essak
2016-08-20, 22:14
Hello:
I am not sure what happened to my computer, it kept dropping my signal for the internet. I installed the drivers for the wireless but still having trouble. Computer is slower than usual. please advice.
logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:30:42 PM, on 8/20/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kcrew\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sony.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - Global Startup: RealTimes.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: RealTimes Desktop Service - RealNetworks, Inc. - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 16013 bytes
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2016
Ran by Kcrew (administrator) on KCREW-VAIO (20-08-2016 14:26:21)
Running from C:\Users\Kcrew\Desktop
Loaded Profiles: Kcrew (Available Profiles: Kcrew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-23] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-23] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-22] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-07-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-08-16] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\Run: [Google Update] => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\Run: [BitComet] => "C:\Program Files\BitComet\BitComet.exe" /tray
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-16] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-18]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 64.233.217.2 64.233.217.3
Tcpip\..\Interfaces\{475A7B55-B1A1-4FD1-9E82-58748BE63774}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5E021114-5B8F-4D83-BF2B-C1F3F169A5E0}: [DhcpNameServer] 64.233.217.2 64.233.217.3
Internet Explorer:
==================
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-254052869-2685560785-2873597609-1001 -> DefaultScope {82F026E1-07F5-4EDB-B770-B372B66E839D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-254052869-2685560785-2873597609-1001 -> {82F026E1-07F5-4EDB-B770-B372B66E839D} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-16] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-23] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-16] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-03-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-03-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-07-18] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-07-18] (RealPlayer)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2011-10-07] (Sony Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kcrew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @talk.google.com/O1DPlugin -> C:\Users\Kcrew\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Kcrew\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kcrew\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-16]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR DefaultSearchURL: Profile 2 -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Profile 2 -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-07]
CHR Extension: (YouTube) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-07]
CHR Extension: (Google Search) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Make Passport/Visa/ID Photo) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjecobcbiglolnookbboflgeecppnolh [2014-04-07]
CHR Extension: (AdBlock) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-03]
CHR Extension: (Google Voice (by Google)) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]
CHR Extension: (Google Wallet) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-04]
CHR Extension: (Gmail) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-04]
CHR Profile: C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-06]
CHR Extension: (Google Docs) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-06]
CHR Extension: (Google Drive) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Google Sheets) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (AdBlock) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-17]
CHR Extension: (Skype Click to Call) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Profile: C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-25]
CHR Extension: (Google Docs) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-25]
CHR Extension: (Google Drive) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Google Search) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-18]
CHR Extension: (Google Sheets) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-25]
CHR Extension: (AdBlock) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-15]
CHR Extension: (Avast Online Security) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-02-23] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-16] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [112256 2012-03-21] (Atheros Communication Inc.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-03-13] (Intel Corporation)
S2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
S2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-07-18] (RealNetworks, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2011-09-23] (Sony Corporation) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-23] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [39704 2015-10-07] (Windows (R) Win 7 DDK provider)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-16] (AVAST Software)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [75584 2015-10-07] (ASUS Corporation)
R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [421664 2012-02-23] (Atheros)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-20 14:26 - 2016-08-20 14:28 - 00029776 _____ C:\Users\Kcrew\Desktop\FRST.txt
2016-08-20 14:26 - 2016-08-20 14:26 - 02396160 _____ (Farbar) C:\Users\Kcrew\Desktop\FRST64.exe
2016-08-20 14:24 - 2016-08-20 14:25 - 01745920 _____ (Farbar) C:\Users\Kcrew\Desktop\FRST.exe
2016-08-20 14:24 - 2016-08-20 14:24 - 00002235 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2016-08-20 14:24 - 2016-08-20 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-08-20 14:24 - 2016-08-20 14:24 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-08-20 14:23 - 2016-08-20 14:23 - 05575304 _____ (Tweaking.com) C:\Users\Kcrew\Desktop\tweaking.com_registry_backup_setup.exe
2016-08-20 13:50 - 2016-08-20 13:50 - 00000000 ___RD C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-08-19 22:42 - 2016-08-19 22:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kcrew\Desktop\HijackThis.exe
2016-08-19 22:33 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-19 22:31 - 2016-08-19 22:31 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-19 22:31 - 2016-08-19 22:31 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-19 22:31 - 2016-08-19 22:31 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-08-19 22:31 - 2016-08-19 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-19 22:30 - 2016-08-19 22:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-19 22:30 - 2016-08-19 22:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-19 22:30 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-08-19 22:29 - 2016-08-19 22:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Kcrew\Desktop\spybot-2.4.exe
2016-08-19 11:16 - 2016-08-20 13:50 - 00000346 _____ C:\Windows\Tasks\OrangeDefender.job
2016-08-19 11:16 - 2016-08-19 11:16 - 00003794 _____ C:\Windows\System32\Tasks\OrangeDefenderUpdate
2016-08-19 11:16 - 2016-08-19 11:16 - 00002620 _____ C:\Windows\System32\Tasks\OrangeDefender
2016-08-19 10:54 - 2016-08-19 10:54 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\Innovative Solutions
2016-08-19 10:53 - 2016-08-19 10:53 - 05718840 _____ (Innovative Solutions ) C:\Users\Kcrew\Desktop\drivermax.exe
2016-08-19 10:46 - 2016-08-19 22:33 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions
2016-08-19 10:46 - 2016-08-19 10:54 - 00000000 ____D C:\Users\Kcrew\AppData\Local\Innovative Solutions
2016-08-19 10:46 - 2016-08-19 10:54 - 00000000 ____D C:\ProgramData\Innovative Solutions
2016-08-19 10:46 - 2016-08-19 10:46 - 00000000 ____D C:\Users\Kcrew\Documents\My Drivers
2016-08-19 10:10 - 2016-08-19 22:01 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\BitComet
2016-08-19 10:09 - 2016-08-20 09:48 - 00000000 ____D C:\Program Files\BitComet
2016-08-19 09:59 - 2016-08-19 10:00 - 00000000 ____D C:\ProgramData\BSD
2016-08-19 09:59 - 2016-08-19 09:59 - 00000000 ____D C:\ProgramData\TweakBit
2016-08-19 09:58 - 2016-08-19 09:58 - 00401640 _____ (TweakBit) C:\Users\Kcrew\Desktop\driver-updater-setup.exe
2016-08-19 09:54 - 2016-08-19 09:54 - 02449376 _____ (Megaify Software ) C:\Users\Kcrew\Desktop\DriverToolkitInstaller.exe
2016-08-19 09:50 - 2016-08-19 09:50 - 00022200 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2016-08-19 09:50 - 2016-08-19 09:50 - 00000000 ____D C:\Users\Kcrew\AppData\Local\eSupport.com
2016-08-19 09:50 - 2016-08-19 09:50 - 00000000 ____D C:\Program Files (x86)\eSupport.com
2016-08-19 09:49 - 2016-08-19 09:50 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Kcrew\Desktop\driveragent-setup-1278.exe
2016-08-19 08:37 - 2016-08-19 21:59 - 00000000 ____D C:\Windows\system32\nn-NO
2016-08-19 08:36 - 2009-05-01 02:14 - 00000789 _____ C:\Windows\rsetup.iss
2016-08-19 08:31 - 2016-08-19 08:31 - 00000000 ____D C:\ProgramData\WLAN
2016-08-19 08:31 - 2009-05-01 02:14 - 00000589 _____ C:\Windows\dsetup.iss
2016-08-19 08:13 - 2016-08-19 22:32 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-08-19 08:13 - 2016-08-19 08:13 - 00000000 ____D C:\Users\Kcrew\AppData\Local\DriverToolkit
2016-08-18 00:59 - 2016-08-18 00:59 - 00159659 _____ C:\Users\Kcrew\Desktop\Examination Permit.pdf
2016-08-16 12:31 - 2016-08-16 12:31 - 00003894 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1471365055
2016-08-16 12:31 - 2016-08-16 12:31 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-16 12:30 - 2016-08-16 12:29 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-16 12:26 - 2016-08-16 12:26 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\AVAST Software
2016-08-16 12:26 - 2016-08-16 12:26 - 00000000 ____D C:\Users\Kcrew\AppData\Local\CEF
2016-08-16 12:24 - 2016-08-19 22:33 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-16 12:24 - 2016-08-16 12:24 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-16 12:24 - 2016-08-16 12:24 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-08-16 12:24 - 2016-08-16 12:24 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
2016-08-16 12:24 - 2016-08-16 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-08-16 12:23 - 2016-08-16 12:29 - 00000000 ____D C:\Program Files\AVAST Software
2016-08-16 11:33 - 2016-08-16 11:33 - 00000000 ____D C:\Users\Kcrew\AppData\Local\AvgSetupLog
2016-08-16 11:33 - 2016-08-16 11:33 - 00000000 ____D C:\Users\Kcrew\AppData\Local\Avg
2016-08-16 11:33 - 2016-08-16 11:33 - 00000000 ____D C:\ProgramData\Avg
2016-08-15 10:40 - 2016-08-15 10:41 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2016-08-09 18:35 - 2016-08-14 22:36 - 00000000 ____D C:\Users\Kcrew\AppData\Local\chromium
2016-08-09 18:34 - 2016-08-14 22:37 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\{719D4726-54CF-2A50-3FF9-0D82E32BF0BC}
2016-08-06 00:20 - 2016-08-06 00:20 - 00000000 ____D C:\Users\Kcrew\AppData\Local\{ECD9EF58-BF5F-4848-8DA6-55BF438D9975}
2016-08-05 12:20 - 2016-08-05 12:20 - 00000000 ____D C:\Users\Kcrew\AppData\Local\{0AC90CCF-DC32-4205-B90B-C7BA3632F502}
2016-08-01 09:49 - 2016-08-14 23:03 - 00000000 ____D C:\Windows\EOONotify
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-20 14:26 - 2015-07-27 17:02 - 00000000 ____D C:\FRST
2016-08-20 14:24 - 2015-07-27 16:55 - 00034624 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
2016-08-20 14:19 - 2014-04-08 10:09 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA.job
