Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Cannot install security updates or remove unwanted content. Potential

Started by Jamazz , Jun 30 2014 03:08 PM

  • This topic is locked This topic is locked

#1
Jamazz
Posted 30 June 2014 - 03:08 PM

Jamazz

    Member

  • Member
  • PipPip
  • 90 posts
I have been trying to fix the general malaise that has built-up on a customers' laptop. So far, these are the things I have noticed, although, they may not be symptoms of an infection of any kind. It's entirely possible there may be an infection, since the owner of the laptop does not practice safe usage habits, like windows and anti-virus updates, etc, but I don't know. I've ran scans with Avast but nothing turns up.
 
Here's the list of problems I noticed:
 
1. Windows cannot update "Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243)"
 
2. Avast notices there is "Grime". When I follow the instructions, and try to remove AVG "Do Not Track", "Safe Search" and others, a Windows Installer window appears and is looking for a network resource. C:\ProgramData\MFAData\pack\crt_x64.msi. Perhaps during a previous scan, this file was removed and now the system can't find it?
 
3. AOL is looking to update something. Only AOL email is used on this machine, not ISP connectivity. On a personal note, I despise AOL, but it's not my place to change the way the customer uses her laptop, or else it would have been removed long ago.
 
4. iTunes tries to update some software, but after installing, it asks to install the same software, over and over, and over again.
 
There may be other issues I haven't picked up on, but I don't have very much input from the customer other than, " it's running sluggish".
 
I've attempted to circumvent the Windows C++ security install issues, like reverting, or installing pieces leading up to it, safe mode, and others, but no success.
 
One more thing to mention, this is a VAIO laptop, and it has its own level of gadgets and such that is available on the laptop. I noticed there is a security update it is trying to install, after running the install, I receive the following error:
 
Error applying transforms. Verify that the specified transform paths are valid. C:\Windows\Installer\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}\1030.MST
 
However, it is possible this is happening because this is the wrong model VAIO
 
Any help is appreciated. I am an experienced computer technician, however, this situation has gone a little farther than I can handle. Thank you.
 
Here is the OTL data:

