM) (Source: Application Error) (EventID: 1000) (User: )</p><p>Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.4.1001, time stamp: 0x502d5a1d</p><p>Faulting module name: IAStorUtil.ni.dll, version: 11.5.4.1001, time stamp: 0x502d5a19</p><p>Exception code: 0xc0000005</p><p>Fault offset: 0x0002f3fd</p><p>Faulting process id: 0x2148</p><p>Faulting application start time: 0xIAStorDataMgrSvc.exe0</p><p>Faulting application path: IAStorDataMgrSvc.exe1</p><p>Faulting module path: IAStorDataMgrSvc.exe2</p><p>Report Id: IAStorDataMgrSvc.exe3</p><p>Faulting package full name: IAStorDataMgrSvc.exe4</p><p>Faulting package-relative application ID: IAStorDataMgrSvc.exe5</p><p></p><p>Error: (07/21/2015 08:25:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )</p><p>Description: Application: IAStorDataMgrSvc.exe</p><p>Framework Version: v4.0.30319</p><p>Description: The process was terminated due to an unhandled exception.</p><p>Exception Info: System.NullReferenceException</p><p>Stack:</p><p> at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges()</p><p> at IAStorUtil.SystemDataModelListener.LoadSavedSystemState()</p><p> at IAStorDataMgr.EventRelay.<Start>b__0(System.Object)</p><p> at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)</p><p> at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)</p><p> at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()</p><p> at System.Threading.ThreadPoolWorkQueue.Dispatch()</p><p> at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()</p><p></p><p></p><p>System errors:</p><p>=============</p><p>Error: (07/21/2015 10:34:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )</p><p>Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s).</p><p></p><p>Error: (07/21/2015 10:34:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: )</p><p>Description: The Energy Server Service service terminated with the following error: </p><p>%%268439612</p><p></p><p>Error: (07/21/2015 10:31:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: )</p><p>Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: </p><p>%%1056</p><p></p><p>Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )</p><p>Description: The Stardock Start8 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service.</p><p></p><p>Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )</p><p>Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s).</p><p></p><p>Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )</p><p>Description: The Microsoft Office Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.</p><p></p><p>Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )</p><p>Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.</p><p></p><p>Error: (07/21/2015 10:30:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )</p><p>Description: The VCService service terminated unexpectedly. It has done this 1 time(s).</p><p></p><p>Error: (07/21/2015 10:30:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )</p><p>Description: The VUAgent service terminated unexpectedly. It has done this 1 time(s).</p><p></p><p>Error: (07/21/2015 10:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )</p><p>Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.</p><p></p><p></p><p>Microsoft Office:</p><p>=========================</p><p>Error: (07/01/2015 08:17:40 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (05/29/2015 06:22:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (05/13/2015 05:32:59 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (05/02/2015 12:09:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (04/17/2015 09:08:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (04/12/2015 07:28:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 43 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (12/08/2014 10:00:41 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (11/04/2014 09:12:25 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (10/01/2014 10:47:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 41 seconds with 0 seconds of active time. This session ended with a crash.</p><p></p><p>Error: (05/07/2014 10:11:55 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )</p><p>Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23789 seconds with 3060 seconds of active time. This session ended with a crash.</p><p></p><p></p><p>==================== Memory info =========================== </p><p></p><p>Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz</p><p>Percentage of memory in use: 71%</p><p>Total physical RAM: 3975.27 MB</p><p>Available physical RAM: 1118.2 MB</p><p>Total Virtual: 5767.27 MB</p><p>Available Virtual: 1876.99 MB</p><p></p><p>==================== Drives ================================</p><p></p><p>Drive c: () (Fixed) (Total:435.67 GB) (Free:265.12 GB) NTFS</p><p></p><p>==================== MBR & Partition Table ==================</p><p></p><p>========================================================</p><p>Disk: 0 (Size: 465.8 GB) (Disk ID: D3AA3DBD)</p><p></p><p>Partition: GPT Partition Type.</p><p></p><p>========================================================</p><p>Disk: 1 (Size: 11.2 GB) (Disk ID: A27E6346)</p><p></p><p>Partition: GPT Partition Type.</p><p></p><p>==================== End of log ============================</p></blockquote><p></p>
[QUOTE="Ken Carrothers, post: 413320, member: 38508"] Hi and thanks for the prompt response to my appeal for assistance, I just hope my computer ability is sufficient to follow your requests and advice. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015 Ran by alan (administrator) on VAIO on 22-07-2015 06:39:15 Running from C:\Users\alan\Downloads Loaded Profiles: alan (Available Profiles: alan) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: [URL]http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/[/URL] ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe () C:\Program Files (x86)\Knowhow Cloud\VSSService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe (Steganos Software GmbH) C:\Program Files (x86)\OkayFreedom\VPNService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start8\Start8_64.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe (Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera_crashreporter.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe (Opera Software) C:\Program Files (x86)\Opera\30.0.1835.125\opera.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-18] (Realtek Semiconductor) HKLM\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe HKLM\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros) HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Qualcomm Atheros Commnucations) HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-28] (Intel Corporation) HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation) HKLM-x32\...