2016-08-20 14:18 - 2016-04-14 16:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-20 14:00 - 2009-07-14 00:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-20 14:00 - 2009-07-14 00:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-20 13:57 - 2009-07-14 01:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-20 13:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-08-20 13:53 - 2016-07-20 06:37 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-08-20 13:50 - 2016-07-20 11:13 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-08-20 13:50 - 2016-04-14 16:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-20 13:50 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-20 08:45 - 2014-04-08 10:09 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core.job
2016-08-19 22:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-19 22:42 - 2014-04-06 05:45 - 00000000 ____D C:\Users\Kcrew\AppData\Local\VirtualStore
2016-08-19 22:17 - 2014-04-06 05:46 - 00000000 ____D C:\Users\Kcrew\Documents\Bluetooth Folder
2016-08-19 22:00 - 2014-04-06 03:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-19 09:59 - 2009-07-13 22:34 - 00000541 _____ C:\Windows\win.ini
2016-08-18 01:01 - 2016-04-14 17:08 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-18 01:00 - 2014-04-08 10:09 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA
2016-08-18 01:00 - 2014-04-08 10:09 - 00003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core
2016-08-18 00:59 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-16 23:54 - 2016-04-14 16:28 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-16 23:54 - 2016-04-14 16:28 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-16 23:41 - 2014-08-02 00:11 - 00000000 ____D C:\Users\Kcrew\Desktop\Clinicals
2016-08-16 16:13 - 2015-10-01 19:53 - 00000023 _____ C:\Windows\Model.txt
2016-08-16 12:29 - 2015-01-21 21:03 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-16 12:23 - 2016-04-14 15:41 - 00407846 _____ C:\Windows\ntbtlog.txt
2016-08-16 11:02 - 2015-01-21 15:35 - 00000000 ____D C:\Users\Kcrew\AppData\Local\ElevatedDiagnostics
2016-08-15 11:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-08-15 11:12 - 2015-10-01 19:52 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\iolo
2016-08-15 10:35 - 2014-04-06 05:42 - 00000000 ____D C:\Users\Kcrew
2016-08-15 10:32 - 2015-12-09 04:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-15 10:32 - 2015-07-19 17:24 - 00000000 ____D C:\Update
2016-08-15 10:32 - 2015-04-11 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-08-15 10:32 - 2015-04-11 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2016-08-15 10:32 - 2014-04-06 13:09 - 00000000 ____D C:\Windows\AutoKMS
2016-08-15 10:32 - 2014-04-06 12:57 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-08-15 10:32 - 2014-04-06 12:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-15 10:32 - 2014-04-06 03:51 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-08-15 10:32 - 2014-04-06 03:23 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2016-08-15 10:32 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-08-15 10:31 - 2014-04-06 05:43 - 00000000 ____D C:\Windows\pss
2016-08-15 10:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2016-08-15 10:24 - 2014-04-06 03:42 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-15 10:23 - 2014-04-06 12:49 - 00000000 __RHD C:\MSOCache
2016-08-14 23:03 - 2009-07-13 23:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-14 23:03 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-08-05 12:20 - 2014-04-06 02:59 - 00000000 ____D C:\Users\Kcrew\AppData\Local\CrashDumps
2016-07-28 20:56 - 2014-04-06 15:11 - 00000000 ____D C:\Users\Kcrew\Desktop\Kadiri Group
2016-07-28 20:55 - 2015-02-19 13:50 - 00000000 ____D C:\Users\Kcrew\Documents\Outlook Files
2016-07-26 22:50 - 2016-02-26 15:33 - 00000000 ____D C:\Users\Kcrew\Desktop\Cases and Presentation
2016-07-26 22:46 - 2014-04-06 10:36 - 00000000 ____D C:\Users\Kcrew\AppData\Local\Deployment
==================== Files in the root of some directories =======
2014-04-06 20:38 - 2014-04-06 20:38 - 0017408 _____ () C:\Users\Kcrew\AppData\Local\WebpageIcons.db
2015-12-31 11:44 - 2015-12-31 11:44 - 0000000 _____ () C:\Users\Kcrew\AppData\Local\{84AE7A03-0A68-4279-B234-69247D99A514}
Some files in TEMP:
====================
C:\Users\Kcrew\AppData\Local\Temp\GLF1434.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF15.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF185B.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF1954.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2077.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2254.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2AC4.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2ACE.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2C63.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2C99.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2E3A.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2FE0.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF303B.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF3ECF.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF444B.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF4620.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF5008.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF51CD.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF5400.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF55C5.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF69C8.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF6F5E.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7020.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF71F9.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7B71.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7FD3.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7FDF.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF83EA.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF8988.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF8AE0.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF957F.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF9919.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFA79F.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFA8F7.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFB38A.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFBD99.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFBF83.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFD823.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFD8B6.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFDDF5.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFE0AA.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFE55C.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFF6C1.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFFC8C.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFFE6F.EXE
C:\Users\Kcrew\AppData\Local\Temp\GUR6A4C.exe
C:\Users\Kcrew\AppData\Local\Temp\lowproc.exe
C:\Users\Kcrew\AppData\Local\Temp\pslist.exe
C:\Users\Kcrew\AppData\Local\Temp\SCC.dll
C:\Users\Kcrew\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kcrew\AppData\Local\Temp\stubhelper.dll
C:\Users\Kcrew\AppData\Local\Temp\{907231D9-0357-4739-A8AB-253485178CB3}-GoogleUpdateSetup.exe
C:\Users\Kcrew\AppData\Local\Temp\{FDD985CE-F4BB-42CC-9D3E-241EF2EAAA64}-GoogleUpdateSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-16 10:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2016
Ran by Kcrew (20-08-2016 14:28:52)
Running from C:\Users\Kcrew\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-04-06 09:42:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-254052869-2685560785-2873597609-500 - Administrator - Disabled)
Guest (S-1-5-21-254052869-2685560785-2873597609-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-254052869-2685560785-2873597609-1002 - Limited - Enabled)
Kcrew (S-1-5-21-254052869-2685560785-2873597609-1001 - Administrator - Enabled) => C:\Users\Kcrew
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
ACID Music Studio 8.0 (x32 Version: 8.0.178 - Sony) Hidden
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.161 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.3.9 - ASUS)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.125 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2279 - AVAST Software)
Brother MFL-Pro Suite HL-2280DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Architect Studio 5.0 (x32 Version: 5.0.157 - Sony) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard_Shortcuts (x32 Version: 1.1.0.12190 - Sony Corporation) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Media Gallery (HKLM\...\{0EB7792D-EFA2-42AB-9A22-F33D9458E974}) (Version: 2.1.0.13300 - Sony Corporation)
Media Go (x32 Version: 2.0.317 - Sony) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PlayMemories Home (x32 Version: 6.1.01.14210 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Network Downloader (x32 Version: 2.07.00849 - Sony Computer Entertainment Inc.) Hidden
PlayStation(R)Store (x32 Version: 4.5.15.13232 - Sony Computer Entertainment Inc.) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.1 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{E727B31A-8B24-4C1C-934A-69634E0D2C0B}) (Version: 3.0 - Qualcomm Atheros)
Reader for PC (x32 Version: 1.1.02.10070 - Sony Corporation) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.91 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Remote Play with PlayStation(R)3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Snapshot Viewer (HKLM-x32\...\Snapshot Viewer) (Version: - )
Sound Forge Audio Studio 10.0 (x32 Version: 10.0.176 - Sony) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
TrackID(TM) with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corportaion) Hidden
TriDef 3D (Sony) 2.0.5 (HKLM-x32\...\experience-sony-bundle) (Version: 2.0.5 - Dynamic Digital Depth Australia Pty Ltd)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.0 - Tweaking.com)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
V3DPx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM\...\{34EB42BE-F4D3-44C1-B28E-9740115DB72C}) (Version: 1.0.00.01300 - Sony Corporation)
VAIO - PlayMemories Home Plug-in (HKLM\...\{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}) (Version: 2.0.00.14200 - Sony Corporation)
VAIO - Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
VAIO - Remote Keyboard with PlayStation®3 (x32 Version: 1.2.0.09210 - Sony Corporation) Hidden
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden
VAIO - TrackID™ with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
VAIO 3D Portal (x32 Version: 1.2.0.10131 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{28D70998-F9F8-4F4B-BB1D-64C11123C01B}) (Version: 8.4.5.06021 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (x32 Version: 5.2.1.15070 - Sony Corporation) Hidden
VAIO CPU Fan Diagnostic (x32 Version: 1.1.0.09200 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.9.0.13190 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.5.2.02090 - Sony Corporation) Hidden
VAIO Gesture Control (x32 Version: 1.0.0.12300 - Sony Corporation) Hidden
VAIO Help and Support (x32 Version: 17.00.0109 - Sony Corporation) Hidden
VAIO Improvement (x32 Version: 1.3.0.12280 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 2.3.0.12300 - Sony Corporation) Hidden
VAIO OOBE (x32 Version: 12.2.1.2483 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (x32 Version: 3.14.1.07010 - Sony Corporation) Hidden
VAIO Transfer Support (x32 Version: 1.7.1.06040 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Movie Studio HD Platinum 11.0 (x32 Version: 11.0.256 - Sony) Hidden
VHD (x32 Version: 1.0.0 - Microsoft) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - ASUS Tek. Corporation (ATP) Mouse (07/27/2015 7.0.0.7) (HKLM\...\A877FD5856151D202B724718A4F58CF0089A558C) (Version: 07/27/2015 7.0.0.7 - ASUS Tek. Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {024384FE-A0FD-4ACF-BF61-16103C56008F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.)