OTL logfile created on: 6/30/2014 3:57:19 PM - Run 1OTL by OldTimer -
Version 3.2.69.0     Folder =
C:\Users\milbus21\Desktop64bit- Home Premium Edition Service Pack 1 (Version
= 6.1.7601) - Type = NTWorkstationInternet Explorer (Version =
9.11.9600.17126)Locale: 00000409 | Country: United States | Language: ENU |
Date Format: M/d/yyyy 3.95 Gb Total Physical Memory | 1.88 Gb
Available Physical Memory | 47.72% Memory free7.90 Gb Paging File | 5.30 Gb
Available in Paging File | 67.06% Paging File freePaging file location(s):
?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% =
C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 585.14 Gb
Total Space | 371.24 Gb Free Space | 63.45% Space Free | Partition Type:
NTFS Computer Name: MILBUS21-VAIO | User Name: milbus21 | Logged in
as Administrator.Boot Mode: Normal | Scan Mode: Current user | Quick Scan |
Include 64bit ScansCompany Name Whitelist: On | Skip Microsoft Files: On |
No Company Name Whitelist: On | File Age = 30
Days ========== Processes (SafeList)
========== PRC - [2014/06/30 15:56:32 | 000,602,112 | ----
| M] (OldTimer Tools) -- C:\Users\milbus21\Desktop\OTL.exePRC - [2014/06/14
12:13:12 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST
Software\Avast\avastui.exePRC - [2014/05/27 15:16:21 | 002,472,424 | ---- |
M] (AVAST Software) -- C:\Program Files\AVAST
Software\Avast\browsercleanup.exePRC - [2014/04/30 11:14:43 | 000,050,344 |
---- | M] (AVAST Software) -- C:\Program Files\AVAST
Software\Avast\AvastSvc.exePRC - [2014/02/20 15:35:26 | 000,060,504 | ---- |
M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exePRC -
[2013/11/01 14:59:56 | 000,062,464 | ---- | M] () -- C:\Program Files\Sony\VAIO
Care\listener.exePRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple
Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet
Services\ubd.exePRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG
Technologies CZ, s.r.o.) -- C:\Program Files
(x86)\AVG\AVG2012\avgwdsvc.exePRC - [2012/02/09 20:40:16 | 000,053,248 |
---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files
(x86)\DDNi\Oasis2Service\Oasis2Service.exePRC - [2012/01/03 05:10:42 |
000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files
(x86)\Common Files\Adobe\ARM\1.0\armsvc.exePRC - [2011/12/14 16:51:21 |
000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop
9.7\waol.exePRC - [2011/12/14 16:51:19 | 000,045,392 | ---- | M] (AOL Inc.)
-- C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exePRC - [2011/08/31
13:44:30 | 000,477,200 | ---- | M] () -- C:\Program Files (x86)\Sony\Keyboard
Shortcuts\KeyboardShortcuts.exePRC - [2011/03/05 19:42:36 | 000,180,928 |
---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event
Service\VESMgrSub.exePRC - [2011/03/05 19:42:36 | 000,064,704 | ---- | M]
(Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event
Service\VESMgr.exePRC - [2011/02/23 17:05:04 | 000,105,024 | ---- | M]
(ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects
2\uCamMonitor.exePRC - [2011/02/15 14:47:02 | 002,757,312 | ---- | M] (Sony
Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exePRC -
[2011/02/14 02:15:46 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program
Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exePRC -
[2011/02/14 02:15:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program
Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exePRC -
[2010/11/27 03:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program
Files (x86)\Sony\PMB\PMBVolumeWatcher.exePRC - [2010/11/27 03:55:42 |
000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exePRC - [2010/11/06 02:54:22 |
000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files
(x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exePRC -
[2010/11/06 02:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program
Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exePRC -
[2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files
(x86)\Common Files\AOL\1324837120\ee\aolsoftware.exePRC - [2006/10/23
08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common
Files\AOL\acs\AOLacsd.exe  ==========
Modules (No Company Name) ========== MOD - [2014/05/22
11:42:49 | 000,475,648 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0eef5f1e5c15e0171152ee8f1cfc6924\IAStorUtil.ni.dllMOD
- [2014/05/22 11:40:07 | 000,774,144 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dllMOD
- [2014/05/22 11:16:35 | 000,805,376 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\04824fdbd5dce32530ba44ae012e4fb9\System.Runtime.Remoting.ni.dllMOD
- [2014/04/30 17:42:59 | 000,190,976 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dllMOD
- [2014/04/30 16:50:28 | 018,813,440 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dllMOD
- [2014/04/30 16:50:20 | 001,889,792 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dllMOD
- [2014/04/30 16:50:18 | 012,894,208 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dllMOD
- [2014/04/30 16:50:18 | 001,180,672 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dllMOD
- [2014/04/30 16:50:11 | 011,025,920 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dllMOD
- [2014/04/30 16:50:08 | 001,644,544 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dllMOD
- [2014/04/30 16:50:04 | 006,990,336 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dllMOD
- [2014/04/30 16:50:03 | 007,662,080 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dllMOD
- [2014/04/30 16:50:01 | 003,950,080 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dllMOD
- [2014/04/30 16:49:59 | 000,470,528 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dllMOD
- [2014/04/30 16:49:58 | 000,976,384 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dllMOD
- [2014/04/30 16:49:57 | 010,060,800 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dllMOD
- [2014/04/30 16:49:51 | 016,953,856 | ---- | M] () --
C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dllMOD
- [2014/04/30 12:10:32 | 000,014,336 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b1f7b4e15aef3faf382db6ba14c81371\IAStorCommon.ni.dllMOD
- [2014/04/30 11:14:43 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST
Software\Avast\libcef.dllMOD - [2014/04/30 11:00:45 | 012,436,480 | ---- |
M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dllMOD
- [2014/04/30 11:00:38 | 001,593,344 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dllMOD
- [2014/04/30 11:00:23 | 003,348,480 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dllMOD
- [2014/04/30 11:00:17 | 005,464,064 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dllMOD
- [2014/04/30 11:00:14 | 000,978,432 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dllMOD
- [2014/04/30 11:00:13 | 007,989,760 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dllMOD
- [2014/04/30 11:00:06 | 011,499,520 | ---- | M] () --
C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dllMOD
- [2013/11/01 14:59:56 | 000,062,464 | ---- | M] () -- C:\Program
Files\Sony\VAIO Care\listener.exeMOD - [2011/12/14 16:51:21 | 000,048,640 |
---- | M] () -- C:\Program Files (x86)\AOL Desktop 9.7\zlib.dllMOD -
[2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files
(x86)\Common Files\Apple\Apple Application Support\zlib1.dllMOD -
[2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files
(x86)\Common Files\Apple\Apple Application Support\libxml2.dllMOD -
[2011/08/31 15:06:52 | 000,027,104 | ---- | M] () -- C:\Program Files
(x86)\Sony\Keyboard Shortcuts\Utility.dllMOD - [2011/08/31 15:06:48 |
000,161,256 | ---- | M] () -- C:\Program Files (x86)\Sony\Keyboard
Shortcuts\MessageHook.dllMOD - [2011/08/31 13:44:30 | 000,477,200 | ---- |
M] () -- C:\Program Files (x86)\Sony\Keyboard
Shortcuts\KeyboardShortcuts.exe  ==========
Services (SafeList) ========== SRV:64bit: -
[2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation)
[On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe --
(IEEtwCollectorService)SRV:64bit: - [2014/04/30 11:14:43 |
000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program
Files\AVAST Software\Avast\AvastSvc.exe -- (avast!
Antivirus)SRV:64bit: - [2014/02/27 22:03:12 | 001,642,544 | ---- | M]
(Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO
Update\VUAgent.exe -- (VUAgent)SRV:64bit: - [2014/02/20 15:35:26 |
000,060,504 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program
Files\Sony\VAIO Care\VCService.exe -- (VCService)SRV:64bit: -
[2013/08/27 16:42:10 | 000,948,312 | ---- | M] (Sony Corporation) [Auto |
Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe --
(VSNService)SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- |
M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows
Defender\MpSvc.dll -- (WinDefend)SRV:64bit: - [2013/03/04 17:06:26 |
000,258,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program
Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)SRV:64bit:
- [2013/02/22 15:02:06 | 000,427,432 | ---- | M] () [On_Demand | Stopped] --
C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe --
(USER_ESRV_SVC)SRV:64bit: - [2013/02/22 15:02:06 | 000,427,432 | ----
| M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe --
(ESRV_SVC)SRV:64bit: - [2011/08/25 02:58:28 | 000,111,776 | ---- | M]
(Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO
Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)SRV:64bit: -
[2011/05/19 22:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand |
Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing
Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)SRV:64bit: - [2011/02/19
01:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] --
C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe --
(VcmXmlIfHelper)SRV:64bit: - [2011/02/19 01:02:08 | 000,385,336 |
---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM
Intelligent Network Service Manager\VcmINSMgr.exe --
(VcmINSMgr)SRV:64bit: - [2011/01/20 15:27:18 | 000,286,936 | ---- |
M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common
Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe --
(SpfService)SRV:64bit: - [2010/12/17 17:41:32 | 001,515,792 | ---- |
M] (Intel® Corporation) [Auto | Running] -- C:\Program
Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)SRV:64bit: - [2010/12/17
17:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program
Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)SRV:64bit: -
[2010/12/17 17:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto |
Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe --
(RegSrvc)SRV - [2014/06/23 00:18:59 | 000,262,320 | ---- | M] (Adobe Systems
Incorporated) [On_Demand | Stopped] --
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe --
(AdobeFlashPlayerUpdateSvc)SRV - [2014/06/20 17:38:20 | 000,542,400 | ---- |
M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common
Files\Steam\SteamService.exe -- (Steam Client Service)SRV - [2013/09/11
21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] --
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe --
(clr_optimization_v4.0.30319_32)SRV - [2012/04/30 09:44:38 | 005,106,744 |
---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files
(x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)SRV - [2012/03/12 00:07:58
| 002,429,544 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] --
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe --
(IconMan_R)SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG
Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files
(x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)SRV - [2012/02/09 20:40:16 |
000,053,248 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] --
C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe --
(Oasis2Service)SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe
Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common
Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)SRV - [2011/03/05
19:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] --
C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event
Service)SRV - [2011/02/23 17:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.)
[Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects
2\uCamMonitor.exe -- (uCamMonitor)SRV - [2011/02/21 15:55:08 | 000,113,824 |
---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files
(x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)SRV -
[2011/02/21 15:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand |
Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe --
(SOHDs)SRV - [2011/02/14 02:15:46 | 002,656,280 | ---- | M] (Intel
Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel®
Management Engine Components\UNS\UNS.exe -- (UNS)SRV - [2011/02/14 02:15:14
| 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program
Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe --
(LMS)SRV - [2011/01/20 15:16:26 | 000,887,000 | ---- | M] (Sony Corporation)
[On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO
Content Folder Watcher\VCFw.exe -- (VCFw)SRV - [2010/11/27 03:55:42 |
000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files
(x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)SRV -
[2010/11/06 02:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto |
Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage
Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)SRV - [2010/10/22
14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] --
C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL --
(HPSLPSVC)SRV - [2010/03/18 14:19:26 | 000,113,152 | ---- | M] (ArcSoft
Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common
Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)SRV -
[2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled
| Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe --
(clr_optimization_v2.0.50727_32)SRV - [2006/10/23 08:50:35 | 000,046,640 |
R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files (x86)\Common
Files\AOL\acs\AOLacsd.exe -- (AOL
ACS)  ========== Driver Services (SafeList)
========== DRV:64bit: - [2014/05/16 09:57:03 |
001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] --
C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)DRV:64bit: -
[2014/05/16 09:57:03 | 000,423,240 | ---- | M] (AVAST Software) [File_System |
System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys --
(aswSP)DRV:64bit: - [2014/05/16 09:57:03 | 000,085,328 | ---- | M]
(AVAST Software) [Kernel | Auto | Running] --
C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)DRV:64bit: -
[2014/04/30 11:14:43 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] --
C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)DRV:64bit: -
[2014/04/30 11:14:43 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System
| Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys --
(aswRdr)DRV:64bit: - [2014/04/30 11:14:43 | 000,079,184 | ---- | M]
(AVAST Software) [File_System | Auto | Running] --
C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)DRV:64bit: -
[2014/04/30 11:14:43 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] --
C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)DRV:64bit: -
[2014/04/30 11:14:43 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] --
C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)DRV:64bit: -
[2014/03/28 13:26:21 | 000,061,120 | ---- | M] (StdLib) [Kernel | System |
Running] -- C:\Windows\SysNative\drivers\wStLib64.sys --
(wStLib64)DRV:64bit: - [2014/01/09 02:48:02 | 000,010,112 | ---- | M]
(support.com, Inc) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\ssmirrdr.sys -- (ssmirrdr)DRV:64bit: -
[2012/11/06 18:28:46 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Running]
-- C:\Windows\SysNative\drivers\semav6thermal64ro.sys --
(semav6thermal64ro)DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 |
---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\GEARAspiWDM.sys --
(GEARAspiWDM)DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- |
M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] --
C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)DRV:64bit: -
[2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.)
[Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys --
(Avgtdia)DRV:64bit: - [2012/03/12 00:08:08 | 000,340,072 | ---- | M]
(Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)DRV:64bit: -
[2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation)
[Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys --
(Fs_Rec)DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M]
(AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] --
C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)DRV:64bit: -
[2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand
| Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys --
(USBAAPL64)DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- |
M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] --
C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)DRV:64bit: -
[2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.)
[File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys --
(Avgmfx64)DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M]
(AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\avgidsfiltera.sys --
(AVGIDSFilter)DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ----
| M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\avgidsdrivera.sys --
(AVGIDSDriver)DRV:64bit: - [2011/08/18 01:45:48 | 001,591,936 | ----
| M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\CHDRT64.sys --
(CnxtHdAudService)DRV:64bit: - [2011/03/28 00:12:44 | 000,317,440 |
---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)DRV:64bit: -
[2011/03/28 00:07:33 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel |
On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys --
(igfx)DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M]
(Advanced Micro Devices) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)DRV:64bit: -
[2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel
| Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys --
(amdxata)DRV:64bit: - [2011/02/21 13:43:52 | 000,438,808 | ---- | M]
(Intel Corporation) [Kernel | Boot | Running] --
C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)DRV:64bit: -
[2011/02/15 03:42:50 | 001,388,592 | ---- | M] (Synaptics Incorporated) [Kernel
| On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys --
(SynTP)DRV:64bit: - [2011/02/14 02:15:10 | 000,056,344 | ---- | M]
(Intel Corporation) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)DRV:64bit: -
[2011/02/11 04:48:34 | 000,076,912 | ---- | M] (Atheros Communications, Inc.)
[Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys --
(L1C)DRV:64bit: - [2010/12/21 12:08:48 | 008,505,856 | ---- | M]
(Intel Corporation) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)DRV:64bit: -
[2010/12/01 08:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel |
On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys --
(wdkmd)DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M]
(Microsoft Corporation) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)DRV:64bit: -
[2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel |
On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys --
(sdbus)DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M]
(Hewlett-Packard Company) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)DRV:64bit: -
[2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel |
On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys --
(TsUsbGD)DRV:64bit: - [2010/04/26 16:20:29 | 000,012,032 | ---- | M]
(Sony Corporation) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)DRV:64bit: -
[2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel |
On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys --
(amdsbs)DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M]
(LSI Corporation) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)DRV:64bit: -
[2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel |
On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys --
(stexstor)DRV:64bit: - [2009/06/19 22:09:57 | 001,394,688 | ---- | M]
(Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\athrx.sys -- (athr)DRV:64bit: -
[2009/06/10 16:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel |
On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys --
(e1yexpress)DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- |
M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)DRV:64bit: -
[2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel |
On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys --
(b06bdrv)DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M]
(Broadcom Corporation) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)DRV:64bit: -
[2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.)
[Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys --
(hcw85cir)DRV:64bit: - [2009/05/26 17:32:04 | 000,019,968 | ---- | M]
(ArcSoft, Inc.) [Kernel | On_Demand | Running] --
C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys --
(ArcSoftKsUFilter)DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 |
---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] --
C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)DRV:64bit: -
[2006/11/29 18:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel |
On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys --
(wanatw)DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft
Corporation) [File_System | On_Demand | Stopped] --
C:\Windows\SysWOW64\drivers\wimmount.sys --
(WIMMount)  ========== Standard Registry
(SafeList) ==========  ==========
Internet Explorer ========== IE:64bit: -
HKLM\..\SearchScopes,DefaultScope =
{0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE:64bit: -
HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=IE-SearchBoxIE
- HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page =
C:\Windows\SysWOW64\blank.htmIE - HKLM\..\SearchScopes,DefaultScope =
{0633EE93-D776-472f-A0FF-E1416B8B2E3A}IE -
HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...=IE-SearchBoxIE
- HKLM\..\SearchScopes\{10E480B6-92AE-48D7-91E7-BF466060FFAA}: "URL" = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=msie70a IE
- HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.comIE -
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/IE
- HKCU\..\SearchScopes,DefaultScope =
{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}IE -
HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...M=2&UP=&SSPV=IE
- HKCU\..\SearchScopes\{1A4CC7B9-D1F9-4F4F-A675-A8160CD73C01}: "URL" = http://search.condui...M=2&UP=&SSPV=IE
- HKCU\..\SearchScopes\{1B5FDD86-DF67-406C-A7EC-28CF6466FD3C}: "URL" = http://websearch.ask...-AA40B9694022IE
- HKCU\..\SearchScopes\{2D79435F-073E-4898-829D-1CF65F32A21C}: "URL" = http://search.aol.co...nType=msie70aIE
- HKCU\..\SearchScopes\{30637152-BBB5-4CFD-B26A-3004155961EB}: "URL" = http://search.condui...{searchTerms}IE
- HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?s...{searchTerms}IE
- HKCU\..\SearchScopes\{53F1CAC5-5222-400A-ACEA-61E0A7F2BFB5}: "URL" = http://search.condui...42492142&UM=2IE
- HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
"ProxyEnable" = 0IE -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings:
"ProxyOverride" = *.local  ==========
FireFox ========== FF:64bit: -
HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:
C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not
foundFF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin:
C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems,
Inc.)FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE:
disabled File not foundFF:64bit: -
HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program
Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft
Corporation)FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer:
C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()FF -
HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not
foundFF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0:
C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()FF -
HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files
(x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)FF -
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not
foundFF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0:
c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft
Corporation)FF -
HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922:
C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft
Corporation)FF -
HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513:
C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft
Corporation)FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program
Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()FF -
HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader
10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)FF -
HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin:
C:\Users\milbus21\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
(Skype Limited) FF -
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}:
C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/11 10:55:42 | 000,000,000
| ---D | M]FF -
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]:
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
[2012/01/11 21:10:41 | 000,000,000 | ---D | M]FF -
HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]:
C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
[2012/01/11 21:10:41 | 000,000,000 | ---D | M] [2012/02/26 22:04:24
| 000,000,000 | ---D | M] (No name found) --
C:\Users\milbus21\AppData\Roaming\Mozilla\Extensions O1 HOSTS File:
([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) -
C:\Windows\SysNative\drivers\etc\hostsO2:64bit: - BHO: (AVG Do Not
Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files
(x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)O2:64bit:
- BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program
Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ,
s.r.o.)O2:64bit: - BHO: (avast! Online Security) -
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST
Software\Avast\aswWebRepIE64.dll (AVAST Software)O2 - BHO: (no name) -
{02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.O2 - BHO: (AVG
Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files
(x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)O2 - BHO: (avast!
Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program
Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)O2 - BHO: (no
name) - {9F531FB1-7C1F-4e1a-8C0C-E8D6177130E2} - No CLSID value found.O2 -
BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program
Files (x86)\Microsoft\BingBar\BingExt.dll" File not foundO3 -
HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} -
"C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" File not foundO3 -
HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -
No CLSID value found.O4:64bit: - HKLM..\Run: [HotKeysCmds]
C:\Windows\SysNative\hkcmd.exe (Intel Corporation)O4:64bit: -
HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel
Corporation)O4:64bit: - HKLM..\Run: [Persistence]
C:\Windows\SysNative\igfxpers.exe (Intel Corporation)O4 - HKLM..\Run:
[APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application
Support\APSDaemon.exe (Apple Inc.)O4 - HKLM..\Run: [AvastUI.exe] C:\Program
Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)O4 - HKLM..\Run:
[HostManager] C:\Program Files (x86)\Common
Files\AOL\1324837120\ee\aolsoftware.exe (AOL Inc.)O4 - HKLM..\Run:
[IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage
Technology\IAStorIcon.exe (Intel Corporation)O4 - HKLM..\Run: [ISBMgr.exe]
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)O4 -
HKLM..\Run: [PMBVolumeWatcher] C:\Program Files
(x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)O4 - HKCU..\Run: [AOL
Fast Start] C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE (AOL Inc.)O4 -
HKCU..\Run: [Facebook Update]
C:\Users\milbus21\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook
Inc.)O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common
Files\Apple\Internet Services\ubd.exe (Apple Inc.)O6 -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
NoActiveDesktop = 1O6 -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
NoActiveDesktopChanges = 1O6 -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:
ConsentPromptBehaviorAdmin = 5O6 -
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System:
ConsentPromptBehaviorUser = 3O7 -
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer:
NoDriveTypeAutoRun = 145O9:64bit: - Extra Button: AVG Do Not Track -
{68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files
(x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ,
s.r.o.)O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007
[] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)O10 -
NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files
(x86)\Bonjour\mdnsNSP.dll (Apple Inc.)O1364bit: - gopher Prefix:
missingO13 - gopher Prefix: missingO15 - HKCU\..Trusted Domains: aol.com
([objects] * is out of zone range -  5)O15 - HKCU\..Trusted Ranges:
Range1 ([https] in Trusted sites)O16:64bit: - DPF:
{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
(Java Plug-in 1.6.0_22)O16:64bit: - DPF:
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
(Java Plug-in 1.6.0_22)O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
(Java Plug-in 1.6.0_22)O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto....veX_Control.cab
(Photo Upload Plugin Class)O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab
(Java Plug-in 1.6.0_22)O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
(Java Plug-in 1.6.0_22)O16 - DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://10.0.0.2/HiDvrOcx.cab
(HiDvrOcx Control)O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724
(Performance Viewer Activex Control)O17 -
HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1O17 -
HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D9BA946-229A-4B8D-B5B0-F133CCD4D589}:
DhcpNameServer = 192.168.1.1O18:64bit: - Protocol\Handler\linkscanner
{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files
(x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)O18:64bit:
- Protocol\Handler\wlmailhtml - No CLSID value foundO18:64bit: -
Protocol\Handler\wlpg - No CLSID value foundO18 -
Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program
Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ,
s.r.o.)O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) -
C:\Windows\explorer.exe (Microsoft Corporation)O20:64bit: - HKLM
Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -
C:\Windows\SysNative\userinit.exe (Microsoft Corporation)O20 - HKLM
Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft
Corporation)O20 - HKLM Winlogon: UserInit - (userinit.exe) -
C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)O20:64bit: -
Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) -
C:\Windows\SysNative\igfxdev.dll (Intel Corporation)O21:64bit: -
SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value
found.O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No
CLSID value found.O32 - HKLM CDRom: AutoRun - 1O33 -
MountPoints2\{d600b1c7-fbd4-11e2-b504-00038a000015}\Shell - "" = AutoRunO33
- MountPoints2\{d600b1c7-fbd4-11e2-b504-00038a000015}\Shell\AutoRun\command - ""
= D:\LaunchU3.exe -aO34 - HKLM BootExecute: (autocheck autochk *)O34 -
HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync
/restart)O35:64bit: - HKLM\..comfile [open] -- "%1"
%*O35:64bit: - HKLM\..exefile [open] -- "%1" %*O35 -
HKLM\..comfile [open] -- "%1" %*O35 - HKLM\..exefile [open] -- "%1"
%*O37:64bit: - HKLM\...com [@ = comfile] -- "%1"
%*O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*O37 -
HKLM\...com [@ = comfile] -- "%1" %*O37 - HKLM\...exe [@ = exefile] -- "%1"
%*O38 - SubSystems\\Windows:
(ServerDll=winsrv:UserServerDllInitialization,3)O38 - SubSystems\\Windows:
(ServerDll=winsrv:ConServerDllInitialization,2)O38 - SubSystems\\Windows:
(ServerDll=sxssrv,4) ========== Files/Folders -
Created Within 30 Days ========== [2014/06/30 15:56:32 |
000,602,112 | ---- | C] (OldTimer Tools) --
C:\Users\milbus21\Desktop\OTL.exe[2014/06/22 22:09:18 | 000,000,000 | ---D |
C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes[2014/06/22
22:08:37 | 000,000,000 | ---D | C] --
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69[2014/06/14 22:48:12 |
000,000,000 | ---D | C] -- C:\ProgramData\Package Cache[2014/06/14 22:47:25
| 000,000,000 | ---D | C] -- C:\Users\milbus21\AppData\Roaming\microsoft
games[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp
-> ] ========== Files - Modified Within 30 Days
========== [2014/06/30 15:59:33 | 000,021,200 | -H-- | M]
() --
C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0[2014/06/30
15:59:33 | 000,021,200 | -H-- | M] () --
C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0[2014/06/30
15:56:32 | 000,602,112 | ---- | M] (OldTimer Tools) --
C:\Users\milbus21\Desktop\OTL.exe[2014/06/30 15:48:04 | 000,000,918 | ---- |
M] () --
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005Core.job[2014/06/30
15:43:09 | 000,000,000 | -H-- | M] () --
C:\Users\milbus21\Documents\Default.rdp[2014/06/30 15:43:00 | 000,000,830 |
---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job[2014/06/30
15:36:56 | 000,000,940 | ---- | M] () --
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005UA.job[2014/06/30
15:36:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat[2014/06/23
16:37:43 | 000,782,470 | ---- | M] () --
C:\Windows\SysNative\PerfStringBackup.INI[2014/06/23 16:37:43 | 000,662,634
| ---- | M] () -- C:\Windows\SysNative\perfh009.dat[2014/06/23 16:37:43 |
000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat[2014/06/23
00:16:13 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys[2014/06/22
22:09:18 | 000,001,743 | ---- | M] () --
C:\Users\Public\Desktop\iTunes.lnk[2014/06/14 10:20:04 | 003,148,854 | ----
| M] () -- C:\Users\milbus21\Desktop\New Bitmap Image.bmp[2014/06/14
10:17:50 | 000,225,033 | ---- | M] () -- C:\Users\milbus21\Desktop\russ
bennies.jpg[1 C:\Windows\SysWow64\*.tmp files ->
C:\Windows\SysWow64\*.tmp -> ] ========== Files
Created - No Company Name ========== [2014/06/30 15:43:09 |
000,000,000 | -H-- | C] () --
C:\Users\milbus21\Documents\Default.rdp[2014/06/22 22:09:18 | 000,001,743 |
---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk[2014/06/14 10:17:50 |
000,225,033 | ---- | C] () -- C:\Users\milbus21\Desktop\russ
bennies.jpg[2014/06/14 10:17:14 | 003,148,854 | ---- | C] () --
C:\Users\milbus21\Desktop\New Bitmap Image.bmp[2014/04/05 13:23:03 |
000,000,017 | ---- | C] () --
C:\Users\milbus21\AppData\Local\resmon.resmoncfg[2013/08/24 17:04:14 |
000,000,258 | RHS- | C] () -- C:\Users\milbus21\ntuser.pol[2012/11/29
12:36:51 | 000,074,703 | ---- | C] () --
C:\Windows\SysWow64\mfc45.dll[2011/10/10 07:13:37 | 000,000,226 | ---- | C]
() --
C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc ==========
ZeroAccess Check ========== [2009/07/14 00:55:00 |
000,000,227 | RHS- | M] () --
C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
/64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
/64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
/64"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 |
014,175,744 | ---- | M] (Microsoft Corporation)"ThreadingModel" =
Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]""
= %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ----
| M] (Microsoft Corporation)"ThreadingModel" =
Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
/64"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 |
000,909,312 | ---- | M] (Microsoft Corporation)"ThreadingModel" =
Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]""
= %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208
| ---- | M] (Microsoft Corporation)"ThreadingModel" =
Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
/64"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 |
000,505,856 | ---- | M] (Microsoft Corporation)"ThreadingModel" =
Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ==========
LOP Check ========== [2014/04/30 11:15:33 | 000,000,000 |
---D | M] -- C:\Users\milbus21\AppData\Roaming\AVAST Software[2011/12/23
20:14:55 | 000,000,000 | ---D | M] --
C:\Users\milbus21\AppData\Roaming\AVG2012[2013/08/24 17:04:11 | 000,000,000
| ---D | M] -- C:\Users\milbus21\AppData\Roaming\DefaultTab[2012/02/10
22:49:31 | 000,000,000 | ---D | M] --
C:\Users\milbus21\AppData\Roaming\GameHouse[2012/12/06 15:04:43 |
000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\iolo[2012/02/10
22:50:52 | 000,000,000 | ---D | M] --
C:\Users\milbus21\AppData\Roaming\iWin[2013/07/04 16:12:59 | 000,000,000 |
---D | M] -- C:\Users\milbus21\AppData\Roaming\LOVE[2013/01/21 10:48:39 |
000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\ooVoo
Details[2012/03/02 23:38:05 | 000,000,000 | ---D | M] --
C:\Users\milbus21\AppData\Roaming\OpenOffice.org[2014/04/05 15:43:44 |
000,000,000 | ---D | M] --
C:\Users\milbus21\AppData\Roaming\supportdotcom[2012/12/23 21:24:36 |
000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\Windows Live
Writer ========== Purity Check
========== 
< End of report >
  • 0