\Run: [Intel AT Service signup] => c:\Program Files (x86)\Intel Corporation\Intel AT Service signup\IntelATServiceSignup.exe [382976 2012-02-15] (Intel Corporation) HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5214632 2015-07-03] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\Run: [Livedrive] => C:\Program Files (x86)\Knowhow Cloud\KnowhowCloud.exe [3497632 2013-11-29] (DSG Retail Limited) HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22035560 2014-08-27] (Skype Technologies S.A.) Startup: C:\Users\alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Screen Clipper and Launcher.lnk [2014-09-29] ShortcutTarget: OneNote 2007 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) Startup: C:\Users\alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk [2013-04-09] ShortcutTarget: Send to OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation) SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation) SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation) ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation) ShellIconOverlayIdentifiers: [LivedriveDownloadOverlay] -> {CBCDB610-6B68-4EE9-B7A2-1282FD0C9292} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd) ShellIconOverlayIdentifiers: [LivedriveSharedOverlay] -> {84CEF1E4-1356-4063-845F-05047F4DD52C} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd) ShellIconOverlayIdentifiers: [LivedriveSyncedOverlay] -> {42058329-2FBF-4B33-8E52-3BE5754DE0C1} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd) ShellIconOverlayIdentifiers: [LivedriveUploadOverlay] -> {39A1715A-E4CD-4F1E-B5C4-36B5DB80124E} => C:\Program Files (x86)\Knowhow Cloud\Extensions.dll [2013-11-29] (Livedrive Internet Ltd) ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation) CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2643011527-16499615-3103602312-1001 -> {537620BC-003C-4C77-A1E6-E6B5B0A5D288} URL = [URL]http://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=http://shop.ebay.co.uk/?oemInLn=ieSrch-Q312&_nkw={searchTerms}[/URL] BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2013-04-02] (Microsoft Corporation) BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-10-09] (Qualcomm Atheros Commnucations) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2013-04-02] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2013-04-02] (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2013-04-02] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2013-04-02] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254 Tcpip\..\Interfaces\{2066C8ED-4CF8-48A9-AB9D-C38BB5D8024C}: [DhcpNameServer] 192.168.1.254 Tcpip\..\Interfaces\{C646BB03-C794-4931-B733-E30B696B74C2}: [DhcpNameServer] 192.168.1.254 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\alan\AppData\Roaming\Mozilla\Firefox\Profiles\4mhhn669.default FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll [2012-10-22] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\SysWOW64\npDeployJava1.dll [2012-10-22] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll No File FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-04-02] (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2013-04-03] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2012-05-12] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-12-18] (Adobe Systems Inc.) FF HKLM-x32\...\Thunderbird\Extensions: [[email]msktbird@mcafee.com[/email]] - C:\Program Files\McAfee\MSK FF Extension: No Name - C:\Program Files\McAfee\MSK [2012-10-22] Chrome: ======= CHR Profile: C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-30] CHR Extension: (Google Drive) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-30] CHR Extension: (OkayFreedom) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bckipplcmnfhblnpibpbehenelnkpecd [2013-05-31] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-03] CHR Extension: (YouTube) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-30] CHR Extension: (Google Search) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-30] CHR Extension: (Google Wallet) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25] CHR Extension: (Gmail) - C:\Users\alan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-30] CHR HKU\S-1-5-21-2643011527-16499615-3103602312-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - [URL]https://clients2.google.com/service/update2/crx[/URL] CHR HKU\S-1-5-21-2643011527-16499615-3103602312-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bckipplcmnfhblnpibpbehenelnkpecd] - C:\Program Files (x86)\OkayFreedom\okayfreedom.crx [2013-04-26] Opera: ======= StartMenuInternet: (HKLM) Opera - C:\Program Files\Opera x64\Opera.exe ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations) [File not signed] R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1443144 2015-07-03] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3259304 2015-07-03] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301896 2015-07-03] (AVG Technologies CZ, s.r.o.) R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2013-02-06] (Research In Motion Limited) [File not signed] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-21] (Microsoft Corporation) S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [7168 2012-08-28] (Intel Corporation) [File not signed] R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 LivedriveVSSService; C:\Program Files (x86)\Knowhow Cloud\VSSService.exe [210592 2013-11-29] () S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe [235216 2013-10-16] (McAfee, Inc.) S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation) R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1860264 2013-02-21] (Microsoft Corporation) R2 OkayFreedom VPN Starter Service; C:\Program Files (x86)\OkayFreedom\VPNService.exe [303344 2013-05-02] (Steganos Software GmbH) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2222360 2015-06-02] (IBM Corp.) R2 Start8; C:\Program Files (x86)\Stardock\Start8\Start8Srv.exe [142960 2013-03-19] (Stardock Software, Inc) R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [244504 2014-07-21] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [237536 2015-05-26] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [237848 2014-10-24] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [369120 2015-05-26] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [211936 2015-05-26] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [287208 2015-05-27] (AVG Technologies CZ, s.r.o.) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros) S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros) S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-11-21] (Microsoft Corporation) R1 CbFs; C:\Windows\system32\drivers\cbfs.sys [191960 2010-02-16] (EldoS Corporation) R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R1 RapportCerberus_1412112; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1412112.sys [917112 2015-06-18] (IBM Corp.) R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [485368 2015-06-02] (IBM Corp.) R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [121432 2015-06-02] (IBM Corp.) R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [376184 2015-06-02] (IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [480440 2015-06-02] (IBM Corp.) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-01-05] () R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated) R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation) U3 aswMBR; \??\C:\Users\alan\AppData\Local\Temp\aswMBR.