Task: {0D4808FF-FC3B-4BAF-9DD9-D773CBB23B5E} - System32\Tasks\{93CB4708-C384-428F-8E2E-7AAFA34B2F5D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.0.102/en/abandoninstall?page=tsProgressBar
Task: {12152107-71D8-4C5D-9D07-3265DB1E856A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-06] ()
Task: {173F5620-6968-4DCA-B602-513D78AA419D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19157A47-9C19-4449-93A5-9867F31E49DC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2099BF3E-CE1B-46E3-8174-ADF391ABB3C4} - System32\Tasks\OrangeDefender => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
Task: {2772E82F-8D78-4FD4-BB82-3966303BD53D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {343ABC37-3926-41C1-9E00-815B46CE41C0} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {545A7387-B090-4294-AC35-E2615BF68B73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.)
Task: {548E7314-58B5-42F0-A6A5-39AFDCDE339D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {570C9329-C60E-4571-9F4D-DB81358B6DBB} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {644D7164-CEBA-4D2D-8E34-F32C9E1730E5} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-12-27] (Sony Corporation)
Task: {6A9BBAB9-0C25-454F-A42B-F6EEFB22D92A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2016-03-18] (Sony Corporation)
Task: {6EB9D06C-FFE6-4719-B75B-0458FE5DA8BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {71A9817F-6AB3-42FB-9EA8-6ADD8378212B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2011-12-27] (Sony Corporation)
Task: {71D82306-0BBA-4073-832C-B5CA9C5F3081} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {77836041-3D33-4AE3-B189-340762B2883D} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2012-03-20] ()
Task: {79D17DF9-C8BA-4717-8A66-7FE52A5BA85F} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation)
Task: {81D5B12E-3A66-4DF5-94D7-3040D314E6FB} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2016-05-30] (Sony Corporation)
Task: {84741006-1A18-4F0F-B34B-41EEC28E2E5F} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {85489418-E76A-45D6-A5B6-A980FA11758A} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2016-05-30] (Sony Corporation)
Task: {8BF72306-9D29-4644-8262-7D9E3D762829} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-03-07] (Sony Corporation)
Task: {949E7AD2-B164-4C56-BF89-93E5C243D0B8} - System32\Tasks\SafeZone scheduled Autoupdate 1471365055 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {963A6501-BE31-441D-855C-B1CEC92EE014} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation)
Task: {96658046-D01E-416E-9036-594D8BAAC48E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {98FD05B2-5908-478C-A379-880C27936924} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {9AC1BF82-9DCE-435D-ACC6-F8A5B3D9EB13} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {9C128120-6059-47D7-BA96-5BF04F651E15} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {9C3B2DF2-CD0B-41F3-97FA-C80A4CF475E0} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {9E5C027C-0D26-4CC4-9524-D45C47922D00} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {9F1DDB75-5321-491F-A7A8-873CAC452CD5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-254052869-2685560785-2873597609-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {A4368EA6-BFD7-4879-B9C1-DE1E5A1A8B90} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation)
Task: {BCA90A3F-B3DB-4D99-AD1A-836F49FE45A8} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-02-24] (Sony Corporation)
Task: {BCDE83ED-4E70-4592-AF6C-775FE1897DF0} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {BD4FDF67-1176-4F1F-A93B-2C0B46BC2F49} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-10-07] (AsusTek)
Task: {C79FF2A7-BD58-4C3E-9775-74C4C53DE1BB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-254052869-2685560785-2873597609-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {CE4D7EE0-4E1D-4793-B90C-9383B06F945B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-03-07] (Sony Corporation)
Task: {D1CEB8F3-4658-4B38-A138-367D4353B95D} - System32\Tasks\OrangeDefenderUpdate => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\updAvTask.exe
Task: {D6C30D3F-20C3-416E-AA14-DB134579E5D4} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {D8900CA0-A312-4877-B339-E288B30815BF} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2016-03-24] (Sony Corporation)
Task: {DA9EF13A-4523-44AC-A56B-C090AC11CECC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {DAD6E793-ED25-4E62-86E3-629B7B2B7211} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation)
Task: {E0AA30ED-D45A-429F-BB93-B654D2B6FCF3} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net [Argument = start VSNService]
Task: {E603792E-9D9C-4D8E-9FE3-29C688EF4CB2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {E6FD5D04-A52B-4CCD-8DC0-B1CB140FDD24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F19E84BF-10B4-4CBD-9D50-64F9D2922FCA} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {FA25DD64-CCC3-46E7-8F0F-A7DCB96618AA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core.job => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA.job => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OrangeDefender.job => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UWorld SimExam\UWorld SimExam.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.uworld.com/Clients/simclient.jnlp "C:\Users\Kcrew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\414cfaaa-21d075ab"
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UWorld Qbank\UWorld Qbank.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.uworld.com/clients/QbankClient.jnlp "C:\Users\Kcrew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4c0ff0eb-73859080"
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2016-06-14 13:37 - 2016-06-14 13:37 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-06 03:13 - 2012-03-13 12:01 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-03-14 16:54 - 2012-03-14 03:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-26 09:18 - 2005-04-22 00:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2012-03-20 16:43 - 2012-03-20 16:43 - 00477816 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
2016-07-05 18:18 - 2016-07-05 18:18 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2016-08-16 12:24 - 2016-08-16 12:24 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-20 08:39 - 2016-08-20 08:39 - 03015680 _____ () C:\Program Files\AVAST Software\Avast\defs\16082000\algo.dll
2016-08-16 12:24 - 2016-08-16 12:24 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2014-06-26 09:18 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-07-18 20:19 - 2016-07-18 20:19 - 00096136 _____ () C:\Program Files (x86)\Real\RealPlayer\CrashRpt\CrashRpt1402.dll
2016-07-18 20:18 - 2016-07-18 20:18 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll
2016-08-16 12:24 - 2016-08-16 12:24 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-08-19 22:30 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-08-19 22:30 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-08-19 22:30 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-06 04:08 - 2012-03-07 21:57 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2012-03-20 16:43 - 2012-03-20 16:43 - 00160376 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll
2012-03-20 16:43 - 2012-03-20 16:43 - 00026744 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
2016-06-14 13:38 - 2016-06-14 13:38 - 08909504 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-08-19 22:30 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-08-19 22:30 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-08-18 01:01 - 2016-08-02 20:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-18 01:01 - 2016-08-02 20:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-05-28 15:51 - 2016-05-28 15:51 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2014-04-06 03:17 - 2011-11-29 23:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-06 03:13 - 2012-03-13 12:02 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-07-18 20:18 - 2016-07-18 20:18 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.233.217.2 - 64.233.217.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A7B04575-8D06-4200-B5C5-D2A0FF123DAC}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{2FE5A5F4-BFA9-4490-A5F1-DDBDB4F84F48}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{E21F4FDE-8E7C-4BC5-AD96-1097A109D57D}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{412B7C76-57CF-4A52-9F4B-72A9906F8088}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{AF8C3C91-69F3-4556-AB99-2922A2065B72}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{5C5697B7-9FB5-4EE2-BAC8-A70C05622424}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0AC3B73D-3862-46AC-8581-6D78191EB695}] => (Allow) LPort=2869
FirewallRules: [{186F64DE-39F4-4B8C-8306-7979C6A66518}] => (Allow) LPort=1900
FirewallRules: [{8D48798A-6512-41F0-B4A0-9D93FBFCACAD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EABA1C0A-BD7B-4F3B-A472-86C8F246DD6B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{62EE71A5-260B-4715-8951-6EA207249D04}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{243F822C-FDB6-4ED5-8629-D16BB585C578}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{08CDFE24-892A-4600-8431-11ACD8C0FF1F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{44963875-423E-4998-ADB1-D831E83891BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E86276F9-F9F8-4859-BB6D-9B1E80F363DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4AE64553-C069-44A9-B36D-C704C7D5EF5D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AB857FA6-B248-496F-89D4-E3F5D4FE53C6}] => (Allow) LPort=54925
FirewallRules: [{7B643FF0-E6F9-4438-9C9B-7CF25E56370F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FEBB1B1E-F0E9-4647-90C5-CEDBF85EE093}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{61932444-6F24-4B20-B714-F4D18BDDDD73}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{26EA78DA-32BD-472E-A0B0-A286951B2A38}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E1D422B7-DA47-41C8-9A2F-145AA1C169F7}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C762732B-3B1C-4942-AD80-E8F879838BD8}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{37F9651E-35AF-4293-95B3-995D4E6A30B2}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F5E3DF6C-F63B-43D2-B0F5-92CC27ACF3D8}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF382707-EFB9-4677-BF9C-B90AED5A217A}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65D37226-3F26-4A8D-BB46-EC5B61E5F4DF}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{44E1ECC1-CA97-4942-A0B7-445589649C99}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [UDP Query User{5CA0B896-D92A-4EB2-8D27-5A0C13B4AB84}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [TCP Query User{588E75BE-5152-457A-8586-75CB51E8A30D}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [UDP Query User{795FCF92-3BD4-4418-9F84-45BC9AF1493A}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [{92F0ACB9-848E-49A2-B299-05DED4B3DD68}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{C087F728-24B8-46CE-A3E8-12CC3DEBDAC9}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{5C030088-9168-4147-A085-1A3642D919FB}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{7BA064AD-7EE2-459A-9209-E418D9FE3E2D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{BF494585-8301-43D7-842E-B6F050EB16F7}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{F538B2D8-3B1D-4F41-AF9A-1E10147BAD7C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{B984D8E3-A6E5-45B0-9A19-4D8A272183FB}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{96693108-B645-487D-B170-8B1507E4B727}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{77959974-DEFB-4486-9828-0890A5BB382C}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{E4F16916-C256-4D50-8F2C-73AA9E99D330}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{CC4FB5AB-347E-496E-A218-A9AED42460AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
13-08-2016 00:53:11 Windows Update
13-08-2016 03:00:14 Windows Update
14-08-2016 22:49:55 Restore Operation
19-08-2016 08:31:46 Installed Atheros WLAN Client
19-08-2016 10:49:11 Installed Atheros WLAN Client
19-08-2016 21:57:20 Removed Atheros WLAN Client
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/20/2016 01:51:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2016 09:49:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 12:45:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program VAIO Gate.exe version 2.4.1.9230 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 9a4
Start Time: 01d1fa2b411e85d2
Termination Time: 727
Application Path: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
Report Id: 5ec0a930-662c-11e6-9c55-30f9edb4a6ea
Error: (08/19/2016 11:06:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 09:44:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 09:16:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 08:44:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 08:02:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2016 11:20:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.23418 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 9f8
Start Time: 01d1f8345835ff4b
Termination Time: 1924
Application Path: C:\Windows\Explorer.EXE
Report Id: 4ddde596-6429-11e6-85eb-08edb9cefb02
Error: (08/16/2016 11:15:09 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2016/08/16 23:15:09.160]: [00001108]: Initialize TwdsMain Class failed!