Advertisements

#2
Essexboy
Posted 04 July 2014 - 08:11 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Hi there, the OTL log is poorly formatted so it makes it difficult to read. However, I can see some of the problems

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

THEN

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Select additions at the bottom
  • frst.JPG
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please attach all 3 logs generated.

  • 0

#3
Jamazz
Posted 04 July 2014 - 11:54 AM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

Thank you for the reply. While you are waiting for me to follow your instructions, I'll repost the OTL log, so you can read it.

 

OTL logfile created on: 6/30/2014 3:57:19 PM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\milbus21\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17126)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.95 Gb Total Physical Memory | 1.88 Gb Available Physical Memory | 47.72% Memory free
7.90 Gb Paging File | 5.30 Gb Available in Paging File | 67.06% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 585.14 Gb Total Space | 371.24 Gb Free Space | 63.45% Space Free | Partition Type: NTFS
 
Computer Name: MILBUS21-VAIO | User Name: milbus21 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/06/30 15:56:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milbus21\Desktop\OTL.exe
PRC - [2014/06/14 12:13:12 | 003,890,208 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\avastui.exe
PRC - [2014/05/27 15:16:21 | 002,472,424 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\browsercleanup.exe
PRC - [2014/04/30 11:14:43 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2014/02/20 15:35:26 | 000,060,504 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2013/11/01 14:59:56 | 000,062,464 | ---- | M] () -- C:\Program Files\Sony\VAIO Care\listener.exe
PRC - [2012/02/23 13:30:40 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/09 20:40:16 | 000,053,248 | ---- | M] (Digital Delivery Networks, Inc.) -- C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
PRC - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/12/14 16:51:21 | 000,041,296 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
PRC - [2011/12/14 16:51:19 | 000,045,392 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
PRC - [2011/08/31 13:44:30 | 000,477,200 | ---- | M] () -- C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
PRC - [2011/03/05 19:42:36 | 000,180,928 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
PRC - [2011/03/05 19:42:36 | 000,064,704 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
PRC - [2011/02/23 17:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
PRC - [2011/02/15 14:47:02 | 002,757,312 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
PRC - [2011/02/14 02:15:46 | 002,656,280 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/02/14 02:15:14 | 000,325,656 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2010/11/27 03:55:42 | 000,648,032 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2010/11/27 03:55:42 | 000,398,176 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2010/11/06 02:54:22 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010/11/06 02:54:20 | 000,283,160 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
PRC - [2010/03/08 03:27:49 | 000,041,800 | ---- | M] (AOL Inc.) -- C:\Program Files (x86)\Common Files\AOL\1324837120\ee\aolsoftware.exe
PRC - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/05/22 11:42:49 | 000,475,648 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\0eef5f1e5c15e0171152ee8f1cfc6924\IAStorUtil.ni.dll
MOD - [2014/05/22 11:40:07 | 000,774,144 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll
MOD - [2014/05/22 11:16:35 | 000,805,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runt73a1fc9d#\04824fdbd5dce32530ba44ae012e4fb9\System.Runtime.Remoting.ni.dll
MOD - [2014/04/30 17:42:59 | 000,190,976 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\UIAutomationTypes\75b6a68103e1b76063d9f69b8275ae61\UIAutomationTypes.ni.dll
MOD - [2014/04/30 16:50:28 | 018,813,440 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\a4b45c44490c75bc2fb22780e7ef087d\PresentationFramework.ni.dll
MOD - [2014/04/30 16:50:20 | 001,889,792 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\3fe705796c6a41d4889d9001d1c56af8\System.Xaml.ni.dll
MOD - [2014/04/30 16:50:18 | 012,894,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\f4f6ee0df2aa4189bf36e6335cb92761\System.Windows.Forms.ni.dll
MOD - [2014/04/30 16:50:18 | 001,180,672 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0893e0e7137e3b2da905da6216b75344\System.Management.ni.dll
MOD - [2014/04/30 16:50:11 | 011,025,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74542efbeb46445949a39026c501132\PresentationCore.ni.dll
MOD - [2014/04/30 16:50:08 | 001,644,544 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\5cd2aee5e7c07227c694d89219688ab3\System.Drawing.ni.dll
MOD - [2014/04/30 16:50:04 | 006,990,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\dce99d8de14d8a015313db98c72552ee\System.Core.ni.dll
MOD - [2014/04/30 16:50:03 | 007,662,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\bada32953bb6b16a53d653eae23d78dc\System.Xml.ni.dll
MOD - [2014/04/30 16:50:01 | 003,950,080 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\acf97bfe2a931d4a47253b26b7218991\WindowsBase.ni.dll
MOD - [2014/04/30 16:49:59 | 000,470,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio1c9175f8#\75f8bc4cf08030c4a53b6d5e0ae20046\PresentationFramework.Aero.ni.dll
MOD - [2014/04/30 16:49:58 | 000,976,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\bbc48ec4245e502ae19b0601d3799c9e\System.Configuration.ni.dll
MOD - [2014/04/30 16:49:57 | 010,060,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ff26cc03e6d57d8abd13b990332e67c6\System.ni.dll
MOD - [2014/04/30 16:49:51 | 016,953,856 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\ce5f61c5754789df97be8dc991c47d07\mscorlib.ni.dll
MOD - [2014/04/30 12:10:32 | 000,014,336 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\b1f7b4e15aef3faf382db6ba14c81371\IAStorCommon.ni.dll
MOD - [2014/04/30 11:14:43 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2014/04/30 11:00:45 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll
MOD - [2014/04/30 11:00:38 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll
MOD - [2014/04/30 11:00:23 | 003,348,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll
MOD - [2014/04/30 11:00:17 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014/04/30 11:00:14 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014/04/30 11:00:13 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014/04/30 11:00:06 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2013/11/01 14:59:56 | 000,062,464 | ---- | M] () -- C:\Program Files\Sony\VAIO Care\listener.exe
MOD - [2011/12/14 16:51:21 | 000,048,640 | ---- | M] () -- C:\Program Files (x86)\AOL Desktop 9.7\zlib.dll
MOD - [2011/11/02 00:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/11/02 00:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/08/31 15:06:52 | 000,027,104 | ---- | M] () -- C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
MOD - [2011/08/31 15:06:48 | 000,161,256 | ---- | M] () -- C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll
MOD - [2011/08/31 13:44:30 | 000,477,200 | ---- | M] () -- C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/05/30 05:21:05 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/04/30 11:14:43 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2014/02/27 22:03:12 | 001,642,544 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2014/02/20 15:35:26 | 000,060,504 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2013/08/27 16:42:10 | 000,948,312 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2013/05/27 01:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2013/03/04 17:06:26 | 000,258,048 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2013/02/22 15:02:06 | 000,427,432 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe -- (USER_ESRV_SVC)
SRV:64bit: - [2013/02/22 15:02:06 | 000,427,432 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe -- (ESRV_SVC)
SRV:64bit: - [2011/08/25 02:58:28 | 000,111,776 | ---- | M] (Atheros Communication Inc.) [On_Demand | Stopped] -- C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe -- (DCDhcpService)
SRV:64bit: - [2011/05/19 22:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011/02/19 01:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011/02/19 01:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2011/01/20 15:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010/12/17 17:41:32 | 001,515,792 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2010/12/17 17:28:46 | 000,340,240 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2010/12/17 17:26:50 | 000,836,880 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV - [2014/06/23 00:18:59 | 000,262,320 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/06/20 17:38:20 | 000,542,400 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013/09/11 21:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/04/30 09:44:38 | 005,106,744 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/03/12 00:07:58 | 002,429,544 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2012/02/09 20:40:16 | 000,053,248 | ---- | M] (Digital Delivery Networks, Inc.) [Auto | Running] -- C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe -- (Oasis2Service)
SRV - [2012/01/03 05:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/03/05 19:42:36 | 000,064,704 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe -- (VAIO Event Service)
SRV - [2011/02/23 17:05:04 | 000,105,024 | ---- | M] (ArcSoft, Inc.) [Auto | Running] -- C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe -- (uCamMonitor)
SRV - [2011/02/21 15:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011/02/21 15:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011/02/14 02:15:46 | 002,656,280 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/02/14 02:15:14 | 000,325,656 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/01/20 15:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2010/11/27 03:55:42 | 000,398,176 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2010/11/06 02:54:22 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/10/22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC)
SRV - [2010/03/18 14:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009/06/10 17:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006/10/23 08:50:35 | 000,046,640 | R--- | M] (AOL LLC) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe -- (AOL ACS)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/05/16 09:57:03 | 001,039,096 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsnx.sys -- (aswSnx)
DRV:64bit: - [2014/05/16 09:57:03 | 000,423,240 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswsp.sys -- (aswSP)
DRV:64bit: - [2014/05/16 09:57:03 | 000,085,328 | ---- | M] (AVAST Software) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswstm.sys -- (aswStm)
DRV:64bit: - [2014/04/30 11:14:43 | 000,208,416 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswVmm.sys -- (aswVmm)
DRV:64bit: - [2014/04/30 11:14:43 | 000,093,568 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2014/04/30 11:14:43 | 000,079,184 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2014/04/30 11:14:43 | 000,065,776 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\aswRvrt.sys -- (aswRvrt)
DRV:64bit: - [2014/04/30 11:14:43 | 000,029,208 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\aswHwid.sys -- (aswHwid)
DRV:64bit: - [2014/03/28 13:26:21 | 000,061,120 | ---- | M] (StdLib) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\wStLib64.sys -- (wStLib64)
DRV:64bit: - [2014/01/09 02:48:02 | 000,010,112 | ---- | M] (support.com, Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssmirrdr.sys -- (ssmirrdr)
DRV:64bit: - [2012/11/06 18:28:46 | 000,013,792 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\semav6thermal64ro.sys -- (semav6thermal64ro)
DRV:64bit: - [2012/08/21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/04/19 04:50:26 | 000,028,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2012/03/19 05:17:26 | 000,383,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2012/03/12 00:08:08 | 000,340,072 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012/03/01 02:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/22 05:25:32 | 000,289,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2012/02/15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/01/31 04:46:48 | 000,036,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2011/12/23 13:32:14 | 000,047,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2011/12/23 13:32:04 | 000,029,776 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsfiltera.sys -- (AVGIDSFilter)
DRV:64bit: - [2011/12/23 13:31:58 | 000,124,496 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2011/08/18 01:45:48 | 001,591,936 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)
DRV:64bit: - [2011/03/28 00:12:44 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2011/03/28 00:07:33 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011/03/11 02:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 02:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/02/21 13:43:52 | 000,438,808 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/02/15 03:42:50 | 001,388,592 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/02/14 02:15:10 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/02/11 04:48:34 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010/12/21 12:08:48 | 008,505,856 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2010/12/01 08:02:22 | 000,042,392 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WDKMD.sys -- (wdkmd)
DRV:64bit: - [2010/11/20 23:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 23:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 23:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 23:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/04/26 16:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/07/13 21:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 21:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 21:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 22:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 16:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 16:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 16:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 16:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 16:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/05/26 17:32:04 | 000,019,968 | ---- | M] (ArcSoft, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ArcSoftKsUFilter.sys -- (ArcSoftKsUFilter)
DRV:64bit: - [2008/05/06 17:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV:64bit: - [2006/11/29 18:24:49 | 000,024,064 | ---- | M] (America Online, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wanatw64.sys -- (wanatw)
DRV - [2009/07/13 21:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\..\SearchScopes\{10E480B6-92AE-48D7-91E7-BF466060FFAA}: "URL" = http://search.aol.co...ionType=msie70a
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://search.condui...2&UM=2&UP==
IE - HKCU\..\SearchScopes\{1A4CC7B9-D1F9-4F4F-A675-A8160CD73C01}: "URL" = http://search.condui...2&UM=2&UP==
IE - HKCU\..\SearchScopes\{1B5FDD86-DF67-406C-A7EC-28CF6466FD3C}: "URL" = http://websearch.ask...85-AA40B9694022
IE - HKCU\..\SearchScopes\{2D79435F-073E-4898-829D-1CF65F32A21C}: "URL" = http://search.aol.co...ionType=msie70a
IE - HKCU\..\SearchScopes\{30637152-BBB5-4CFD-B26A-3004155961EB}: "URL" = http://search.condui...&q={searchTerms}
IE - HKCU\..\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}: "URL" = http://blekko.com/?s...&q={searchTerms}
IE - HKCU\..\SearchScopes\{53F1CAC5-5222-400A-ACEA-61E0A7F2BFB5}: "URL" = http://search.condui...3142492142&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@viewpoint.com/VMP: C:\Program Files (x86)\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\milbus21\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files (x86)\AVG\AVG2012\Firefox4\ [2012/06/11 10:55:42 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/11 21:10:41 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012/01/11 21:10:41 | 000,000,000 | ---D | M]
 