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-22 06:38 - 2015-07-22 06:38 - 00000000 ____D C:\Users\alan\Downloads\FRST-OlderVersion 2015-07-22 06:21 - 2015-07-22 06:21 - 00074703 _____ C:\WINDOWS\SysWOW64\mfc45.dll 2015-07-22 06:20 - 2015-07-22 06:20 - 00000000 ____D C:\Users\alan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Opera Software 2015-07-21 22:51 - 2015-07-21 22:51 - 00001786 _____ C:\Users\alan\Desktop\aswMBR.txt 2015-07-21 22:51 - 2015-07-21 22:51 - 00000512 _____ C:\Users\alan\Desktop\MBR.dat 2015-07-21 22:49 - 2015-07-21 22:49 - 04745728 _____ (AVAST Software) C:\Users\alan\Downloads\aswMBR.exe 2015-07-21 22:34 - 2015-07-21 22:34 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208 (3).exe 2015-07-21 22:27 - 2015-07-21 22:27 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208 (2).exe 2015-07-21 21:35 - 2015-07-21 21:35 - 11032736 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64 (3).exe 2015-07-21 21:04 - 2015-07-21 21:33 - 00000000 ____D C:\ProgramData\HitmanPro 2015-07-21 21:04 - 2015-07-21 21:05 - 11032736 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64 (2).exe 2015-07-21 21:03 - 2015-07-21 21:04 - 09741664 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64 (1).exe 2015-07-21 21:02 - 2015-07-21 21:02 - 11032736 _____ (SurfRight B.V.) C:\Users\alan\Downloads\HitmanPro_x64.exe 2015-07-21 20:39 - 2015-07-21 20:39 - 01798288 _____ (Malwarebytes Corporation) C:\Users\alan\Downloads\JRT (1).exe 2015-07-21 20:28 - 2015-07-21 20:28 - 01798288 _____ (Malwarebytes Corporation) C:\Users\alan\Downloads\JRT.exe 2015-07-21 20:25 - 2015-07-21 20:25 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208 (1).exe 2015-07-21 20:11 - 2015-07-21 20:11 - 02248704 _____ C:\Users\alan\Downloads\adwcleaner_4.208.exe 2015-07-21 20:00 - 2015-07-21 20:00 - 00003172 _____ C:\WINDOWS\System32\Tasks\{27C80A67-26B9-4E66-B266-715456BD1336} 2015-07-21 18:44 - 2015-07-22 06:37 - 00000003 _____ C:\Users\alan\Downloads\Addition.txt 2015-07-21 18:43 - 2015-07-22 06:39 - 00025577 _____ C:\Users\alan\Downloads\FRST.txt 2015-07-21 18:39 - 2015-07-22 06:39 - 00000000 ____D C:\FRST 2015-07-21 18:39 - 2015-07-22 06:38 - 02135552 _____ (Farbar) C:\Users\alan\Downloads\FRST64.exe 2015-07-21 18:22 - 2015-07-21 18:22 - 00000241 _____ C:\Users\alan\Desktop\Preparation Guide Before Requesting Malware Removal Help malwaretips.com.url 2015-07-21 17:26 - 2015-07-21 20:41 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-07-21 17:26 - 2015-07-21 17:26 - 00001114 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-07-21 17:26 - 2015-07-21 17:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-07-21 17:26 - 2015-07-21 17:26 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-07-21 17:26 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-07-21 17:26 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-07-21 17:26 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-07-21 17:24 - 2015-07-21 17:24 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\alan\Downloads\mbam-setup-2.1.8.1057 (2).exe 2015-07-21 17:23 - 2015-07-21 17:24 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\alan\Downloads\mbam-setup-2.1.8.1057 (1).exe 2015-07-21 17:23 - 2015-07-21 17:23 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\alan\Downloads\mbam-setup-2.1.8.1057.exe 2015-07-21 15:47 - 2015-07-14 15:14 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-07-21 15:47 - 2015-07-14 15:14 - 00301056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-07-21 15:47 - 2015-07-14 15:14 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-07-21 15:47 - 2015-07-14 15:13 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-07-18 14:21 - 2015-07-18 14:21 - 00000185 _____ C:\Users\alan\Desktop\Etsy.url 2015-07-18 00:19 - 2015-06-29 23:43 - 00026288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe 2015-07-18 00:19 - 2015-06-29 16:07 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2015-07-18 00:19 - 2015-06-29 16:07 - 01084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2015-07-18 00:19 - 2015-06-29 16:07 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2015-07-18 00:19 - 2015-06-29 16:07 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2015-07-18 00:19 - 2015-06-29 16:07 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-07-18 00:19 - 2015-06-27 00:21 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2015-07-18 00:19 - 2015-06-27 00:21 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2015-07-15 20:23 - 2015-06-25 03:31 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-07-15 20:23 - 2015-05-07 16:21 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GeofenceMonitorService.dll 2015-07-15 20:23 - 2015-05-07 16:05 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GeofenceMonitorService.dll 2015-07-15 20:23 - 2015-05-03 01:39 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-07-15 20:23 - 2015-04-30 00:22 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2015-07-15 20:22 - 2015-06-28 06:07 - 00442712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2015-07-15 20:22 - 2015-06-28 06:07 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-07-15 20:22 - 2015-06-28 06:06 - 01311960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2015-07-15 20:22 - 2015-06-28 06:06 - 00332120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2015-07-15 20:22 - 2015-06-27 17:42 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2015-07-15 20:22 - 2015-06-27 04:13 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2015-07-15 20:22 - 2015-06-27 04:12 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-07-15 20:22 - 2015-06-27 04:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2015-07-15 20:22 - 2015-06-27 03:40 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-07-15 20:22 - 2015-06-27 03:05 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-07-15 20:22 - 2015-06-27 03:00 - 00989184 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-07-15 20:22 - 2015-06-27 02:53 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-07-15 20:22 - 2015-06-27 02:26 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-07-15 20:22 - 2015-06-15 23:41 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe 2015-07-15 20:22 - 2015-06-15 23:24 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2015-07-15 20:22 - 2015-06-15 22:16 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe 2015-07-15 20:22 - 2015-06-15 22:09 - 03607552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2015-07-15 20:22 - 2015-06-15 21:50 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-07-15 20:22 - 2015-06-15 20:57 - 02460160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-07-15 20:21 - 2015-05-30 22:18 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll 2015-07-15 20:21 - 2015-05-30 20:36 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-07-15 20:21 - 2015-05-30 20:35 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2015-07-15 18:38 - 2015-07-09 20:51 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-07-15 18:38 - 2015-07-09 19:40 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll 2015-07-15 18:38 - 2015-07-09 17:03 - 03701760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-07-15 18:38 - 2015-07-09 16:54 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-07-15 18:38 - 2015-07-09 16:53 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-07-15 18:38 - 2015-07-09 16:50 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-07-15 18:38 - 2015-07-09 16:50 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-07-15 