System errors:
=============
Error: (08/20/2016 02:18:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Oasis2Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/20/2016 02:18:23 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.124.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.
Error: (08/20/2016 01:52:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Oasis2Service service hung on starting.
Error: (08/20/2016 01:52:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (08/20/2016 01:52:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (08/20/2016 01:51:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (08/20/2016 01:51:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (08/20/2016 09:50:57 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Oasis2Service service hung on starting.
Error: (08/20/2016 09:50:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (08/20/2016 09:50:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3996.36 MB
Available physical RAM: 1800.45 MB
Total Virtual: 7990.9 MB
Available Virtual: 4813.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446.92 GB) (Free:85.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 348E3643)
Partition 1: (Not Active) - (Size=18.5 GB) - (Type=27)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-08-20 14:33:34
-----------------------------
14:33:34.612 OS Version: Windows x64 6.1.7601 Service Pack 1
14:33:34.612 Number of processors: 4 586 0x2A07
14:33:34.614 ComputerName: KCREW-VAIO UserName: Kcrew
14:33:36.424 Initialize success
14:33:36.449 VM: initialized successfully
14:33:36.451 VM: Intel CPU BiosDisabled
14:33:45.350 AVAST engine defs: 16082000
14:33:49.648 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:33:49.650 Disk 0 Vendor: HGST_HTS GG2O Size: 476940MB BusType: 3
14:33:49.799 Disk 0 MBR read successfully
14:33:49.802 Disk 0 MBR scan
14:33:49.826 Disk 0 Windows 7 default MBR code
14:33:49.841 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18940 MB offset 2048
14:33:49.853 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 38791168
14:33:49.858 Disk 0 default boot code
14:33:49.872 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 457648 MB offset 39507968
14:33:49.993 Disk 0 scanning C:\Windows\system32\drivers
14:34:08.934 Service scanning
14:34:58.905 Modules scanning
14:34:58.916 Disk 0 trace - called modules:
14:34:58.943 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:34:58.949 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a544060]
14:34:58.955 3 CLASSPNP.SYS[fffff88001cfc43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d52050]
14:34:59.846 AVAST engine scan C:\Windows
14:35:02.446 AVAST engine scan C:\Windows\system32
14:39:08.968 AVAST engine scan C:\Windows\system32\drivers
14:39:30.212 AVAST engine scan C:\Users\Kcrew
15:08:58.946 Disk 0 MBR has been saved successfully to "C:\Users\Kcrew\Desktop\MBR.dat"
15:08:58.946 The log file has been saved successfully to "C:\Users\Kcrew\Desktop\aswMBR.txt"
I am not sure what happened to my computer, it kept dropping my signal for the internet. I installed the drivers for the wireless but still having trouble. Computer is slower than usual. please advice.
logfile of Trend Micro HijackThis v2.0.5
Scan saved at 2:30:42 PM, on 8/20/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18377)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kcrew\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sony.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll
O2 - BHO: IESpeakDoc - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
O4 - HKLM\..\Run: [PMBVolumeWatcher] c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"
O4 - Global Startup: RealTimes.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office15\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - (no file)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: DCDhcpService - Atheros Communication Inc. - C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - c:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) ME Service - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Oasis2Service - Digital Delivery Networks, Inc. - C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: RealTimes Desktop Service - RealNetworks, Inc. - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: CamMonitor (uCamMonitor) - ArcSoft, Inc. - C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\VUAgent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAtheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
--
End of file - 16013 bytes
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20-08-2016
Ran by Kcrew (administrator) on KCREW-VAIO (20-08-2016 14:26:21)
Running from C:\Users\Kcrew\Desktop
Loaded Profiles: Kcrew (Available Profiles: Kcrew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Registry Backup\TweakingRegistryBackup.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1156712 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1020576 2012-02-23] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-02-23] (Atheros Commnucations)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-03-13] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2011-11-29] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-22] (Intel Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [693608 2012-02-21] (Sony Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [293768 2016-07-18] (RealNetworks, Inc.)
HKLM-x32\...\Run: [RealDownloader] => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [714992 2016-07-05] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9103976 2016-08-16] (AVAST Software)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\Run: [Google Update] => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-30] (Google Inc.)
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\Run: [BitComet] => "C:\Program Files\BitComet\BitComet.exe" /tray
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-16] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealTimes.lnk [2016-07-18]
ShortcutTarget: RealTimes.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpsystray.exe (RealNetworks, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 64.233.217.2 64.233.217.3
Tcpip\..\Interfaces\{475A7B55-B1A1-4FD1-9E82-58748BE63774}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{5E021114-5B8F-4D83-BF2B-C1F3F169A5E0}: [DhcpNameServer] 64.233.217.2 64.233.217.3
Internet Explorer:
==================
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony.msn.com
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-254052869-2685560785-2873597609-1001 -> DefaultScope {82F026E1-07F5-4EDB-B770-B372B66E839D} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-254052869-2685560785-2873597609-1001 -> {82F026E1-07F5-4EDB-B770-B372B66E839D} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll [2016-05-13] (RealDownloader)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-08-16] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2014-01-23] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll => No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2016-05-13] (RealDownloader)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-02-23] (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-08-16] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2014-01-22] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2016-05-17] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-03-13] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-03-13] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-18] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @playstation.com/PsndlCheck,version=1.00 -> C:\Program Files (x86)\Sony\PLAYSTATION Network Downloader\nppsndl.dll [2011-08-03] (Sony Computer Entertainment Inc.)