[2012/02/26 22:04:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\milbus21\AppData\Roaming\Mozilla\Extensions
 
O1 HOSTS File: ([2009/06/10 17:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll (AVG Technologies CZ, s.r.o.)
O2:64bit: - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (avast! Online Security) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (no name) - {9F531FB1-7C1F-4e1a-8C0C-E8D6177130E2} - No CLSID value found.
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" File not found
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" File not found
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1324837120\ee\aolsoftware.exe (AOL Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [ISBMgr.exe] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe (Sony Corporation)
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKCU..\Run: [AOL Fast Start] C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE (AOL Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\milbus21\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe (Apple Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9:64bit: - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: aol.com ([objects] * is out of zone range -  5)
O15 - HKCU\..Trusted Ranges: Range1 ([https] in Trusted sites)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto....veX_Control.cab (Photo Upload Plugin Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://10.0.0.2/HiDvrOcx.cab (HiDvrOcx Control)
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724 (Performance Viewer Activex Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1D9BA946-229A-4B8D-B5B0-F133CCD4D589}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{d600b1c7-fbd4-11e2-b504-00038a000015}\Shell - "" = AutoRun
O33 - MountPoints2\{d600b1c7-fbd4-11e2-b504-00038a000015}\Shell\AutoRun\command - "" = D:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/06/30 15:56:32 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\milbus21\Desktop\OTL.exe
[2014/06/22 22:09:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2014/06/22 22:08:37 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2014/06/14 22:48:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014/06/14 22:47:25 | 000,000,000 | ---D | C] -- C:\Users\milbus21\AppData\Roaming\microsoft games
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/06/30 15:59:33 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/06/30 15:59:33 | 000,021,200 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/06/30 15:56:32 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\milbus21\Desktop\OTL.exe
[2014/06/30 15:48:04 | 000,000,918 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005Core.job
[2014/06/30 15:43:09 | 000,000,000 | -H-- | M] () -- C:\Users\milbus21\Documents\Default.rdp
[2014/06/30 15:43:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/06/30 15:36:56 | 000,000,940 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005UA.job
[2014/06/30 15:36:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/06/23 16:37:43 | 000,782,470 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/06/23 16:37:43 | 000,662,634 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/06/23 16:37:43 | 000,122,470 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/06/23 00:16:13 | 3180,220,416 | -HS- | M] () -- C:\hiberfil.sys
[2014/06/22 22:09:18 | 000,001,743 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/06/14 10:20:04 | 003,148,854 | ---- | M] () -- C:\Users\milbus21\Desktop\New Bitmap Image.bmp
[2014/06/14 10:17:50 | 000,225,033 | ---- | M] () -- C:\Users\milbus21\Desktop\russ bennies.jpg
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/06/30 15:43:09 | 000,000,000 | -H-- | C] () -- C:\Users\milbus21\Documents\Default.rdp
[2014/06/22 22:09:18 | 000,001,743 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2014/06/14 10:17:50 | 000,225,033 | ---- | C] () -- C:\Users\milbus21\Desktop\russ bennies.jpg
[2014/06/14 10:17:14 | 003,148,854 | ---- | C] () -- C:\Users\milbus21\Desktop\New Bitmap Image.bmp
[2014/04/05 13:23:03 | 000,000,017 | ---- | C] () -- C:\Users\milbus21\AppData\Local\resmon.resmoncfg
[2013/08/24 17:04:14 | 000,000,258 | RHS- | C] () -- C:\Users\milbus21\ntuser.pol
[2012/11/29 12:36:51 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2011/10/10 07:13:37 | 000,000,226 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
 
========== ZeroAccess Check ==========
 
[2009/07/14 00:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 22:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 22:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 21:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 23:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 21:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014/04/30 11:15:33 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\AVAST Software
[2011/12/23 20:14:55 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\AVG2012
[2013/08/24 17:04:11 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\DefaultTab
[2012/02/10 22:49:31 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\GameHouse
[2012/12/06 15:04:43 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\iolo
[2012/02/10 22:50:52 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\iWin
[2013/07/04 16:12:59 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\LOVE
[2013/01/21 10:48:39 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\ooVoo Details
[2012/03/02 23:38:05 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\OpenOffice.org
[2014/04/05 15:43:44 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\supportdotcom
[2012/12/23 21:24:36 | 000,000,000 | ---D | M] -- C:\Users\milbus21\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 

< End of report >


  • 0

#4
Essexboy
Posted 04 July 2014 - 12:02 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I can see both AVG and Avast there

So initially I would recommend that we remove all three and then re-install Avast (if that is the one you want)

However, we will wait until I have at look at FRST :)
  • 0

#5
Jamazz
Posted 04 July 2014 - 12:55 PM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