18:38 - 2015-07-09 16:48 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-07-15 18:38 - 2015-07-09 16:46 - 02229248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-07-15 18:38 - 2015-07-09 16:38 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-07-15 18:38 - 2015-07-09 16:37 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-07-15 18:38 - 2015-07-09 16:35 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-07-15 18:38 - 2015-07-09 16:34 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-07-15 18:38 - 2015-06-27 04:08 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2015-07-15 18:38 - 2015-06-27 04:08 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2015-07-15 18:38 - 2015-06-27 03:14 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2015-07-15 13:08 - 2015-06-15 23:39 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-07-15 13:08 - 2015-06-15 23:38 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2015-07-15 13:08 - 2015-06-15 23:26 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll 2015-07-15 13:08 - 2015-06-15 23:24 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-07-15 13:08 - 2015-06-15 23:02 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx 2015-07-15 13:08 - 2015-06-15 22:58 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2015-07-15 13:08 - 2015-06-15 22:57 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2015-07-15 13:08 - 2015-06-15 22:56 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll 2015-07-15 13:08 - 2015-06-15 22:55 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2015-07-15 13:08 - 2015-06-15 22:49 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-07-15 13:08 - 2015-06-15 22:41 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll 2015-07-15 13:08 - 2015-06-15 22:38 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-07-15 13:08 - 2015-06-15 22:36 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2015-07-15 13:08 - 2015-06-15 22:17 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2015-07-15 13:08 - 2015-06-15 22:16 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-07-15 13:08 - 2015-06-15 22:15 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-07-15 13:08 - 2015-06-15 22:13 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2015-07-15 13:08 - 2015-06-15 22:04 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll 2015-07-15 13:08 - 2015-06-15 22:03 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-07-15 13:08 - 2015-06-15 21:52 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-07-15 13:08 - 2015-06-15 21:47 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx 2015-07-15 13:08 - 2015-06-15 21:44 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2015-07-15 13:08 - 2015-06-15 21:43 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2015-07-15 13:08 - 2015-06-15 21:42 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll 2015-07-15 13:08 - 2015-06-15 21:41 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2015-07-15 13:08 - 2015-06-15 21:37 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-07-15 13:08 - 2015-06-15 21:32 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll 2015-07-15 13:08 - 2015-06-15 21:31 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-07-15 13:08 - 2015-06-15 21:30 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2015-07-15 13:08 - 2015-06-15 21:30 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2015-07-15 13:08 - 2015-06-15 21:17 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2015-07-15 13:08 - 2015-06-15 21:07 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-07-15 13:08 - 2015-06-15 21:02 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-07-15 13:07 - 2015-06-11 04:49 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-07-15 13:07 - 2015-06-10 17:13 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-07-15 13:07 - 2015-05-11 19:17 - 01201664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2015-07-15 13:07 - 2015-05-11 17:34 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2015-07-15 13:07 - 2015-05-07 18:50 - 22292672 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-07-15 13:07 - 2015-05-07 18:00 - 03109376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2015-07-15 13:07 - 2015-05-07 17:53 - 19734960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-07-15 13:07 - 2015-05-07 17:12 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2015-07-15 13:07 - 2015-05-03 16:09 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-15 13:07 - 2015-05-03 15:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-15 13:07 - 2015-05-03 15:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2015-07-15 13:07 - 2015-05-03 15:49 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2015-07-15 13:07 - 2015-04-25 03:25 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023x.sys 2015-07-15 13:07 - 2015-04-25 03:25 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys 2015-07-15 13:07 - 2015-04-23 18:01 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rndismpx.sys 2015-07-15 13:07 - 2014-11-04 20:25 - 00059712 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdclass.sys 2015-07-15 13:07 - 2014-11-04 20:25 - 00051008 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouclass.sys 2015-07-15 13:07 - 2014-11-04 07:55 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sermouse.sys 2015-07-15 13:07 - 2014-11-04 07:54 - 00108544 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\i8042prt.sys 2015-07-15 13:07 - 2014-11-04 07:54 - 00032256 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\kbdhid.sys 2015-07-15 13:07 - 2014-11-04 07:54 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys 2015-07-15 13:06 - 2015-07-02 22:21 - 19877376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-07-15 13:06 - 2015-07-02 21:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-07-15 13:06 - 2015-07-02 21:49 - 25193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-07-15 13:06 - 2015-07-02 21:23 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-07-15 13:06 - 2015-07-02 21:19 - 12855296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-07-15 13:06 - 2015-07-02 20:55 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-07-15 13:06 - 2015-07-02 20:20 - 14453248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-07-15 13:06 - 2015-07-02 19:59 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-07-15 13:06 - 2015-07-01 23:08 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-07-15 13:06 - 2015-07-01 22:14 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-07-15 13:06 - 2015-05-12 14:19 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll 2015-07-15 13:06 - 2015-04-28 14:13 - 00513480 _____ C:\WINDOWS\SysWOW64\locale.nls 2015-07-15 13:06 - 2015-04-28 14:13 - 00513480 _____ C:\WINDOWS\system32\locale.nls 2015-07-15 13:05 - 2015-06-16 06:36 - 01661576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2015-07-15 13:05 - 2015-06-16 06:36 - 01212248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll 2015-07-15 13:05 - 2015-05-07 17:47 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2015-07-15 13:05 - 2015-05-03 16:07 - 07784448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2015-07-15 13:05 - 2015-05-03 15:57 - 