FF Plugin-x32: @real.com/nppl3260;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2016-07-18] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=18.1.4.135 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2016-07-18] (RealPlayer)
FF Plugin-x32: @sony.com/ReaderDesktop -> C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll [2011-10-07] (Sony Corporation)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll [2011-08-02] (Sony Network Entertainment International LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Kcrew\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @talk.google.com/O1DPlugin -> C:\Users\Kcrew\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-254052869-2685560785-2873597609-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-18] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-11-18] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Users\Kcrew\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Kcrew\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-16]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-16]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
Chrome:
=======
CHR DefaultSearchURL: Profile 2 -> hxxp://srch.bar/{searchTerms}
CHR DefaultSuggestURL: Profile 2 -> hxxp://srch.bar/?s={searchTerms}
CHR Profile: C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-07]
CHR Extension: (Google Drive) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-07]
CHR Extension: (YouTube) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-07]
CHR Extension: (Google Search) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-06]
CHR Extension: (Make Passport/Visa/ID Photo) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjecobcbiglolnookbboflgeecppnolh [2014-04-07]
CHR Extension: (AdBlock) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-03]
CHR Extension: (Google Voice (by Google)) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcnhkahnjcbndmmehfkdnkjomaanaooo [2014-04-06]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-06]
CHR Extension: (Google Wallet) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-04]
CHR Extension: (Gmail) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-04]
CHR Profile: C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-06]
CHR Extension: (Google Docs) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-06]
CHR Extension: (Google Drive) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Google Search) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Google Sheets) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-06]
CHR Extension: (Google Docs Offline) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-07]
CHR Extension: (AdBlock) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-10-17]
CHR Extension: (Skype Click to Call) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-10-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-29]
CHR Extension: (Gmail) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-31]
CHR Profile: C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Slides) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-25]
CHR Extension: (Google Docs) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-25]
CHR Extension: (Google Drive) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-25]
CHR Extension: (Google Search) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28]
CHR Extension: (Avast SafePrice) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2016-08-18]
CHR Extension: (Google Sheets) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-25]
CHR Extension: (AdBlock) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-08-15]
CHR Extension: (Avast Online Security) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-08-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-14]
CHR Extension: (Gmail) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-25]
CHR Extension: (Chrome Media Router) - C:\Users\Kcrew\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-08-19]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-02-23] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-08-16] (AVAST Software)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [112256 2012-03-21] (Atheros Communication Inc.) [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-03-13] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-03-13] (Intel Corporation)
S2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
R2 PMBDeviceInfoProvider; c:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [473960 2012-02-21] (Sony Corporation)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [32544 2016-05-13] ()
S2 RealTimes Desktop Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1095440 2016-07-18] (RealNetworks, Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 Sony SCSI Helper Service; C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe [73728 2011-09-23] (Sony Corporation) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [960160 2011-12-29] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-02-23] (Atheros) [File not signed]
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R3 AsusVBus; C:\Windows\System32\DRIVERS\AsusVBus.sys [39704 2015-10-07] (Windows (R) Win 7 DDK provider)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-16] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-16] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-16] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969560 2016-08-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-16] (AVAST Software)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [75584 2015-10-07] (ASUS Corporation)
R3 BTATH_VDP; C:\Windows\System32\drivers\btath_vdp.sys [421664 2012-02-23] (Atheros)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-20 14:26 - 2016-08-20 14:28 - 00029776 _____ C:\Users\Kcrew\Desktop\FRST.txt
2016-08-20 14:26 - 2016-08-20 14:26 - 02396160 _____ (Farbar) C:\Users\Kcrew\Desktop\FRST64.exe
2016-08-20 14:24 - 2016-08-20 14:25 - 01745920 _____ (Farbar) C:\Users\Kcrew\Desktop\FRST.exe
2016-08-20 14:24 - 2016-08-20 14:24 - 00002235 _____ C:\Users\Public\Desktop\Tweaking.com - Registry Backup.lnk
2016-08-20 14:24 - 2016-08-20 14:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2016-08-20 14:24 - 2016-08-20 14:24 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2016-08-20 14:23 - 2016-08-20 14:23 - 05575304 _____ (Tweaking.com) C:\Users\Kcrew\Desktop\tweaking.com_registry_backup_setup.exe
2016-08-20 13:50 - 2016-08-20 13:50 - 00000000 ___RD C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2016-08-19 22:42 - 2016-08-19 22:42 - 00388608 _____ (Trend Micro Inc.) C:\Users\Kcrew\Desktop\HijackThis.exe
2016-08-19 22:33 - 2015-07-28 17:52 - 00821920 _____ (Safer-Networking Ltd. ) C:\Users\Public\Desktop\Post Win10 Spybot-install.exe
2016-08-19 22:31 - 2016-08-19 22:31 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-08-19 22:31 - 2016-08-19 22:31 - 00001379 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-08-19 22:31 - 2016-08-19 22:31 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
2016-08-19 22:31 - 2016-08-19 22:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-08-19 22:30 - 2016-08-19 22:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-08-19 22:30 - 2016-08-19 22:31 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-08-19 22:30 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2016-08-19 22:29 - 2016-08-19 22:30 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Kcrew\Desktop\spybot-2.4.exe
2016-08-19 11:16 - 2016-08-20 13:50 - 00000346 _____ C:\Windows\Tasks\OrangeDefender.job
2016-08-19 11:16 - 2016-08-19 11:16 - 00003794 _____ C:\Windows\System32\Tasks\OrangeDefenderUpdate
2016-08-19 11:16 - 2016-08-19 11:16 - 00002620 _____ C:\Windows\System32\Tasks\OrangeDefender
2016-08-19 10:54 - 2016-08-19 10:54 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\Innovative Solutions
2016-08-19 10:53 - 2016-08-19 10:53 - 05718840 _____ (Innovative Solutions ) C:\Users\Kcrew\Desktop\drivermax.exe
2016-08-19 10:46 - 2016-08-19 22:33 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions
2016-08-19 10:46 - 2016-08-19 10:54 - 00000000 ____D C:\Users\Kcrew\AppData\Local\Innovative Solutions
2016-08-19 10:46 - 2016-08-19 10:54 - 00000000 ____D C:\ProgramData\Innovative Solutions
2016-08-19 10:46 - 2016-08-19 10:46 - 00000000 ____D C:\Users\Kcrew\Documents\My Drivers
2016-08-19 10:10 - 2016-08-19 22:01 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\BitComet
2016-08-19 10:09 - 2016-08-20 09:48 - 00000000 ____D C:\Program Files\BitComet
2016-08-19 09:59 - 2016-08-19 10:00 - 00000000 ____D C:\ProgramData\BSD
2016-08-19 09:59 - 2016-08-19 09:59 - 00000000 ____D C:\ProgramData\TweakBit
2016-08-19 09:58 - 2016-08-19 09:58 - 00401640 _____ (TweakBit) C:\Users\Kcrew\Desktop\driver-updater-setup.exe
2016-08-19 09:54 - 2016-08-19 09:54 - 02449376 _____ (Megaify Software ) C:\Users\Kcrew\Desktop\DriverToolkitInstaller.exe
2016-08-19 09:50 - 2016-08-19 09:50 - 00022200 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2016-08-19 09:50 - 2016-08-19 09:50 - 00000000 ____D C:\Users\Kcrew\AppData\Local\eSupport.com
2016-08-19 09:50 - 2016-08-19 09:50 - 00000000 ____D C:\Program Files (x86)\eSupport.com
2016-08-19 09:49 - 2016-08-19 09:50 - 01225680 _____ (Copyright © 2015 eSupport.com, Inc • All Rights Reserved ) C:\Users\Kcrew\Desktop\driveragent-setup-1278.exe
2016-08-19 08:37 - 2016-08-19 21:59 - 00000000 ____D C:\Windows\system32\nn-NO
2016-08-19 08:36 - 2009-05-01 02:14 - 00000789 _____ C:\Windows\rsetup.iss
2016-08-19 08:31 - 2016-08-19 08:31 - 00000000 ____D C:\ProgramData\WLAN
2016-08-19 08:31 - 2009-05-01 02:14 - 00000589 _____ C:\Windows\dsetup.iss
2016-08-19 08:13 - 2016-08-19 22:32 - 00000000 ____D C:\Program Files (x86)\DriverToolkit
2016-08-19 08:13 - 2016-08-19 08:13 - 00000000 ____D C:\Users\Kcrew\AppData\Local\DriverToolkit
2016-08-18 00:59 - 2016-08-18 00:59 - 00159659 _____ C:\Users\Kcrew\Desktop\Examination Permit.pdf
2016-08-16 12:31 - 2016-08-16 12:31 - 00003894 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1471365055
2016-08-16 12:31 - 2016-08-16 12:31 - 00001043 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-16 12:30 - 2016-08-16 12:29 - 00037144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2016-08-16 12:26 - 2016-08-16 12:26 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\AVAST Software
2016-08-16 12:26 - 2016-08-16 12:26 - 00000000 ____D C:\Users\Kcrew\AppData\Local\CEF