FRST LOG:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2014
Ran by milbus21 (administrator) on MILBUS21-VAIO on 04-07-2014 14:21:25
Running from C:\Users\milbus21\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\waol.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1324837120\ee\aolsoftware.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(AOL LLC) C:\Program Files (x86)\Common Files\AOL\acs\AOLacsd.exe
(AOL Inc.) C:\Program Files (x86)\AOL Desktop 9.7\shellmon.exe
() C:\Program Files\Sony\VAIO Care\esrv\esrv.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
() C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
() C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_14_0_0_125_ActiveX.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2284328 2011-02-15] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1324837120\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc.)
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2012-04-18] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-07-04] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] - rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-1854164474-1872011153-1295231794-1005\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe [59240 2012-02-23] (Apple Inc.)
HKU\S-1-5-21-1854164474-1872011153-1295231794-1005\...\Run: [Facebook Update] => C:\Users\milbus21\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-07] (Facebook Inc.)
HKU\S-1-5-21-1854164474-1872011153-1295231794-1005\...\Run: [AOL Fast Start] => C:\Program Files (x86)\AOL Desktop 9.7\AOL.EXE [42320 2011-12-14] (AOL Inc.)
HKU\S-1-5-21-1854164474-1872011153-1295231794-1005\...\MountPoints2: {d600b1c7-fbd4-11e2-b504-00038a000015} - D:\LaunchU3.exe -a
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * C:\PROGRA~2\AVG\AVG2012\avgrsa.exe /sync /restart

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony.msn.com
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {10E480B6-92AE-48D7-91E7-BF466060FFAA} URL = http://search.aol.co...ionType=msie70a
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {1A4CC7B9-D1F9-4F4F-A675-A8160CD73C01} URL = http://search.condui...2&UM=2&UP==
SearchScopes: HKCU - {1B5FDD86-DF67-406C-A7EC-28CF6466FD3C} URL = http://websearch.ask...85-AA40B9694022
SearchScopes: HKCU - {2D79435F-073E-4898-829D-1CF65F32A21C} URL = http://search.aol.co...ionType=msie70a
SearchScopes: HKCU - {30637152-BBB5-4CFD-B26A-3004155961EB} URL = http://search.condui...&q={searchTerms}
SearchScopes: HKCU - {53F1CAC5-5222-400A-ACEA-61E0A7F2BFB5} URL = http://search.condui...3142492142&UM=2
BHO: AVG Do Not Track - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files (x86)\AVG\AVG2012\avgdtiea.dll (AVG Technologies CZ, s.r.o.)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {9F531FB1-7C1F-4e1a-8C0C-E8D6177130E2} -  No File
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" No File
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://www.cvsphoto....veX_Control.cab
DPF: HKLM-x32 {DB9DE2A8-D1BA-472A-B1F8-39697899DEF7} http://10.0.0.2/HiDvrOcx.cab
DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logme...trl.cab?lmi=724
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgppa.dll (AVG Technologies CZ, s.r.o.)
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Tcpip\Parameters: [DhcpNameServer] 216.144.187.101 216.144.187.199 204.186.80.251

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\milbus21\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Extension: ArcadeWeb - C:\Users\milbus21\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] [2012-02-26]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
FF Extension: AVG Safe Search - C:\Program Files (x86)\AVG\AVG2012\Firefox4 [2011-12-23]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-11]
FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-01-11]

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-30] (AVAST Software)
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [5106744 2012-04-30] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [111776 2011-08-25] (Atheros Communication Inc.) [File not signed]
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2010-10-22] (Hewlett-Packard Co.) [File not signed]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-12-17] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [53248 2012-02-09] (Digital Delivery Networks, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [258048 2013-03-04] (Sony Corporation) [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe [427432 2013-02-22] ()
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-27] (Sony Corporation)
S3 BBSvc; "C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE" [X]
S2 SeaPort; "C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE" [X]

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-04-30] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-30] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-30] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-16] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-04-30] ()
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [124496 2011-12-23] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfiltera.sys [29776 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [28480 2012-04-19] (AVG Technologies CZ, s.r.o. )
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [289872 2012-02-22] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [47696 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [36944 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [383808 2012-03-19] (AVG Technologies CZ, s.r.o.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2012-11-06] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2014-01-09] (support.com, Inc)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-07-04 14:21 - 2014-07-04 14:21 - 00019000 _____ () C:\Users\milbus21\Desktop\FRST.txt
2014-07-04 14:19 - 2014-07-04 14:21 - 00000000 ____D () C:\FRST
2014-07-04 14:19 - 2014-07-04 14:19 - 02083840 _____ (Farbar) C:\Users\milbus21\Desktop\FRST64.exe
2014-07-04 14:00 - 2014-07-04 14:01 - 00000000 ____D () C:\AdwCleaner
2014-07-04 13:59 - 2014-07-04 13:59 - 01346519 _____ () C:\Users\milbus21\Desktop\AdwCleaner.exe
2014-07-04 13:57 - 2014-07-04 14:00 - 00000464 _____ () C:\Users\milbus21\Desktop\Cleaning Process.txt
2014-07-03 09:02 - 2014-07-03 09:02 - 00000000 _____ () C:\Users\milbus21\Desktop\New Bitmap Image (2).bmp
2014-06-30 16:47 - 2014-06-30 16:48 - 21036664 _____ () C:\Users\milbus21\Desktop\SOAOTH-00264236-1040.EXE
2014-06-30 16:06 - 2014-06-30 16:06 - 00086740 _____ () C:\Users\milbus21\Desktop\Extras.Txt
2014-06-30 16:05 - 2014-06-30 16:05 - 00091200 _____ () C:\Users\milbus21\Desktop\OTL.Txt
2014-06-30 15:56 - 2014-06-30 15:56 - 00602112 _____ (OldTimer Tools) C:\Users\milbus21\Desktop\OTL.exe
2014-06-30 15:43 - 2014-06-30 15:43 - 00000000 ____H () C:\Users\milbus21\Documents\Default.rdp
2014-06-22 22:09 - 2014-06-22 22:09 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-22 22:09 - 2014-06-22 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-22 22:08 - 2014-06-22 22:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-14 22:48 - 2014-06-14 22:49 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 22:47 - 2014-06-14 22:47 - 00000000 ____D () C:\Users\milbus21\AppData\Roaming\microsoft games
2014-06-14 10:17 - 2014-06-14 10:20 - 03148854 _____ () C:\Users\milbus21\Desktop\New Bitmap Image.bmp
2014-06-13 18:29 - 2014-05-30 06:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 18:29 - 2014-05-30 06:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 18:29 - 2014-05-30 06:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 18:29 - 2014-05-30 05:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 18:29 - 2014-05-30 05:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 18:29 - 2014-05-30 05:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 18:29 - 2014-05-30 05:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 18:29 - 2014-05-30 05:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 18:29 - 2014-05-30 05:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 18:29 - 2014-05-30 05:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 18:29 - 2014-05-30 05:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 18:29 - 2014-05-30 05:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 18:29 - 2014-05-30 05:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 18:29 - 2014-05-30 05:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 18:29 - 2014-05-30 05:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 18:29 - 2014-05-30 05:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 18:29 - 2014-05-30 05:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 18:29 - 2014-05-30 05:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 18:29 - 2014-05-30 04:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 18:29 - 2014-05-30 04:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 18:29 - 2014-05-30 04:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 18:29 - 2014-05-30 04:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 18:29 - 2014-05-30 04:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 18:29 - 2014-05-30 04:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 18:29 - 2014-05-30 04:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 18:29 - 2014-05-30 04:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 18:29 - 2014-05-30 04:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 18:29 - 2014-05-30 04:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 18:29 - 2014-05-30 04:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 18:29 - 2014-05-30 04:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 18:29 - 2014-05-30 04:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 18:29 - 2014-05-30 04:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 18:29 - 2014-05-30 04:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 18:29 - 2014-05-30 04:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 18:29 - 2014-05-30 04:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 18:29 - 2014-05-30 04:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 18:29 - 2014-05-30 04:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 18:29 - 2014-05-30 04:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 18:29 - 2014-05-30 04:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 18:29 - 2014-05-30 04:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 18:29 - 2014-05-30 03:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 18:29 - 2014-05-30 03:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 18:29 - 2014-05-30 03:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 18:29 - 2014-05-30 03:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 18:29 - 2014-05-30 03:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 18:29 - 2014-05-30 03:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 18:29 - 2014-05-30 03:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 18:29 - 2014-05-30 03:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 18:29 - 2014-05-30 03:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 18:29 - 2014-05-30 03:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 18:29 - 2014-05-30 03:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 18:29 - 2014-05-30 03:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 18:29 - 2014-04-24 22:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 18:29 - 2014-04-24 22:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 18:29 - 2014-04-04 22:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 18:29 - 2014-04-04 22:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 18:29 - 2014-03-26 10:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 18:29 - 2014-03-26 10:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 18:29 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 18:29 - 2014-03-26 10:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-13 18:29 - 2014-03-26 10:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-13 18:29 - 2014-03-26 10:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 18:29 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-13 18:29 - 2014-03-26 10:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-13 18:28 - 2014-06-08 05:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 18:28 - 2014-06-08 05:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