05264384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll 2015-07-15 13:05 - 2015-05-02 00:33 - 00410739 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-07-15 13:05 - 2015-04-23 16:47 - 03084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2015-07-15 13:05 - 2015-04-23 16:16 - 02471424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll 2015-07-07 17:50 - 2015-07-07 17:50 - 00000214 ____H C:\Users\alan\.swfinfo 2015-07-02 13:35 - 2015-07-02 13:35 - 00000180 _____ C:\Users\alan\Desktop\Aqua Card.url 2015-06-29 21:07 - 2015-06-29 21:07 - 00000247 _____ C:\Users\alan\Desktop\Splice loops in solid braid 100% knot strength. Fishing - Fishwrecked.com - Fishing WA. Fishing Photos & Videos.url 2015-06-29 20:31 - 2015-06-29 20:31 - 00000172 _____ C:\Users\alan\Desktop\skate & shark wind-on leaders & traces Photo gallery - Sea fishing Forums • Sea fishing Forums.url 2015-06-25 10:10 - 2015-06-25 10:10 - 00000000 ____D C:\Program Files\Common Files\AV 2015-06-22 19:11 - 2015-06-22 19:11 - 01028421 _____ C:\Users\alan\Downloads\Post Receipt 22 June 2015.zip 2015-06-22 19:09 - 2015-06-22 19:09 - 00378972 _____ C:\Users\alan\Downloads\Post_Receipt_22_June_2015.zip ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-07-22 06:28 - 2015-01-21 20:50 - 02022061 _____ C:\WINDOWS\WindowsUpdate.log 2015-07-22 06:23 - 2015-01-21 21:47 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2643011527-16499615-3103602312-1001 2015-07-22 06:23 - 2014-03-22 19:01 - 00000000 ____D C:\ProgramData\MFAData 2015-07-22 06:21 - 2015-01-25 13:30 - 00003906 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{75CD5B13-09BB-4F3A-BB43-96B154377792} 2015-07-22 06:19 - 2013-03-29 10:30 - 00000000 ____D C:\Users\alan\AppData\Roaming\Skype 2015-07-22 06:18 - 2015-01-21 21:42 - 00000000 ___RD C:\Users\alan\OneDrive 2015-07-22 06:18 - 2014-10-21 23:46 - 00000912 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-07-22 06:17 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru 2015-07-21 23:12 - 2014-10-21 23:46 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-07-21 22:31 - 2013-08-22 15:46 - 00312665 _____ C:\WINDOWS\setupact.log 2015-07-21 22:31 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-07-21 22:31 - 2013-08-22 14:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI 2015-07-21 22:30 - 2014-09-06 10:28 - 00000000 ____D C:\AdwCleaner 2015-07-21 20:23 - 2013-08-22 15:44 - 00507424 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-07-21 18:29 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-07-21 17:54 - 2014-11-21 09:34 - 00006940 _____ C:\WINDOWS\PFRO.log 2015-07-21 17:26 - 2014-09-06 10:46 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-07-21 14:12 - 2015-05-21 18:16 - 00000000 ____D C:\Users\alan\AppData\Roaming\TVMC 2015-07-21 13:47 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-07-21 12:52 - 2015-04-10 08:55 - 00497152 ___SH C:\Users\alan\Desktop\Thumbs.db 2015-07-20 00:21 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2015-07-19 05:37 - 2015-01-29 09:56 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-07-19 05:37 - 2014-11-21 16:56 - 00000000 ___SD C:\WINDOWS\system32\CompatTel 2015-07-19 05:37 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-07-19 05:37 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore 2015-07-17 13:17 - 2013-07-17 10:37 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-07-17 13:17 - 2013-04-04 13:02 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-07-17 13:11 - 2015-04-06 11:06 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX 2015-07-17 13:11 - 2015-04-06 11:06 - 00000000 ___SD C:\WINDOWS\system32\GWX 2015-07-16 21:06 - 2013-04-03 15:54 - 00000000 ____D C:\Users\alan\AppData\Local\Microsoft Help 2015-07-16 10:07 - 2014-10-21 23:46 - 00003888 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-16 10:07 - 2014-10-21 23:46 - 00003652 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-15 20:22 - 2013-04-04 16:52 - 00000000 ____D C:\Users\alan\AppData\Local\Adobe 2015-07-15 12:52 - 2015-06-09 12:12 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 30.lnk 2015-07-15 12:52 - 2014-09-06 15:00 - 00003822 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1410012020 2015-07-15 12:52 - 2014-09-06 15:00 - 00000000 ____D C:\Program Files (x86)\Opera 2015-07-15 12:47 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2015-07-13 22:10 - 2014-11-21 17:03 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-07-13 22:10 - 2014-11-21 17:03 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-10 10:49 - 2014-03-31 17:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-07-07 17:50 - 2015-01-21 20:53 - 00000000 ____D C:\Users\alan 2015-07-03 08:43 - 2013-03-30 04:02 - 130333168 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-06-23 18:59 - 2014-11-21 09:44 - 00865408 _____ C:\WINDOWS\system32\PerfStringBackup.INI ==================== Files in the root of some directories ======= 2013-04-09 22:47 - 2014-09-11 09:08 - 0002496 _____ () C:\Users\alan\AppData\Roaming\Rim.Desktop.Exception.log 2013-04-09 22:46 - 2013-04-09 22:46 - 0001111 _____ () C:\Users\alan\AppData\Roaming\Rim.Desktop.HttpServerSetup.log 2013-04-09 22:47 - 2014-09-11 09:08 - 0000539 _____ () C:\Users\alan\AppData\Roaming\Rim.DesktopHelper.Exception.log 2013-06-24 17:58 - 2013-06-24 17:58 - 0006144 _____ () C:\Users\alan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-06-04 16:11 - 2013-06-04 16:11 - 0000049 _____ () C:\Users\alan\AppData\Local\mm-device-08.ini 2013-07-29 10:37 - 2013-07-29 10:37 - 0000057 _____ () C:\ProgramData\Ament.ini ZeroAccess: C:\Program Files (x86)\Google\Desktop\Install Some files in TEMP: ==================== C:\Users\alan\AppData\Local\Temp\HitmanPro_x64 (2).exe C:\Users\alan\AppData\Local\Temp\Quarantine.exe C:\Users\alan\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-21 21:15 ==================== End of log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015 Ran by alan at 2015-07-22 06:40:07 Running from C:\Users\alan\Downloads Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2643011527-16499615-3103602312-500 - Administrator - Disabled) alan (S-1-5-21-2643011527-16499615-3103602312-1001 - Administrator - Enabled) => C:\Users\alan Guest (S-1-5-21-2643011527-16499615-3103602312-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2643011527-16499615-3103602312-1003 - Limited - Enabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Internet Security 2014 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG Internet Security 2014 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} FW: AVG Internet Security 2014 (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ACDSee Free (HKLM-x32\...\ACDSee Free) (Version: 1.1.21 - ACD Systems International Inc.) Adobe Reader X (10.1.9) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated) Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4821 - AVG Technologies) AVG 2014 (Version: 14.0.4365 - AVG Technologies) Hidden AVG 2014 (Version: 14.0.4821 - AVG Technologies) Hidden Behind The Reflection 2: Witch's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research In Motion Ltd.) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research In Motion Ltd.) Hidden BlackBerry Device Software Updater (HKLM-x32\...