2016-08-16 12:24 - 2016-08-19 22:33 - 00000000 ____D C:\Program Files\Common Files\AV
2016-08-16 12:24 - 2016-08-16 12:24 - 00969560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00513496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00391496 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2016-08-16 12:24 - 2016-08-16 12:24 - 00292704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00108816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00103064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00074544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00053208 _____ (AVAST Software) C:\Windows\avastSS.scr
2016-08-16 12:24 - 2016-08-16 12:24 - 00037656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2016-08-16 12:24 - 2016-08-16 12:24 - 00000350 ____H C:\Windows\Tasks\avast! Emergency Update.job
2016-08-16 12:24 - 2016-08-16 12:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2016-08-16 12:23 - 2016-08-16 12:29 - 00000000 ____D C:\Program Files\AVAST Software
2016-08-16 11:33 - 2016-08-16 11:33 - 00000000 ____D C:\Users\Kcrew\AppData\Local\AvgSetupLog
2016-08-16 11:33 - 2016-08-16 11:33 - 00000000 ____D C:\Users\Kcrew\AppData\Local\Avg
2016-08-16 11:33 - 2016-08-16 11:33 - 00000000 ____D C:\ProgramData\Avg
2016-08-15 10:40 - 2016-08-15 10:41 - 00001141 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2016-08-09 18:35 - 2016-08-14 22:36 - 00000000 ____D C:\Users\Kcrew\AppData\Local\chromium
2016-08-09 18:34 - 2016-08-14 22:37 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\{719D4726-54CF-2A50-3FF9-0D82E32BF0BC}
2016-08-06 00:20 - 2016-08-06 00:20 - 00000000 ____D C:\Users\Kcrew\AppData\Local\{ECD9EF58-BF5F-4848-8DA6-55BF438D9975}
2016-08-05 12:20 - 2016-08-05 12:20 - 00000000 ____D C:\Users\Kcrew\AppData\Local\{0AC90CCF-DC32-4205-B90B-C7BA3632F502}
2016-08-01 09:49 - 2016-08-14 23:03 - 00000000 ____D C:\Windows\EOONotify
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-08-20 14:26 - 2015-07-27 17:02 - 00000000 ____D C:\FRST
2016-08-20 14:24 - 2015-07-27 16:55 - 00034624 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
2016-08-20 14:19 - 2014-04-08 10:09 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA.job
2016-08-20 14:18 - 2016-04-14 16:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-20 14:00 - 2009-07-14 00:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-08-20 14:00 - 2009-07-14 00:45 - 00028848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-08-20 13:57 - 2009-07-14 01:13 - 00782470 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-20 13:57 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\inf
2016-08-20 13:53 - 2016-07-20 06:37 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2016-08-20 13:50 - 2016-07-20 11:13 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2016-08-20 13:50 - 2016-04-14 16:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-20 13:50 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-20 08:45 - 2014-04-08 10:09 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core.job
2016-08-19 22:54 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
2016-08-19 22:42 - 2014-04-06 05:45 - 00000000 ____D C:\Users\Kcrew\AppData\Local\VirtualStore
2016-08-19 22:17 - 2014-04-06 05:46 - 00000000 ____D C:\Users\Kcrew\Documents\Bluetooth Folder
2016-08-19 22:00 - 2014-04-06 03:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-08-19 09:59 - 2009-07-13 22:34 - 00000541 _____ C:\Windows\win.ini
2016-08-18 01:01 - 2016-04-14 17:08 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-18 01:00 - 2014-04-08 10:09 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA
2016-08-18 01:00 - 2014-04-08 10:09 - 00003482 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core
2016-08-18 00:59 - 2009-07-14 01:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-16 23:54 - 2016-04-14 16:28 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-16 23:54 - 2016-04-14 16:28 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-16 23:41 - 2014-08-02 00:11 - 00000000 ____D C:\Users\Kcrew\Desktop\Clinicals
2016-08-16 16:13 - 2015-10-01 19:53 - 00000023 _____ C:\Windows\Model.txt
2016-08-16 12:29 - 2015-01-21 21:03 - 00000000 ____D C:\ProgramData\AVAST Software
2016-08-16 12:23 - 2016-04-14 15:41 - 00407846 _____ C:\Windows\ntbtlog.txt
2016-08-16 11:02 - 2015-01-21 15:35 - 00000000 ____D C:\Users\Kcrew\AppData\Local\ElevatedDiagnostics
2016-08-15 11:22 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
2016-08-15 11:12 - 2015-10-01 19:52 - 00000000 ____D C:\Users\Kcrew\AppData\Roaming\iolo
2016-08-15 10:35 - 2014-04-06 05:42 - 00000000 ____D C:\Users\Kcrew
2016-08-15 10:32 - 2015-12-09 04:06 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-15 10:32 - 2015-07-19 17:24 - 00000000 ____D C:\Update
2016-08-15 10:32 - 2015-04-11 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-08-15 10:32 - 2015-04-11 03:01 - 00000000 ___SD C:\Windows\system32\GWX
2016-08-15 10:32 - 2014-04-06 13:09 - 00000000 ____D C:\Windows\AutoKMS
2016-08-15 10:32 - 2014-04-06 12:57 - 00000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2016-08-15 10:32 - 2014-04-06 12:56 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-08-15 10:32 - 2014-04-06 03:51 - 00000000 ____D C:\ProgramData\Sony Corporation
2016-08-15 10:32 - 2014-04-06 03:23 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2016-08-15 10:32 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-08-15 10:31 - 2014-04-06 05:43 - 00000000 ____D C:\Windows\pss
2016-08-15 10:31 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration
2016-08-15 10:24 - 2014-04-06 03:42 - 00000000 ____D C:\Program Files\Microsoft Office
2016-08-15 10:23 - 2014-04-06 12:49 - 00000000 __RHD C:\MSOCache
2016-08-14 23:03 - 2009-07-13 23:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-08-14 23:03 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2016-08-05 12:20 - 2014-04-06 02:59 - 00000000 ____D C:\Users\Kcrew\AppData\Local\CrashDumps
2016-07-28 20:56 - 2014-04-06 15:11 - 00000000 ____D C:\Users\Kcrew\Desktop\Kadiri Group
2016-07-28 20:55 - 2015-02-19 13:50 - 00000000 ____D C:\Users\Kcrew\Documents\Outlook Files
2016-07-26 22:50 - 2016-02-26 15:33 - 00000000 ____D C:\Users\Kcrew\Desktop\Cases and Presentation
2016-07-26 22:46 - 2014-04-06 10:36 - 00000000 ____D C:\Users\Kcrew\AppData\Local\Deployment
==================== Files in the root of some directories =======
2014-04-06 20:38 - 2014-04-06 20:38 - 0017408 _____ () C:\Users\Kcrew\AppData\Local\WebpageIcons.db
2015-12-31 11:44 - 2015-12-31 11:44 - 0000000 _____ () C:\Users\Kcrew\AppData\Local\{84AE7A03-0A68-4279-B234-69247D99A514}
Some files in TEMP:
====================
C:\Users\Kcrew\AppData\Local\Temp\GLF1434.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF15.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF185B.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF1954.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2077.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2254.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2AC4.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2ACE.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2C63.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2C99.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2E3A.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF2FE0.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF303B.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF3ECF.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF444B.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF4620.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF5008.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF51CD.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF5400.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF55C5.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF69C8.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF6F5E.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7020.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF71F9.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7B71.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7FD3.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF7FDF.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF83EA.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF8988.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF8AE0.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF957F.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLF9919.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFA79F.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFA8F7.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFB38A.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFBD99.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFBF83.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFD823.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFD8B6.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFDDF5.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFE0AA.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFE55C.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFF6C1.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFFC8C.EXE
C:\Users\Kcrew\AppData\Local\Temp\GLFFE6F.EXE
C:\Users\Kcrew\AppData\Local\Temp\GUR6A4C.exe
C:\Users\Kcrew\AppData\Local\Temp\lowproc.exe
C:\Users\Kcrew\AppData\Local\Temp\pslist.exe
C:\Users\Kcrew\AppData\Local\Temp\SCC.dll
C:\Users\Kcrew\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Kcrew\AppData\Local\Temp\stubhelper.dll
C:\Users\Kcrew\AppData\Local\Temp\{907231D9-0357-4739-A8AB-253485178CB3}-GoogleUpdateSetup.exe
C:\Users\Kcrew\AppData\Local\Temp\{FDD985CE-F4BB-42CC-9D3E-241EF2EAAA64}-GoogleUpdateSetup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-08-16 10:56
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-08-2016
Ran by Kcrew (20-08-2016 14:28:52)
Running from C:\Users\Kcrew\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2014-04-06 09:42:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-254052869-2685560785-2873597609-500 - Administrator - Disabled)
Guest (S-1-5-21-254052869-2685560785-2873597609-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-254052869-2685560785-2873597609-1002 - Limited - Enabled)
Kcrew (S-1-5-21-254052869-2685560785-2873597609-1001 - Administrator - Enabled) => C:\Users\Kcrew
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-254052869-2685560785-2873597609-1001\...\uTorrent) (Version: 3.4.3.40298 - BitTorrent Inc.)