==================== One Month Modified Files and Folders =======

2014-07-04 14:21 - 2014-07-04 14:21 - 00019000 _____ () C:\Users\milbus21\Desktop\FRST.txt
2014-07-04 14:21 - 2014-07-04 14:19 - 00000000 ____D () C:\FRST
2014-07-04 14:19 - 2014-07-04 14:19 - 02083840 _____ (Farbar) C:\Users\milbus21\Desktop\FRST64.exe
2014-07-04 14:10 - 2009-07-14 00:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 14:10 - 2009-07-14 00:45 - 00021200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 14:07 - 2009-07-14 01:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-04 14:06 - 2011-10-10 07:14 - 01159035 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 14:03 - 2014-04-30 16:17 - 00000840 _____ () C:\Windows\setupact.log
2014-07-04 14:03 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 14:02 - 2010-11-20 23:47 - 00722442 _____ () C:\Windows\PFRO.log
2014-07-04 14:01 - 2014-07-04 14:00 - 00000000 ____D () C:\AdwCleaner
2014-07-04 14:00 - 2014-07-04 13:57 - 00000464 _____ () C:\Users\milbus21\Desktop\Cleaning Process.txt
2014-07-04 13:59 - 2014-07-04 13:59 - 01346519 _____ () C:\Users\milbus21\Desktop\AdwCleaner.exe
2014-07-03 17:40 - 2013-02-05 10:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-03 17:40 - 2013-01-07 00:24 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005UA.job
2014-07-03 17:40 - 2011-12-23 20:21 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9839AFBB-7130-4AE4-B8C0-541268BA3923}
2014-07-03 15:25 - 2014-04-30 11:14 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-03 09:06 - 2013-01-07 00:24 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005Core.job
2014-07-03 09:02 - 2014-07-03 09:02 - 00000000 _____ () C:\Users\milbus21\Desktop\New Bitmap Image (2).bmp
2014-06-30 16:48 - 2014-06-30 16:47 - 21036664 _____ () C:\Users\milbus21\Desktop\SOAOTH-00264236-1040.EXE
2014-06-30 16:48 - 2012-02-12 23:10 - 00000021 _____ () C:\Windows\Model.txt
2014-06-30 16:48 - 2012-02-12 23:10 - 00000000 _____ () C:\Windows\Model.log
2014-06-30 16:06 - 2014-06-30 16:06 - 00086740 _____ () C:\Users\milbus21\Desktop\Extras.Txt
2014-06-30 16:05 - 2014-06-30 16:05 - 00091200 _____ () C:\Users\milbus21\Desktop\OTL.Txt
2014-06-30 15:56 - 2014-06-30 15:56 - 00602112 _____ (OldTimer Tools) C:\Users\milbus21\Desktop\OTL.exe
2014-06-30 15:43 - 2014-06-30 15:43 - 00000000 ____H () C:\Users\milbus21\Documents\Default.rdp
2014-06-30 15:41 - 2012-02-12 23:10 - 00000000 ____D () C:\Update
2014-06-23 00:45 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-06-23 00:19 - 2013-02-05 10:59 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-23 00:18 - 2012-07-31 04:34 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-23 00:18 - 2012-01-10 10:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-23 00:07 - 2012-03-10 13:24 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-06-23 00:06 - 2012-01-30 18:51 - 00000000 ____D () C:\Users\milbus21\AppData\Local\CrashDumps
2014-06-22 22:09 - 2014-06-22 22:09 - 00001743 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-06-22 22:09 - 2014-06-22 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-22 22:09 - 2014-06-22 22:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-22 22:09 - 2012-06-16 22:12 - 00000000 ____D () C:\Program Files\iTunes
2014-06-22 22:09 - 2012-03-10 22:59 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-22 22:08 - 2012-06-16 22:12 - 00000000 ____D () C:\Program Files\iPod
2014-06-22 21:58 - 2011-12-27 21:24 - 00000000 ____D () C:\Users\milbus21\AppData\Local\Sony Corporation
2014-06-14 22:51 - 2012-02-10 21:27 - 00000000 ____D () C:\Users\milbus21\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-14 22:51 - 2011-10-10 08:06 - 00029310 _____ () C:\Windows\DirectX.log
2014-06-14 22:49 - 2014-06-14 22:48 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-14 22:47 - 2014-06-14 22:47 - 00000000 ____D () C:\Users\milbus21\AppData\Roaming\microsoft games
2014-06-14 22:47 - 2012-03-10 13:37 - 00000000 ____D () C:\Users\milbus21\Documents\My Games
2014-06-14 10:20 - 2014-06-14 10:17 - 03148854 _____ () C:\Users\milbus21\Desktop\New Bitmap Image.bmp
2014-06-14 10:18 - 2013-10-05 08:20 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-14 10:16 - 2011-12-31 08:52 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-14 10:14 - 2014-04-30 16:15 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-08 05:13 - 2014-06-13 18:28 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 05:08 - 2014-06-13 18:28 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\milbus21\AppData\Local\Temp\GLF1B42.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF2715.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF35F3.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF37B8.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF737F.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF761F.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF787E.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF7E87.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF8AA7.EXE
C:\Users\milbus21\AppData\Local\Temp\GLF8BD0.EXE
C:\Users\milbus21\AppData\Local\Temp\GLFA44E.EXE
C:\Users\milbus21\AppData\Local\Temp\GLFA5F5.EXE
C:\Users\milbus21\AppData\Local\Temp\GLFB520.EXE
C:\Users\milbus21\AppData\Local\Temp\GLFBA6E.EXE
C:\Users\milbus21\AppData\Local\Temp\GLFF201.EXE
C:\Users\milbus21\AppData\Local\Temp\GLFF6B3.EXE
C:\Users\milbus21\AppData\Local\Temp\nsb5C27.exe
C:\Users\milbus21\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-06-30 17:42

==================== End Of Log ============================


  • 0

#6
Jamazz
Posted 04 July 2014 - 12:56 PM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

Additionl log:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2014
Ran by milbus21 at 2014-07-04 14:22:05
Running from C:\Users\milbus21\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AV: AVG Anti-Virus Free Edition 2012 (Disabled - Out of date) {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
AS: AVG Anti-Virus Free Edition 2012 (Disabled - Out of date) {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: AVG Internet Security 2012 (Disabled) {621CC794-9486-F902-D092-0484E8EA828B}

==================== Installed Programs ======================

2600 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
2600_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
2600Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AOL Uninstaller (Choose which Products to Remove) (HKLM-x32\...\AOL Uninstaller) (Version:  - AOL Inc.)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcadeWeb (HKLM-x32\...\AWSoftware) (Version: 1.0 - )
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.444 - ArcSoft)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2018 - Avast Software)
AVG 2012 (HKLM\...\AVG) (Version: 2012.0.2180 - AVG Technologies)
AVG 2012 (Version: 12.0.2180 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2437 - AVG Technologies) Hidden
Bing Bar (HKLM-x32\...\{1E03DB52-D5CB-4338-A338-E526DD4D4DB1}) (Version: 7.0.610.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.18.50 - Conexant)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hewlett-Packard ACLM.NET v1.1.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{290D4DB2-F1B4-4B8E-918D-D71EF29A001B}) (Version: 14.00.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Jewel Quest III (HKLM-x32\...\Jewel Quest III) (Version: 1.0.6.0 - GameHouse, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard Shortcuts (HKLM-x32\...\{FE8974B4-479C-4DBA-8544-9E5342ABB26A}) (Version: 1.1.0.08290 - Sony Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 1.0.0 - AOL Inc.) Hidden
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.1 - DDNi)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
OOBE (x32 Version: 11.2.1.10 - Sony Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB (x32 Version: 5.5.02.12220 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
QuickTime (HKLM-x32\...\{0E64B098-8018-4256-BA23-C316A43AD9B0}) (Version: 7.72.80.56 - Apple Inc.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
Rise of Nations: Extended Edition (HKLM-x32\...\Steam App 287450) (Version:  - SkyBox Labs)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.9.0 - Synaptics Incorporated)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2473228) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
VAIO - Media Gallery (x32 Version: 1.5.0.16020 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.01.06110 - Sony Corporation) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.1.0.07060 - Sony Corporation)
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15070 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{FDCC09EA-A33E-4639-B1CD-FC1702815FA7}) (Version: 8.4.0.14281 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (x32 Version: 4.5.0.03040 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.2.01120 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.2.01120 - Sony Corporation) Hidden
VAIO Event Service (x32 Version: 5.5.0.03040 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.2.02200 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.4.0.03240 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)
VAIO Help and Support (HKLM-x32\...\{F5248E24-F52C-4FD1-B76F-102460BAFD6B}) (Version: 14.00.0125 - Sony Corporation)
VAIO Improvement (x32 Version: 1.0.0.14150 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 2.0.0.02250 - Sony Corporation) Hidden
VAIO Quick Web Access (x32 Version: 1.4.5.5 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.10.2.08270 - Sony Corporation)
VAIO Transfer Support (x32 Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

24-05-2014 07:00:10 Windows Update
25-05-2014 07:00:10 Windows Update
26-05-2014 07:00:10 Windows Update
27-05-2014 19:09:57 Windows Update
29-05-2014 14:37:32 Windows Update
30-05-2014 13:37:46 Windows Update
14-06-2014 14:13:13 Windows Update
15-06-2014 02:47:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
15-06-2014 02:48:33 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
15-06-2014 02:49:21 Installed DirectX
15-06-2014 05:19:07 Windows Update
23-06-2014 04:07:26 Windows Update
23-06-2014 04:12:30 Windows Update
26-06-2014 13:44:26 Windows Update
30-06-2014 19:36:49 Windows Update
02-07-2014 14:05:12 Windows Update
03-07-2014 21:41:20 Windows Update
04-07-2014 17:52:51 Windows Update