\{9CC0C9F6-CEA7-49D5-BE86-CF236C7621AA}) (Version: 7.1.0.84 - Research In Motion Ltd) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden Canon CanoScan Toolbox 5.0 (HKLM-x32\...\CanoScan Toolbox 5.0) (Version: - ) CanoScan LiDE 70 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2411) (Version: - ) Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden CutePDF Writer 2.8 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com) Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Golden Trails 2: The Lost Legacy Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden Google Chrome (HKLM-x32\...\{54DF35BD-4A36-35DA-B029-A0C083C88614}) (Version: 10.2.35021 - Google, Inc.) Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110 - WildTangent) Hidden HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Deskjet 1050 J410 series Help (HKLM-x32\...\{5C90D8CF-F12A-41C6-9007-3B651A1F0D78}) (Version: 140.0.66.66 - Hewlett Packard) HP Deskjet 1050 J410 series Product Improvement Study (HKLM\...\{D638A23C-5C5F-4B71-A354-EC78B2BDD320}) (Version: 28.0.1313.0 - Hewlett-Packard Co.) HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 38645) (Version: 03.05.11 - Intel) Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) Intel® AT Service signup (HKLM-x32\...\{CD49AEDB-FFB4-4A9A-A3C2-E9AF814FE6FE}) (Version: 2.0.0.3 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation) Knowhow Cloud (HKLM\...\{FE24E834-46AF-4B4C-B09B-921784B4EE45}) (Version: 2.0.6 - DSG Retail Limited) KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Lost Souls 2: Enchanted Paintings Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) Memory-Map European Edition (HKLM-x32\...\{3724743C-C279-4ACA-A451-56479745208A}) (Version: 5.4.2 - Memory-Map) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2013 - en-us (HKLM\...\HomeStudentRetail - en-us) (Version: 15.0.4454.1513 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation) Microsoft SkyDrive (HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\SkyDriveSetup.exe) (Version: 16.4.6012.0828 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Midnight Mysteries: Devil on the Mississippi (x32 Version: 2.2.0.110 - WildTangent) Hidden Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla) My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom) Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4454.1513 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4454.1513 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4454.1513 - Microsoft Corporation) Hidden OkayFreedom (HKLM-x32\...\{3F3FB10C-7175-4D38-9335-3488B89C12AF}) (Version: 1.0.9 - Steganos Software GmbH) Opera 12.16 (HKLM\...\Opera 12.16.1860) (Version: 12.16.1860 - Opera Software ASA) Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software) PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation) Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access) Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.212 - Qualcomm Atheros Communications) Rapport (x32 Version: 3.5.1412.176 - Trusteer) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.) Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden Safari (HKLM-x32\...\{6B9B0C6F-E5FA-4633-A640-AB98A272ECCA}) (Version: 5.33.19.4 - Apple Inc.) Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) Skype™ 6.20 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.20.104 - Skype Technologies S.A.) SRWare Iron version SRWare Iron 36.0.1950.0 (HKLM-x32\...\{C59CF2CE-B302-4833-AA35-E0E07D8EBC52}_is1) (Version: SRWare Iron 36.0.1950.0 - SRWare) SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden Stardock Start8 (HKLM-x32\...\Stardock Start8) (Version: 1.31 - Stardock Software, Inc.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated) TrackLogs Digital Mapping v3 (HKLM-x32\...\{8B603C7C-2F53-429F-BEA7-7C4CA143E691}) (Version: 3.15.01 - TrackLogs) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1412.176 - Trusteer) TVMC (HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\TVMC) (Version: - TVADDONS.ag) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.0.2.11280 - Sony Corporation) VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation) VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation) VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation) VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation) VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation) VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation) VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation) VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation) VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.0.08240 - Sony Corporation) VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation) VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation) VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VIx64 (Version: 1.0.0 - Sony Corporation) Hidden VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden WildTangent Games (HKLM-x32\...\WildTangent sony Master Uninstall) (Version: 1.0.3.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.8.7 - WildTangent) Hidden XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\SkyDriveShell64.dll (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2643011527-16499615-3103602312-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\alan\AppData\Local\Microsoft\SkyDrive\16.4.6012.0828_3\amd64\FileSyncApi64.dll (Microsoft Corporation) ==================== Restore Points ========================= 01-07-2015 18:36:35 Scheduled Checkpoint 08-07-2015 18:53:14 Scheduled Checkpoint 17-07-2015 13:09:07 Windows Update 21-07-2015 18:28:20 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2012-07-26 06:26 - 2013-09-02 07:04 - 00000855 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {05B17CD9-1F11-465E-8311-F3E4B6E7DF91} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation) Task: {1A746A40-D438-4D6A-A759-F85FDD074641} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs" Task: {209E52B2-7C97-4B57-B676-C702B3C5838A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {2D94AA44-C67F-4B6C-9D2E-755550481343} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {2EB6C5C3-44B7-4180-9AC2-5682145204E5} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {3B5C8CE9-57E4-42C9-807C-E47371B64CC1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.) Task: {4082161F-6FBA-425D-84F2-529D1F99DC08} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-04-02] (Microsoft Corporation) Task: {439B6FAC-3876-4A33-8BD6-A8335262D754} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {52DD103F-953A-4932-AC23-4C276DF47272} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation) Task: {54B10C30-6809-4A0E-9DF0-9D626D037A1E} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation) Task: {552B5301-1BCA-4B9A-B626-329E69965C57} - System32\Tasks\Microsoft\Office\Office First Run Task => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-02-21] (Microsoft Corporation) Task: {5E18AC76-9806-49B1-8864-575856ED67C5} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {6087A3A7-F52C-4465-B282-756B5760B7C6} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-29] (Sony Corporation) Task: {65C5FAD7-8A56-4C43-A0AF-208B7D6540DF} - System32\Tasks\{27C80A67-26B9-4E66-B266-715456BD1336} => pcalua.exe -a C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_209_pepper.exe -c -maintain pepperplugin Task: {694C9E35-C23D-4A27-96FA-E2663C24164C} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation) Task: {6CC720EB-5B61-47EB-97E2-EA9B47BEC513} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe Task: {6DE2BC2D-F196-4CB0-A76D-F679473C90D5} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation) Task: {6EF106D3-3CE7-49B7-9020-CFD6183BBF4D} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {745E151B-D881-486B-97BD-2A82C746215A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation) Task: {76A1FF70-2AEB-49FE-8BD8-ACACF8CBF62D} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {79C2902F-9169-4853-8A7E-E44EA9882EB2} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2015-05-27] (Synaptics Incorporated) Task: {A983D89E-119A-4EDF-A985-44CC7AE1F2C6} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation) Task: {AA2C9788-9A6C-4920-B441-E45BB7D1CA64} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {AECDEA9E-0DFF-466F-BFF6-703E7C5907C0} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {B7BC98F2-5FC0-42AB-AFBC-B87CF2D3F5FC} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {BB69C25A-334D-4F98-8B4B-2D271FB03388} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation) Task: {C2BDA618-9883-497E-AF41-4EF8388957B6} - System32\Tasks\Opera scheduled Autoupdate 1410012020 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software) Task: {CB06F6E4-15E7-4FBD-A1E1-E5EE10D9AC29} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-04-02] (Microsoft Corporation) Task: {D7A836C4-E71A-45A7-8F62-0D434E25F37B} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation) Task: {E0D6BA80-0838-4C32-9252-C9B1EEF17BED} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {E1D46AC2-D89E-49F6-A6DF-71D09681413E} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-07-03] (Microsoft Corporation) Task: {E5DD488A-626E-451E-809B-EBA698799E57} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient Task: {EA4DC4B4-D9A1-492B-99B8-928DD96F1EE1} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation) Task: {F2EEBC38-58BE-4815-BB50-E1A88FAE66D5} - System32\Tasks\{67B69EE8-421D-4F84-8F15-C981904ECA30} => pcalua.exe -a C:\PROGRA~3\TARMAI~1\{889DF~1\Setup.exe -c /remove /q0 Task: {F82E839E-A390-4EBF-9B03-61007277543A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (Whitelisted) ============== 2013-04-05 10:00 - 2009-11-05 07:40 - 00085504 _____ () C:\WINDOWS\System32\cpwmon64.dll 2013-11-29 17:20 - 2013-11-29 17:20 - 00210592 _____ () C:\Program Files (x86)\Knowhow Cloud\VSSService.exe 2013-03-28 20:16 - 2013-02-21 17:39 - 00373392 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2rui.dll 2013-03-28 20:16 - 2013-02-21 17:39 - 00513680 _____ () C:\Program Files\Microsoft Office 15\ClientX64\c2r64.dll 2013-03-28 20:16 - 2013-02-21 17:40 - 00607400 _____ () C:\Program Files\Microsoft Office 15\ClientX64\StreamServer.dll 2013-04-01 11:37 - 2013-04-02 13:07 - 06522944 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll 2012-10-09 13:02 - 2012-10-09 13:02 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll 2012-10-09 12:59 - 2012-10-09 12:59 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2012-10-09 13:02 - 2012-10-09 13:02 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe 2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2012-10-22 11:49 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2013-04-01 11:00 - 2013-04-02 10:43 - 00312896 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll 2013-04-01 11:00 - 2013-04-02 10:44 - 00354448 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll 2012-10-22 12:14 - 2012-06-25 14:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll 2009-02-26 11:46 - 2009-02-26 11:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll 2011-06-22 09:46 - 2011-06-22 09:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll 2013-07-10 16:07 - 2013-07-10 16:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL 2015-07-15 12:52 - 2015-07-10 14:44 - 00157304 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\message_center_win8.dll 2015-07-15 12:52 - 2015-07-10 14:44 - 01649272 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libglesv2.dll 2015-07-15 12:52 - 2015-07-10 14:44 - 00081016 _____ () C:\Program Files (x86)\Opera\30.0.1835.125\libegl.dll 2013-11-19 11:21 - 2013-11-19 11:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\alan\OneDrive:ms-properties ==================== Safe Mode (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-2643011527-16499615-3103602312-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\alan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\vaio 11 img4 wallpaper 1600x900.jpg DNS Servers: 192.168.1.254 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "ISBMgr.exe" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "HP Software Update" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKU\S-1-5-21-2643011527-16499615-3103602312-1001\...\StartupApproved\Run: => "Livedrive" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [TCP Query User{99811D4A-0934-475D-93B5-9B5F74AE119C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{56EE289E-B687-431C-92C8-2E994D558B7C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{985D49D5-F001-4A4E-BABF-FC38281C1BA8}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{C6367705-3D3C-45B0-BACF-753D1ABD99EA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{C456DDA2-9289-4204-AF1A-63E74B2CF7DD}C:\program files\sony\vaio care\vcsystemtray.exe] => (Block) C:\program files\sony\vaio care\vcsystemtray.exe FirewallRules: [UDP Query User{4DFF1AC9-AFAD-4536-95F1-F5E5AC575A6B}C:\program files\sony\vaio care\vcsystemtray.exe] => (Block) C:\program files\sony\vaio care\vcsystemtray.exe FirewallRules: [{F77F5941-6188-4149-B467-269254D71743}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe FirewallRules: [{07C60CFB-7B42-4EF3-A5EA-8A8AABB6F709}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe FirewallRules: [{DE28ABA8-790B-4B5D-AEBA-429830BBCD90}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe FirewallRules: [{B66FCAB0-5F73-4CE4-9282-ACD1AA986F8E}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgdiagex.exe FirewallRules: [{ED43B401-96D9-4FE4-A50D-B5E7BC3FA320}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe FirewallRules: [{9773FD72-19A9-453D-97CD-31644C4064CE}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe FirewallRules: [TCP Query User{878BC965-7E37-4E39-BC41-8F086C016F2D}C:\program files (x86)\tvmc\tvmc.exe] => (Block) C:\program files (x86)\tvmc\tvmc.exe FirewallRules: [UDP Query User{A908AAD7-AC5B-4808-9260-20DC8CFB9FA5}C:\program files (x86)\tvmc\tvmc.exe] => (Block) C:\program files (x86)\tvmc\tvmc.exe FirewallRules: [{2F496275-DB4C-485B-8D5B-D8413C6FAFCF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Faulty Device Manager Devices ============= Name: Qualcomm Atheros AR3012 Bluetooth(R) Adapter Description: Qualcomm Atheros AR3012 Bluetooth(R) Adapter Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974} Manufacturer: Qualcomm Atheros Communications Service: BTHUSB Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/21/2015 10:34:05 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.4.1001, time stamp: 0x502d5a1d Faulting module name: IAStorUtil.ni.dll, version: 11.5.4.1001, time stamp: 0x502d5a19 Exception code: 0xc0000005 Fault offset: 0x0002f3fd Faulting process id: 0x1b08 Faulting application start time: 0xIAStorDataMgrSvc.exe0 Faulting application path: IAStorDataMgrSvc.exe1 Faulting module path: IAStorDataMgrSvc.exe2 Report Id: IAStorDataMgrSvc.exe3 Faulting package full name: IAStorDataMgrSvc.exe4 Faulting package-relative application ID: IAStorDataMgrSvc.exe5 Error: (07/21/2015 10:34:05 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: IAStorDataMgrSvc.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() at IAStorUtil.SystemDataModelListener.LoadSavedSystemState() at IAStorDataMgr.EventRelay.<Start>b__0(System.Object) at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (07/21/2015 09:45:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.4.1001, time stamp: 0x502d5a1d Faulting module name: IAStorUtil.ni.dll, version: 11.5.4.1001, time stamp: 0x502d5a19 Exception code: 0xc0000005 Fault offset: 0x0002f3fd Faulting process id: 0x12f4 Faulting application start time: 0xIAStorDataMgrSvc.exe0 Faulting application path: IAStorDataMgrSvc.exe1 Faulting module path: IAStorDataMgrSvc.exe2 Report Id: IAStorDataMgrSvc.exe3 Faulting package full name: IAStorDataMgrSvc.exe4 Faulting package-relative application ID: IAStorDataMgrSvc.exe5 Error: (07/21/2015 09:45:53 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: IAStorDataMgrSvc.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() at IAStorUtil.SystemDataModelListener.LoadSavedSystemState() at IAStorDataMgr.EventRelay.<Start>b__0(System.Object) at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() Error: (07/21/2015 09:42:48 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffeb367baf1 Faulting process id: 0x15ac Faulting application start time: 0xVCAgent.exe0 Faulting application path: VCAgent.exe1 Faulting module path: VCAgent.exe2 Report Id: VCAgent.exe3 Faulting package full name: VCAgent.exe4 Faulting package-relative application ID: VCAgent.exe5 Error: (07/21/2015 09:42:48 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: VCAgent.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunInternal(System.Windows.Window) at System.Windows.Application.Run() at VCAgent.App.Main() Error: (07/21/2015 09:24:43 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (07/21/2015 09:21:47 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (07/21/2015 08:25:50 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: IAStorDataMgrSvc.exe, version: 11.5.4.1001, time stamp: 0x502d5a1d Faulting module name: IAStorUtil.ni.dll, version: 11.5.4.1001, time stamp: 0x502d5a19 Exception code: 0xc0000005 Fault offset: 0x0002f3fd Faulting process id: 0x2148 Faulting application start time: 0xIAStorDataMgrSvc.exe0 Faulting application path: IAStorDataMgrSvc.exe1 Faulting module path: IAStorDataMgrSvc.exe2 Report Id: IAStorDataMgrSvc.exe3 Faulting package full name: IAStorDataMgrSvc.exe4 Faulting package-relative application ID: IAStorDataMgrSvc.exe5 Error: (07/21/2015 08:25:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: IAStorDataMgrSvc.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at IAStorUtil.SystemDataModelListener.ProcessSystemDataModelChanges() at IAStorUtil.SystemDataModelListener.LoadSavedSystemState() at IAStorDataMgr.EventRelay.<Start>b__0(System.Object) at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object) at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean) at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem() at System.Threading.ThreadPoolWorkQueue.Dispatch() at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback() System errors: ============= Error: (07/21/2015 10:34:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Intel(R) Rapid Storage Technology service terminated unexpectedly. It has done this 1 time(s). Error: (07/21/2015 10:34:01 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The Energy Server Service service terminated with the following error: %%268439612 Error: (07/21/2015 10:31:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: %%1056 Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Stardock Start8 service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 2000 milliseconds: Restart the service. Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Windows Presentation Foundation Font Cache 3.0.0.0 service terminated unexpectedly. It has done this 2 time(s). Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Microsoft Office Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (07/21/2015 10:30:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Intel(R) Capability Licensing Service Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service. Error: (07/21/2015 10:30:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The VCService service terminated unexpectedly. It has done this 1 time(s). Error: (07/21/2015 10:30:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The VUAgent service terminated unexpectedly. It has done this 1 time(s). Error: (07/21/2015 10:30:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Microsoft Office: ========================= Error: (07/01/2015 08:17:40 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash. Error: (05/29/2015 06:22:19 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 18 seconds with 0 seconds of active time. This session ended with a crash. Error: (05/13/2015 05:32:59 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 22 seconds with 0 seconds of active time. This session ended with a crash. Error: (05/02/2015 12:09:15 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time. This session ended with a crash. Error: (04/17/2015 09:08:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16 seconds with 0 seconds of active time. This session ended with a crash. Error: (04/12/2015 07:28:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 43 seconds with 0 seconds of active time. This session ended with a crash. Error: (12/08/2014 10:00:41 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash. Error: (11/04/2014 09:12:25 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14 seconds with 0 seconds of active time. This session ended with a crash. Error: (10/01/2014 10:47:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 41 seconds with 0 seconds of active time. This session ended with a crash. Error: (05/07/2014 10:11:55 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: ) Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23789 seconds with 3060 seconds of active time. This session ended with a crash. ==================== Memory info =========================== Processor: Intel(R) Core(TM) i5-3317U CPU @ 1.70GHz Percentage of memory in use: 71% Total physical RAM: 3975.27 MB Available physical RAM: 1118.2 MB Total Virtual: 5767.27 MB Available Virtual: 1876.99 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:435.67 GB) (Free:265.12 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: D3AA3DBD) Partition: GPT Partition Type. ======================================================== Disk: 1 (Size: 11.2 GB) (Disk ID: A27E6346) Partition: GPT Partition Type. ==================== End of log ============================ [/QUOTE]
Insert quotes…
Verification
Post reply
Top