ACID Music Studio 8.0 (x32 Version: 8.0.178 - Sony) Hidden
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.1 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.161 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.485 - ArcSoft)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.3.9 - ASUS)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.125 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2279 - AVAST Software)
Brother MFL-Pro Suite HL-2280DW (HKLM-x32\...\{3ACCCFB3-7B17-4E9F-ACB0-46868FCD4487}) (Version: 1.1.3.0 - Brother Industries, Ltd.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5009.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DVD Architect Studio 5.0 (x32 Version: 5.0.157 - Sony) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.3.214 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard_Shortcuts (x32 Version: 1.1.0.12190 - Sony Corporation) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Media Gallery (HKLM\...\{0EB7792D-EFA2-42AB-9A22-F33D9458E974}) (Version: 2.1.0.13300 - Sony Corporation)
Media Go (x32 Version: 2.0.317 - Sony) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM\...\Office15.VISPRO) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PlayMemories Home (x32 Version: 6.1.01.14210 - Sony Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation(R)Network Downloader (x32 Version: 2.07.00849 - Sony Computer Entertainment Inc.) Hidden
PlayStation(R)Store (x32 Version: 4.5.15.13232 - Sony Computer Entertainment Inc.) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.1 - Qualcomm Atheros) Hidden
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{E727B31A-8B24-4C1C-934A-69634E0D2C0B}) (Version: 3.0 - Qualcomm Atheros)
Reader for PC (x32 Version: 1.1.02.10070 - Sony Corporation) Hidden
RealDownloader (x32 Version: 18.1.4.137 - RealNetworks, Inc.) Hidden
RealDownloader (x32 Version: 18.1.4.144 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (RealTimes) (HKLM-x32\...\RealPlayer 18.1) (Version: 18.1.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.91 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Remote Play with PlayStation(R)3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden
SafeZone Stable 1.51.2220.53 (x32 Version: 1.51.2220.53 - Avast Software) Hidden
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0051-0000-1000-0000000FF1CE}_Office15.VISPRO_{F0C12872-B60D-4E37-A2F9-20C46A5E1F1A}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Snapshot Viewer (HKLM-x32\...\Snapshot Viewer) (Version: - )
Sound Forge Audio Studio 10.0 (x32 Version: 10.0.176 - Sony) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
TrackID(TM) with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corportaion) Hidden
TriDef 3D (Sony) 2.0.5 (HKLM-x32\...\experience-sony-bundle) (Version: 2.0.5 - Dynamic Digital Depth Australia Pty Ltd)
Tweaking.com - Registry Backup (HKLM-x32\...\Tweaking.com - Registry Backup) (Version: 3.5.0 - Tweaking.com)
Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{0FA8AE0C-69AE-4F60-A1AB-F79C6BA5A999}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.VISPRO_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3115261) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{D8E86AF8-E495-4DC1-A058-7E69AA96AA8A}) (Version: - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
V3DPx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Microsoft Visual C++ 2010 SP1 Runtime 10.0.40219.325 (HKLM\...\{34EB42BE-F4D3-44C1-B28E-9740115DB72C}) (Version: 1.0.00.01300 - Sony Corporation)
VAIO - PlayMemories Home Plug-in (HKLM\...\{886C0C18-F905-49B2-90BA-EFC0FEDF27C6}) (Version: 2.0.00.14200 - Sony Corporation)
VAIO - Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
VAIO - Remote Keyboard with PlayStation®3 (x32 Version: 1.2.0.09210 - Sony Corporation) Hidden
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.21090 - Sony Corporation) Hidden
VAIO - TrackID™ with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
VAIO 3D Portal (x32 Version: 1.2.0.10131 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{28D70998-F9F8-4F4B-BB1D-64C11123C01B}) (Version: 8.4.5.06021 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (x32 Version: 5.2.1.15070 - Sony Corporation) Hidden
VAIO CPU Fan Diagnostic (x32 Version: 1.1.0.09200 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.9.0.13190 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.5.2.02090 - Sony Corporation) Hidden
VAIO Gesture Control (x32 Version: 1.0.0.12300 - Sony Corporation) Hidden
VAIO Help and Support (x32 Version: 17.00.0109 - Sony Corporation) Hidden
VAIO Improvement (x32 Version: 1.3.0.12280 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 2.3.0.12300 - Sony Corporation) Hidden
VAIO OOBE (x32 Version: 12.2.1.2483 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (x32 Version: 3.14.1.07010 - Sony Corporation) Hidden
VAIO Transfer Support (x32 Version: 1.7.1.06040 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
vc2012_redist (x32 Version: 1.0.0.0 - Realnetworks) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Movie Studio HD Platinum 11.0 (x32 Version: 11.0.256 - Sony) Hidden
VHD (x32 Version: 1.0.0 - Microsoft) Hidden
Video Downloader (x32 Version: 1.2.0 - RealNetworks) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - ASUS Tek. Corporation (ATP) Mouse (07/27/2015 7.0.0.7) (HKLM\...\A877FD5856151D202B724718A4F58CF0089A558C) (Version: 07/27/2015 7.0.0.7 - ASUS Tek. Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-254052869-2685560785-2873597609-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Kcrew\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {024384FE-A0FD-4ACF-BF61-16103C56008F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.)
Task: {0D4808FF-FC3B-4BAF-9DD9-D773CBB23B5E} - System32\Tasks\{93CB4708-C384-428F-8E2E-7AAFA34B2F5D} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.0.102/en/abandoninstall?page=tsProgressBar
Task: {12152107-71D8-4C5D-9D07-3265DB1E856A} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-04-06] ()
Task: {173F5620-6968-4DCA-B602-513D78AA419D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {19157A47-9C19-4449-93A5-9867F31E49DC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {2099BF3E-CE1B-46E3-8174-ADF391ABB3C4} - System32\Tasks\OrangeDefender => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
Task: {2772E82F-8D78-4FD4-BB82-3966303BD53D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {343ABC37-3926-41C1-9E00-815B46CE41C0} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {545A7387-B090-4294-AC35-E2615BF68B73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-14] (Google Inc.)
Task: {548E7314-58B5-42F0-A6A5-39AFDCDE339D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {570C9329-C60E-4571-9F4D-DB81358B6DBB} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {644D7164-CEBA-4D2D-8E34-F32C9E1730E5} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-12-27] (Sony Corporation)
Task: {6A9BBAB9-0C25-454F-A42B-F6EEFB22D92A} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2016-03-18] (Sony Corporation)
Task: {6EB9D06C-FFE6-4719-B75B-0458FE5DA8BC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {71A9817F-6AB3-42FB-9EA8-6ADD8378212B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2011-12-27] (Sony Corporation)
Task: {71D82306-0BBA-4073-832C-B5CA9C5F3081} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {77836041-3D33-4AE3-B189-340762B2883D} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2012-03-20] ()
Task: {79D17DF9-C8BA-4717-8A66-7FE52A5BA85F} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation)
Task: {81D5B12E-3A66-4DF5-94D7-3040D314E6FB} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2016-05-30] (Sony Corporation)
Task: {84741006-1A18-4F0F-B34B-41EEC28E2E5F} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {85489418-E76A-45D6-A5B6-A980FA11758A} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2016-05-30] (Sony Corporation)
Task: {8BF72306-9D29-4644-8262-7D9E3D762829} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-03-07] (Sony Corporation)
Task: {949E7AD2-B164-4C56-BF89-93E5C243D0B8} - System32\Tasks\SafeZone scheduled Autoupdate 1471365055 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-08-09] (Avast Software)
Task: {963A6501-BE31-441D-855C-B1CEC92EE014} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation)
Task: {96658046-D01E-416E-9036-594D8BAAC48E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {98FD05B2-5908-478C-A379-880C27936924} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {9AC1BF82-9DCE-435D-ACC6-F8A5B3D9EB13} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {9C128120-6059-47D7-BA96-5BF04F651E15} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {9C3B2DF2-CD0B-41F3-97FA-C80A4CF475E0} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {9E5C027C-0D26-4CC4-9524-D45C47922D00} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {9F1DDB75-5321-491F-A7A8-873CAC452CD5} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-254052869-2685560785-2873597609-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {A4368EA6-BFD7-4879-B9C1-DE1E5A1A8B90} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2016-05-30] (Sony Corporation)
Task: {BCA90A3F-B3DB-4D99-AD1A-836F49FE45A8} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-02-24] (Sony Corporation)
Task: {BCDE83ED-4E70-4592-AF6C-775FE1897DF0} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {BD4FDF67-1176-4F1F-A93B-2C0B46BC2F49} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-10-07] (AsusTek)
Task: {C79FF2A7-BD58-4C3E-9775-74C4C53DE1BB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-254052869-2685560785-2873597609-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe [2016-05-13] (RealNetworks, Inc.)
Task: {CE4D7EE0-4E1D-4793-B90C-9383B06F945B} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-03-07] (Sony Corporation)
Task: {D1CEB8F3-4658-4B38-A138-367D4353B95D} - System32\Tasks\OrangeDefenderUpdate => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\updAvTask.exe
Task: {D6C30D3F-20C3-416E-AA14-DB134579E5D4} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2016-05-31] (Sony Corporation)
Task: {D8900CA0-A312-4877-B339-E288B30815BF} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2016-03-24] (Sony Corporation)
Task: {DA9EF13A-4523-44AC-A56B-C090AC11CECC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {DAD6E793-ED25-4E62-86E3-629B7B2B7211} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-03-29] (Sony Corporation)
Task: {E0AA30ED-D45A-429F-BB93-B654D2B6FCF3} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net [Argument = start VSNService]
Task: {E603792E-9D9C-4D8E-9FE3-29C688EF4CB2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {E6FD5D04-A52B-4CCD-8DC0-B1CB140FDD24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F19E84BF-10B4-4CBD-9D50-64F9D2922FCA} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe [2016-07-05] ()
Task: {FA25DD64-CCC3-46E7-8F0F-A7DCB96618AA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001Core.job => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-254052869-2685560785-2873597609-1001UA.job => C:\Users\Kcrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OrangeDefender.job => C:\Program Files (x86)\Innovative Solutions\Orange Defender Antivirus\orangedefender.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UWorld SimExam\UWorld SimExam.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.uworld.com/Clients/simclient.jnlp "C:\Users\Kcrew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\42\414cfaaa-21d075ab"
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\UWorld Qbank\UWorld Qbank.lnk -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe (Oracle Corporation) -> -localfile -J-Djnlp.application.href=hxxp://www.uworld.com/clients/QbankClient.jnlp "C:\Users\Kcrew\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\4c0ff0eb-73859080"
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Kcrew\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2016-06-14 13:37 - 2016-06-14 13:37 - 08909504 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-04-06 03:13 - 2012-03-13 12:01 - 00128280 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2016-05-13 15:13 - 2016-05-13 15:13 - 00032544 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2012-03-14 16:54 - 2012-03-14 03:57 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-06-26 09:18 - 2005-04-22 00:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2012-03-20 16:43 - 2012-03-20 16:43 - 00477816 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
2016-07-05 18:18 - 2016-07-05 18:18 - 00714992 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
2016-08-16 12:24 - 2016-08-16 12:24 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-20 08:39 - 2016-08-20 08:39 - 03015680 _____ () C:\Program Files\AVAST Software\Avast\defs\16082000\algo.dll
2016-08-16 12:24 - 2016-08-16 12:24 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037688 _____ () C:\Program Files (x86)\Real\UpdateService\DL2UpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00039224 _____ () C:\Program Files (x86)\Real\UpdateService\RealDownloaderUpdatePlugin.dll
2016-05-13 15:13 - 2016-05-13 15:13 - 00037192 _____ () C:\Program Files (x86)\Real\UpdateService\VideoDLUpdatePlugin.dll
2014-06-26 09:18 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2016-07-18 20:19 - 2016-07-18 20:19 - 00096136 _____ () C:\Program Files (x86)\Real\RealPlayer\CrashRpt\CrashRpt1402.dll
2016-07-18 20:18 - 2016-07-18 20:18 - 00022800 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Tools\ffmpeg\mediautil.dll
2016-08-16 12:24 - 2016-08-16 12:24 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-08-19 22:30 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-08-19 22:30 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-08-19 22:30 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-04-06 04:08 - 2012-03-07 21:57 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2012-03-20 16:43 - 2012-03-20 16:43 - 00160376 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll
2012-03-20 16:43 - 2012-03-20 16:43 - 00026744 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
2016-06-14 13:38 - 2016-06-14 13:38 - 08909504 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-08-19 22:30 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-08-19 22:30 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2016-08-18 01:01 - 2016-08-02 20:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-18 01:01 - 2016-08-02 20:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-05-28 15:51 - 2016-05-28 15:51 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5a8eeeddc97028a9f94d0518c22f4c2c\IsdiInterop.ni.dll
2014-04-06 03:17 - 2011-11-29 23:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-06 03:13 - 2012-03-13 12:02 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2016-05-13 14:20 - 2016-05-13 14:20 - 01382048 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\cpprest100_1_2.dll
2016-07-18 20:18 - 2016-07-18 20:18 - 00654608 _____ () C:\Program Files (x86)\Real\RealPlayer\RPDS\Lib\r1api.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-254052869-2685560785-2873597609-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Kcrew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 64.233.217.2 - 64.233.217.3
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A7B04575-8D06-4200-B5C5-D2A0FF123DAC}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{2FE5A5F4-BFA9-4490-A5F1-DDBDB4F84F48}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{E21F4FDE-8E7C-4BC5-AD96-1097A109D57D}] => (Block) C:\Program Files (x86)\Sony\VAIO Creations\VAIO Movie Story\VMStory.exe
FirewallRules: [{412B7C76-57CF-4A52-9F4B-72A9906F8088}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{AF8C3C91-69F3-4556-AB99-2922A2065B72}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{5C5697B7-9FB5-4EE2-BAC8-A70C05622424}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{0AC3B73D-3862-46AC-8581-6D78191EB695}] => (Allow) LPort=2869
FirewallRules: [{186F64DE-39F4-4B8C-8306-7979C6A66518}] => (Allow) LPort=1900
FirewallRules: [{8D48798A-6512-41F0-B4A0-9D93FBFCACAD}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{EABA1C0A-BD7B-4F3B-A472-86C8F246DD6B}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{62EE71A5-260B-4715-8951-6EA207249D04}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{243F822C-FDB6-4ED5-8629-D16BB585C578}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{08CDFE24-892A-4600-8431-11ACD8C0FF1F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{44963875-423E-4998-ADB1-D831E83891BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{E86276F9-F9F8-4859-BB6D-9B1E80F363DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{4AE64553-C069-44A9-B36D-C704C7D5EF5D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AB857FA6-B248-496F-89D4-E3F5D4FE53C6}] => (Allow) LPort=54925
FirewallRules: [{7B643FF0-E6F9-4438-9C9B-7CF25E56370F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{FEBB1B1E-F0E9-4647-90C5-CEDBF85EE093}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{61932444-6F24-4B20-B714-F4D18BDDDD73}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{26EA78DA-32BD-472E-A0B0-A286951B2A38}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{E1D422B7-DA47-41C8-9A2F-145AA1C169F7}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C762732B-3B1C-4942-AD80-E8F879838BD8}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{37F9651E-35AF-4293-95B3-995D4E6A30B2}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F5E3DF6C-F63B-43D2-B0F5-92CC27ACF3D8}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{CF382707-EFB9-4677-BF9C-B90AED5A217A}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{65D37226-3F26-4A8D-BB46-EC5B61E5F4DF}] => (Allow) C:\Users\Kcrew\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{44E1ECC1-CA97-4942-A0B7-445589649C99}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [UDP Query User{5CA0B896-D92A-4EB2-8D27-5A0C13B4AB84}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.3_40760.exe
FirewallRules: [TCP Query User{588E75BE-5152-457A-8586-75CB51E8A30D}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [UDP Query User{795FCF92-3BD4-4418-9F84-45BC9AF1493A}C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe] => (Block) C:\users\kcrew\appdata\roaming\utorrent\updates\3.4.5_41372.exe
FirewallRules: [{92F0ACB9-848E-49A2-B299-05DED4B3DD68}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{C087F728-24B8-46CE-A3E8-12CC3DEBDAC9}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{5C030088-9168-4147-A085-1A3642D919FB}] => (Allow) C:\Program Files\BitComet\BitComet.exe
FirewallRules: [{7BA064AD-7EE2-459A-9209-E418D9FE3E2D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{BF494585-8301-43D7-842E-B6F050EB16F7}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{F538B2D8-3B1D-4F41-AF9A-1E10147BAD7C}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{B984D8E3-A6E5-45B0-9A19-4D8A272183FB}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{96693108-B645-487D-B170-8B1507E4B727}] => (Allow) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
FirewallRules: [TCP Query User{77959974-DEFB-4486-9828-0890A5BB382C}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{E4F16916-C256-4D50-8F2C-73AA9E99D330}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{CC4FB5AB-347E-496E-A218-A9AED42460AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\TriDef 3D\TriDef\TriDefMediaPlayer\TriDefMediaPlayer.exe] => Enabled:TriDef 3D Media Player
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Restore Points =========================
13-08-2016 00:53:11 Windows Update
13-08-2016 03:00:14 Windows Update
14-08-2016 22:49:55 Restore Operation
19-08-2016 08:31:46 Installed Atheros WLAN Client
19-08-2016 10:49:11 Installed Atheros WLAN Client
19-08-2016 21:57:20 Removed Atheros WLAN Client
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/20/2016 01:51:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2016 09:49:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 12:45:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program VAIO Gate.exe version 2.4.1.9230 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 9a4
Start Time: 01d1fa2b411e85d2
Termination Time: 727
Application Path: C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
Report Id: 5ec0a930-662c-11e6-9c55-30f9edb4a6ea
Error: (08/19/2016 11:06:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 09:44:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 09:16:25 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 08:44:31 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2016 08:02:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2016 11:20:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.23418 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 9f8
Start Time: 01d1f8345835ff4b
Termination Time: 1924
Application Path: C:\Windows\Explorer.EXE
Report Id: 4ddde596-6429-11e6-85eb-08edb9cefb02
Error: (08/16/2016 11:15:09 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2016/08/16 23:15:09.160]: [00001108]: Initialize TwdsMain Class failed!
System errors:
=============
Error: (08/20/2016 02:18:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Oasis2Service service terminated unexpectedly. It has done this 1 time(s).
Error: (08/20/2016 02:18:23 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.124.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.
Error: (08/20/2016 01:52:31 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Oasis2Service service hung on starting.
Error: (08/20/2016 01:52:10 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (08/20/2016 01:52:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
Error: (08/20/2016 01:51:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053 = The service did not respond to the start or control request in a timely fashion.
Error: (08/20/2016 01:51:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Spybot-S&D 2 Scanner Service service to connect.
Error: (08/20/2016 09:50:57 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Oasis2Service service hung on starting.
Error: (08/20/2016 09:50:37 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)
Error: (08/20/2016 09:50:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-2370M CPU @ 2.40GHz
Percentage of memory in use: 54%
Total physical RAM: 3996.36 MB
Available physical RAM: 1800.45 MB
Total Virtual: 7990.9 MB
Available Virtual: 4813.21 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:446.92 GB) (Free:85.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 348E3643)
Partition 1: (Not Active) - (Size=18.5 GB) - (Type=27)
Partition 2: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
aswMBR version 1.0.1.2252 Copyright(c) 2014 AVAST Software
Run date: 2016-08-20 14:33:34
-----------------------------
14:33:34.612 OS Version: Windows x64 6.1.7601 Service Pack 1
14:33:34.612 Number of processors: 4 586 0x2A07
14:33:34.614 ComputerName: KCREW-VAIO UserName: Kcrew
14:33:36.424 Initialize success
14:33:36.449 VM: initialized successfully
14:33:36.451 VM: Intel CPU BiosDisabled
14:33:45.350 AVAST engine defs: 16082000
14:33:49.648 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:33:49.650 Disk 0 Vendor: HGST_HTS GG2O Size: 476940MB BusType: 3
14:33:49.799 Disk 0 MBR read successfully
14:33:49.802 Disk 0 MBR scan
14:33:49.826 Disk 0 Windows 7 default MBR code
14:33:49.841 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 18940 MB offset 2048
14:33:49.853 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 38791168
14:33:49.858 Disk 0 default boot code
14:33:49.872 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 457648 MB offset 39507968
14:33:49.993 Disk 0 scanning C:\Windows\system32\drivers
14:34:08.934 Service scanning
14:34:58.905 Modules scanning
14:34:58.916 Disk 0 trace - called modules:
14:34:58.943 ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys hal.dll
14:34:58.949 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800a544060]
14:34:58.955 3 CLASSPNP.SYS[fffff88001cfc43f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8007d52050]
14:34:59.846 AVAST engine scan C:\Windows
14:35:02.446 AVAST engine scan C:\Windows\system32
14:39:08.968 AVAST engine scan C:\Windows\system32\drivers
14:39:30.212 AVAST engine scan C:\Users\Kcrew
15:08:58.946 Disk 0 MBR has been saved successfully to "C:\Users\Kcrew\Desktop\MBR.dat"
15:08:58.946 The log file has been saved successfully to "C:\Users\Kcrew\Desktop\aswMBR.txt"