==================== Hosts content: ==========================

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {19DC46F2-EB4D-44B3-9A3E-4BA5340E1075} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {1CB9238C-1A18-4813-8271-63E50C027941} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005Core => C:\Users\milbus21\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-07] (Facebook Inc.)
Task: {21199E96-5443-47CA-A06F-CD5A5F1E1E02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-23] (Adobe Systems Incorporated)
Task: {21F99AF9-DAAA-4ED9-AC1E-67F0C3D372B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2E5FFF30-8E93-4F83-B418-195BC565C343} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {4D56571E-8585-44AB-BCE5-E7331E1064F6} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-30] (AVAST Software)
Task: {53248C0B-E9C7-40C4-BC0B-2D18C9A18BFF} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)
Task: {6BAC48D2-47D5-4D94-843F-94B5E10F9B5E} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {6BFD16E3-8E9E-4B97-AC5C-7B630318E34A} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {7297C3CC-B724-4ED1-8733-6109D3236C0F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {78FC3090-F3E0-4F2B-B844-71F30A99D080} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {867B728A-2187-48F9-B52C-4EB12CCF6012} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {8CCF11AB-1CA0-497B-8EAB-7D73EDFD56EF} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\esrv\task.vbs"
Task: {930C59ED-D64C-43BB-9EB4-9B8287B991BD} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {A0856C64-62C0-4C34-8FA0-4C67CCD67435} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {A84C8DEA-8521-44ED-B330-84C74F5E34F1} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)
Task: {AA625DF4-60AD-4E50-BB8B-763119180464} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {ACFAF3F3-DE49-4A3D-8499-EB33D96B7763} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)
Task: {BE19439B-FE0D-41A8-8648-103B0F7121A1} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {C4664DFC-1656-4E97-9EC0-7242BA25796C} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {C90FB772-6F31-4313-8452-51A321F1AF10} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005UA => C:\Users\milbus21\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-07] (Facebook Inc.)
Task: {D3808C72-1A86-4D95-AF7F-2BD977E13887} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {DB036854-2B70-40EE-AA84-35876F97244B} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {DE31486D-34EE-4912-8A63-90AFBC7E9A30} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {E0028A11-041A-439A-A978-D8EE8BE0886C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-27] (Sony Corporation)
Task: {E8E16A30-7AA3-443F-9F39-7F264439C9CF} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2011-08-31] ()
Task: {EA143B37-A260-47A6-A117-604F71DDEBFD} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {FFB37DCE-C355-4A1C-8A41-B28C69609FFB} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update 5 => C:\Program Files\Sony\VAIO Update 5\VAIOUpdt.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005Core.job => C:\Users\milbus21\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1854164474-1872011153-1295231794-1005UA.job => C:\Users\milbus21\AppData\Local\Facebook\Update\FacebookUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-12-17 16:53 - 2010-12-17 16:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-03-28 03:04 - 2011-03-28 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-22 18:30 - 2013-02-22 15:02 - 00471464 _____ () C:\Program Files\Sony\VAIO Care\esrv\esrv.exe
2013-02-22 18:30 - 2013-02-22 15:02 - 00528296 _____ () C:\Program Files\Sony\VAIO Care\esrv\intel_modeler.dll
2013-02-22 18:30 - 2013-02-22 15:02 - 00148904 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_foreground_window_input.dll
2011-08-31 13:44 - 2011-08-31 13:44 - 00477200 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe
2013-02-22 18:30 - 2013-02-22 15:02 - 00427432 _____ () C:\Program Files\Sony\VAIO Care\esrv\esrv_svc.exe
2013-02-22 18:30 - 2013-02-22 15:02 - 00171432 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_acpi_battery_input.dll
2013-02-22 18:30 - 2013-02-22 15:02 - 00144296 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_sema_thermal_input.dll
2013-02-22 18:30 - 2013-02-22 15:02 - 00146344 _____ () C:\Program Files\Sony\VAIO Care\esrv\sony_wifi_input.dll
2013-11-01 14:59 - 2013-11-01 14:59 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-07-04 13:50 - 2014-07-04 13:50 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070401\algo.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-10-10 07:54 - 2011-03-05 19:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-12-14 16:51 - 2011-12-14 16:51 - 00048640 _____ () C:\Program Files (x86)\AOL Desktop 9.7\zlib.dll
2014-04-30 11:14 - 2014-04-30 11:14 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-08-31 15:06 - 2011-08-31 15:06 - 00027104 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\Utility.dll
2011-08-31 15:06 - 2011-08-31 15:06 - 00161256 _____ () C:\Program Files (x86)\Sony\Keyboard Shortcuts\MessageHook.dll
2014-04-30 12:10 - 2014-04-30 12:10 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2011-10-10 07:19 - 2010-11-06 02:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

==================== EXE Association (whitelisted) =============

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^.lnk => C:\Windows\pss\.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Sony MSS.lnk => C:\Windows\pss\Sony MSS.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AVG_TRAY => "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
MSCONFIG\startupreg: cAudioFilterAgent => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
MSCONFIG\startupreg: ChicaPasswordManager => C:\Program Files (x86)\ChicaLogic\Chica Password Manager\stpass.exe
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AVG AVI Loader Driver
Description: AVG AVI Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Avgldx64
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Officejet J4680 series
Description: Officejet J4680 series
Class Guid:
Manufacturer:
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 02:03:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 01:48:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 08:59:14 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point (Process = C:\Windows\system32\svchost.exe -k netsvcs; Description = Windows Update; Error = 0x81000101).

Error: (06/30/2014 05:13:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 05:10:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2140

Start Time: 01cf94a79ae6fb44

Termination Time: 12

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (06/30/2014 05:09:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program IEXPLORE.EXE version 11.0.9600.17126 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1f00

Start Time: 01cf949b0153d4b0

Termination Time: 40

Application Path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Report Id:

Error: (06/26/2014 04:02:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8081

Error: (06/26/2014 04:02:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8081

Error: (06/26/2014 04:02:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/26/2014 04:02:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067

System errors:
=============
Error: (07/04/2014 02:03:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx64

Error: (07/04/2014 02:03:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753636.

Error: (07/04/2014 02:03:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SeaPort service failed to start due to the following error:
%%2

Error: (07/04/2014 01:53:28 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).

Error: (07/04/2014 01:48:59 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx64

Error: (07/04/2014 01:48:34 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVGIDSAgent service terminated with service-specific error %%-536753636.

Error: (07/04/2014 01:48:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The SeaPort service failed to start due to the following error:
%%2

Error: (07/03/2014 05:41:45 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package (KB2538243).

Error: (07/03/2014 05:41:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (07/03/2014 09:06:30 AM) (Source: DCOM) (EventID: 10016) (User: milbus21-VAIO)
Description: application-specificLocalActivation{D3DCB472-7261-43CE-924B-0704BD730D5F}{D3DCB472-7261-43CE-924B-0704BD730D5F}milbus21-VAIOmilbus21S-1-5-21-1854164474-1872011153-1295231794-1005LocalHost (Using LRPC)

Microsoft Office Sessions:
=========================
Error: (07/04/2014 02:03:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/04/2014 01:48:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/03/2014 08:59:14 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (06/30/2014 05:13:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 05:10:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.17126214001cf94a79ae6fb4412C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (06/30/2014 05:09:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: IEXPLORE.EXE11.0.9600.171261f0001cf949b0153d4b040C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

Error: (06/26/2014 04:02:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8081

Error: (06/26/2014 04:02:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8081

Error: (06/26/2014 04:02:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/26/2014 04:02:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067

==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 4043.86 MB
Available physical RAM: 2232.82 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5946.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:585.14 GB) (Free:370.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 7F29027F)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#7
Jamazz
Posted 04 July 2014 - 12:59 PM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

You mentioned to attach all three logs. I gave you the FRST and Additional Logs. Did I miss one, or was that the OTL log?


  • 0

#8
Essexboy
Posted 04 July 2014 - 01:12 PM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

The third one was the AdwCleaner log :)

 

OK lets now remove all traces of the AV's and then re-install just one

 

MSES :

 

Download and run this MS programme to remove all traces

http://www.bleepingc...s-removal-tool/

 

Avg :

Download and run the AVG removal tool

http://download.avg....6_2013_3341.exe

 

Avast

 

Download Avast Uninstall Utility to your Desktop.
Download the correct version of Avast 
Avast Free
Avast Pro
Avast Internet Security
Avast Premier
Disconnect from the net
Uninstall Avast via control panel

 

  • Run the uninstall tool and accept the reboot to safe mode
  • Once complete reboot your system
  • Reinstall Avast

----------

 

Once done could you let me know how the system is behaving

 


  • 0

#9
Jamazz
Posted 04 July 2014 - 06:30 PM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

Okay, so I followed the next set of instructions, and from what I could tell, everything finished. I tried to install free avast again, but it hung on creating a restore point. If I left it to see if it would finish, it would eventually hang permanently. Ctrl-alt-del wouldn't work. Had to hard reset. I downloaded the same thing from file hippo, and it seemed to work. After it ran an initial scan, it was able to destroy the browser add-on it had been trying to do before. However, after trying to run windows update to install that security patch I mentioned in the OP, I got an error message, "Code 64C".

 

I'm going to hold off on trying the other stuff until I hear back from you.


Edited by Jamazz, 04 July 2014 - 09:18 PM.

  • 0

#10
Essexboy
Posted 05 July 2014 - 04:14 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
That may well be related to a dotnet error, have you run the windows update fixit http://go.microsoft....?linkid=9767096

If so then we may have to fully reset dotnet, which is a bit of a pain. But first try a repair http://www.microsoft...s.aspx?id=30135
  • 0

Advertisements

#11
Jamazz
Posted 05 July 2014 - 08:37 PM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

I followed both links and followed both instruction sets. I still cannot update the Security Patch. You said it would be a pain, but I'm up for the challenge. I'm not sure if I mentioned it, but the owner doesn't have the original discs that came with the laptop, or else I would have wiped and reloaded.


  • 0

#12
Essexboy
Posted 06 July 2014 - 04:25 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

OK download the dotnet cleanup tool  to your desktop

Extract the files and run the cleanup tool

Please read and accept the disclaimers

 

Once completed you will need to fresh install the latest dotnet version http://www.microsoft...s.aspx?id=30653

 

Details of the procedure for dotnet removal are here http://blogs.msdn.co...28/8904493.aspx

 

Once done then try windows updates again


  • 0

#13
Jamazz
Posted 06 July 2014 - 02:54 PM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

Nothing I tried worked. I ran the cleanup tool and then tried to install the DotNet version you linked to (version 4.5). After that didn't work, I re-ran the cleanup tool, then ran the web installer for version 4. I believed the 4.5 was just an update, so I ran the web installer. That came back with errors. I ran the cleaner again, and that's where I'm at right now. I have a log of the last failure (web install).


  • 0

#14
Essexboy
Posted 07 July 2014 - 06:29 AM

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Could you post/attach the log please


  • 0

#15
Jamazz
Posted 09 July 2014 - 07:24 PM

Jamazz

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts

I had to attach it in a text file. wont send if I paste it in.

Attached Files


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP