Hello,
The last few days my laptop seems to have been infected by malware of some sort. I began to do virus scans online, and did the Microsoft essentials one but it didn't show anything. I've used this site before and you are always excellent at sorting it out so hoping to get my laptop running nicely again!
The voiceover pop ups seem to have stopped for now, but others are still there and it is slow running in general. FRST logs below:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-04-2015
Ran by Gem (administrator) on GEM-VAIO on 12-04-2015 16:34:31
Running from C:\Users\Gem\Desktop
Loaded Profiles: Gem (Available profiles: Gem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\Apache.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Apache Software Foundation) C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\Apache.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
() C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1332296 2015-01-30] (Microsoft Corporation)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-05-04] (Memeo Inc.)
HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-01] ()
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62360 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2219416 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [98200 2012-10-25] (SMART Technologies)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-09] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [Spotify Web Helper] => C:\Users\Gem\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-02] (Spotify Ltd)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1000779515-372188092-3968880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ProxyServer: [S-1-5-21-1000779515-372188092-3968880-1001] => 10.12.4.122:3128
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope value is missing.
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...rc=IE-SearchBox
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {9B1BCEF8-43CA-48A7-AE95-A864AC326CF0} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {FDD636D9-8F25-4448-9022-DD29CB98CAB3} URL = http://services.zini...}&rf=sonyslices
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-09] (Avast Software s.r.o.)
BHO: TremendoUsSale -> {ff7b3e9c-f873-428d-8c6a-fc3ae4829c29} -> C:\Program Files (x86)\TremendoUsSale\4MN0yxhTkiOAPy.x64.dll [2015-04-09] ()
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-09] (Avast Software s.r.o.)
BHO-x32: TremendoUsSale -> {ff7b3e9c-f873-428d-8c6a-fc3ae4829c29} -> C:\Program Files (x86)\TremendoUsSale\4MN0yxhTkiOAPy.dll [2015-04-09] ()
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Gem\AppData\Roaming\Mozilla\Firefox\Profiles\x9x60e2e.default-1427989519038
FF Homepage: hxxp://www.google.co.uk/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-12] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-07-02] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-08] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1000779515-372188092-3968880-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll [2012-12-07] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1000779515-372188092-3968880-1001: sainsburys.co.uk/SainsburysMP3DLMPlugin -> C:\Users\Gem\AppData\Local\Sainsburys Entertainment MP3 Download Manager\npSainsburysMP3DLMPlugin.dll [2014-02-21] (J Sainsbury PLC)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-09]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-25]
CHR Extension: (Google Drive) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-25]
CHR Extension: (YouTube) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-25]
CHR Extension: (Google Cast) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-08-25]
CHR Extension: (Translate This) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa [2015-04-09]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-08-25]
CHR Extension: (Google Search) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-25]
CHR Extension: (AdBlock) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-10]
CHR Extension: (Avast Online Security) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-12]
CHR Extension: (Google Wallet) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-25]
CHR Extension: (Gmail) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-09]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-09] (Avast Software s.r.o.)
R2 CollinsPrimary; C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\apache.exe [20541 2007-10-04] (Apache Software Foundation) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2015-01-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366512 2015-01-30] (Microsoft Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [582552 2012-10-24] (SMART Technologies)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 344c1489; [X]
S2 ServiceUpdater; C:\Windows\SysWOW64\netupdsrv.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-09] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [274696 2014-11-15] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124560 2014-11-15] (Microsoft Corporation)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [16280 2012-10-24] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [15256 2012-10-24] (SMART Technologies)
R3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24984 2012-10-24] (SMART Technologies ULC)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-12 16:28 - 2015-04-12 16:34 - 00041041 _____ () C:\Users\Gem\Desktop\Addition.txt
2015-04-12 16:25 - 2015-04-12 16:26 - 42925480 _____ (Oracle Corporation) C:\Users\Gem\Downloads\jre-8u40-windows-x64.exe
2015-04-12 16:25 - 2015-04-12 16:25 - 00560552 _____ (Oracle Corporation) C:\Users\Gem\Downloads\jre-8u40-windows-i586-iftw.exe
2015-04-12 16:16 - 2015-04-12 16:34 - 00023644 _____ () C:\Users\Gem\Desktop\FRST.txt
2015-04-12 16:14 - 2015-04-12 16:34 - 00000000 ____D () C:\FRST
2015-04-12 16:05 - 2015-04-12 16:05 - 02095616 _____ (Farbar) C:\Users\Gem\Desktop\FRST64.exe
2015-04-09 17:38 - 2015-04-09 17:38 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\AVAST Software
2015-04-09 17:37 - 2015-04-12 15:35 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-09 17:37 - 2015-04-09 17:37 - 00001922 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-09 17:37 - 2015-04-09 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-09 17:36 - 2015-04-09 17:36 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-09 17:36 - 2015-04-09 17:36 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-09 17:36 - 2015-04-09 17:36 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-09 17:36 - 2015-04-09 17:35 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-09 17:34 - 2015-04-09 17:34 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-09 17:33 - 2015-04-09 17:33 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Gem\Downloads\avast_free_antivirus_setup_online.exe
2015-04-09 17:33 - 2015-04-09 17:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-09 14:01 - 2015-04-09 14:01 - 00214576 _____ (Trend Micro Inc.) C:\Windows\RegBootClean.exe
2015-04-09 12:45 - 2015-04-09 12:45 - 00000010 _____ () C:\Users\Gem\AppData\Local\sponge.last.runtime.cache
2015-04-09 12:41 - 2015-04-09 12:41 - 00000000 ____D () C:\ProgramData\{290a0e81-86ce-5a7d-290a-a0e8186c3a06}
2015-04-09 12:36 - 2015-04-12 16:22 - 00000020 _____ () C:\Users\Gem\AppData\Roaming\appdataFr3.bin
2015-04-09 12:36 - 2015-04-09 14:01 - 00000000 ____D () C:\Program Files (x86)\IndepthMonitor
2015-04-09 12:35 - 2015-04-09 18:37 - 00000000 ____D () C:\Program Files (x86)\Translate This
2015-04-09 12:35 - 2015-04-09 18:36 - 00000000 ____D () C:\Program Files (x86)\SmootHivieW
2015-04-09 12:34 - 2015-04-09 18:37 - 00000000 ____D () C:\Program Files (x86)\TremendoUsSale
2015-04-09 12:34 - 2015-04-09 12:35 - 00000000 ____D () C:\ProgramData\6211581295172710874
2015-04-09 12:34 - 2015-04-09 12:34 - 00000000 ____D () C:\Program Files (x86)\DiscountMan
2015-04-08 15:49 - 2015-04-08 15:49 - 00000000 ____D () C:\Users\Gem\AppData\Local\Axialis
2015-04-06 07:36 - 2015-04-09 12:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 07:16 - 2015-04-06 07:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 07:16 - 2015-04-06 07:16 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-02 17:34 - 2015-04-02 17:34 - 00000000 ___RD () C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-02 16:45 - 2015-04-02 16:45 - 00000000 ____D () C:\Users\Gem\Desktop\Old Firefox Data
2015-04-01 20:09 - 2015-04-01 20:17 - 286276844 _____ () C:\Users\Gem\Downloads\Hannibal.S01E01.HDTV.x264-LOL.mp4
2015-04-01 20:09 - 2015-04-01 20:16 - 293412737 _____ () C:\Users\Gem\Downloads\Hannibal.S01E02.HDTV.x264-LOL.mp4
2015-03-28 19:11 - 2015-04-09 17:52 - 00000000 ____D () C:\ProgramData\{83ddb60c-8505-95ca-83dd-db60c850d832}
2015-03-19 17:20 - 2015-03-19 17:20 - 03928985 _____ () C:\Users\Gem\Documents\Hour of Code meeting.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-04-12 16:33 - 2014-10-31 07:49 - 00025932 _____ () C:\Windows\setupact.log
2015-04-12 16:29 - 2013-07-04 16:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-12 16:29 - 2013-07-04 16:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-12 16:29 - 2012-07-19 06:22 - 00778928 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-12 16:29 - 2012-07-19 06:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 16:29 - 2012-07-02 20:52 - 00000000 ____D () C:\Users\Gem\AppData\Local\Adobe
2015-04-12 16:14 - 2012-07-02 14:18 - 01233468 _____ () C:\Windows\WindowsUpdate.log
2015-04-12 15:58 - 2012-07-26 07:39 - 00000000 ____D () C:\Users\Gem\AppData\Local\CrashDumps
2015-04-12 15:48 - 2014-08-25 16:46 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-12 15:44 - 2014-08-25 16:46 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-12 15:35 - 2013-11-03 16:55 - 00000000 ____D () C:\ProgramData\Kodak
2015-04-12 15:33 - 2014-06-14 14:50 - 00000334 _____ () C:\Windows\Tasks\AmiUpdXp.job
2015-04-09 21:08 - 2009-07-14 05:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-09 21:08 - 2009-07-14 05:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-09 21:03 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-09 20:55 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-09 20:54 - 2014-11-13 17:38 - 00003154 _____ () C:\Windows\PFRO.log
2015-04-09 19:31 - 2013-08-28 18:31 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\LockAP
2015-04-09 15:44 - 2012-07-05 14:45 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\Spotify
2015-04-09 14:39 - 2012-07-05 14:45 - 00000000 ____D () C:\Users\Gem\AppData\Local\Spotify
2015-04-09 12:50 - 2012-07-29 08:56 - 00393302 _____ () C:\Users\Gem\AppData\Local\census.cache
2015-04-09 12:50 - 2012-07-29 08:56 - 00068638 _____ () C:\Users\Gem\AppData\Local\ars.cache
2015-04-09 12:37 - 2012-07-29 08:49 - 02073112 _____ (Trend Micro Inc.) C:\Users\Gem\Downloads\HousecallLauncher.exe
2015-04-09 09:26 - 2013-01-26 17:06 - 00000000 ____D () C:\Users\Gem\Documents\School
2015-04-09 08:29 - 2013-02-09 10:37 - 00000000 ____D () C:\Users\Gem\AppData\Local\Deployment
2015-04-09 06:41 - 2012-07-02 15:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-09 06:40 - 2015-02-10 19:30 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\BitTorrent
2015-04-09 06:23 - 2012-07-02 15:28 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3EFB1E-51E9-4E75-BDA9-D969562BCEF7}
2015-04-02 17:26 - 2012-07-05 14:45 - 00001795 _____ () C:\Users\Gem\Desktop\Spotify.lnk
2015-04-02 17:26 - 2012-07-05 14:45 - 00001781 _____ () C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2015-04-02 16:36 - 2014-08-25 16:48 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-03-21 08:07 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-03-13 23:11 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-03-13 21:58 - 2009-07-14 05:45 - 00462376 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-03-13 21:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2015-03-13 21:54 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
==================== Files in the root of some directories =======
2015-04-09 12:36 - 2015-04-12 16:22 - 0000020 _____ () C:\Users\Gem\AppData\Roaming\appdataFr3.bin
2013-08-28 06:42 - 2013-08-28 06:42 - 0000029 _____ () C:\Users\Gem\AppData\Roaming\mbam.context.scan
2012-07-29 08:56 - 2015-04-09 12:50 - 0068638 _____ () C:\Users\Gem\AppData\Local\ars.cache
2012-07-29 08:56 - 2015-04-09 12:50 - 0393302 _____ () C:\Users\Gem\AppData\Local\census.cache
2012-09-01 09:18 - 2015-01-11 17:49 - 0007680 _____ () C:\Users\Gem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-29 08:49 - 2012-07-29 08:49 - 0000036 _____ () C:\Users\Gem\AppData\Local\housecall.guid.cache
2015-04-09 12:45 - 2015-04-09 12:45 - 0000010 _____ () C:\Users\Gem\AppData\Local\sponge.last.runtime.cache
Some content of TEMP:
====================
C:\Users\Gem\AppData\Local\Temp\A1C0.exe
C:\Users\Gem\AppData\Local\Temp\i4jdel0.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-04-09 10:33
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-04-2015
Ran by Gem at 2015-04-12 16:35:04
Running from C:\Users\Gem\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
BBC iPlayer Desktop (HKLM-x32\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.0.11 - British Broadcasting Corp.)
BBC iPlayer Desktop (x32 Version: 3.0.11 - British Broadcasting Corp.) Hidden
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BitTorrent (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Collins Primary (remove only) (HKLM-x32\...\Collins Primary) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DiscountMan (HKLM-x32\...\{37476589-E48E-439E-A706-56189E2ED4C4}) (Version: - DiscountMan) <==== ATTENTION
eBorg (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{344c1489}) (Version: - eBorg) <==== ATTENTION
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java 6 Update 22 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.7.205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-US)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OffersWizard Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)
Plugin (x32 Version: 1.0.0.0 - Sainsburys) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Primary Target Tracker (HKLM-x32\...\{D09AB53B-6204-4FA5-A3AC-FD66F9983451}) (Version: 15.1.1.5 - Target Tracker)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Sainsburys Entertainment MP3 Download Manager (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\{ca5d3dfd-8e2c-433c-a09c-829482611d48}) (Version: 2.0.20 - Sainsburys Entertainment)
Sainsburys Entertainment MP3 Download Manager (x32 Version: 2.0.20 - Sainsburys Entertainment) Hidden
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Sky Go Desktop (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\1313144945.go.sky.com) (Version: - go.sky.com)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SMART Common Files (HKLM-x32\...\{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}) (Version: 11.1.34.1 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM-x32\...\{AD53E305-0F31-426E-85D1-35C63D913639}) (Version: 11.0.50.1 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}) (Version: 1.1.233.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}) (Version: 11.0.705.1 - SMART Technologies ULC)
SMART Product Drivers (HKLM-x32\...\{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}) (Version: 11.0.510.2 - SMART Technologies ULC)
SmootHivieW (HKLM-x32\...\{8CE9822A-21D0-0BCB-572F-5B74B2D0437A}) (Version: - )
Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.3.8 - ) <==== ATTENTION
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Spotify (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Translate This (HKLM-x32\...\{F679D2F0-CE91-93C8-BD2D-062DF04DA0C1}) (Version: - )
TremendoUsSale (HKLM-x32\...\{C2E3DB8B-C43B-9203-7BE7-D03BA334FD8A}) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.1.12200 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.1.12200 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.0.08120 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
29-03-2015 12:30:43 Windows Update
01-04-2015 20:20:19 Windows Update
05-04-2015 13:01:54 Windows Update
06-04-2015 07:15:31 Windows Update
09-04-2015 17:33:59 avast! antivirus system restore point
09-04-2015 21:34:38 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0285B227-06D6-4CF1-8052-5F4164D9B5E2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {164A55BC-DC82-474D-9A6C-BC9E2BA64D75} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {28C59DEE-0773-4879-8731-5AE4C3B26913} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {315D2BAC-607F-4DDF-9AF4-B9D10A5307F5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {33528213-A0FF-485F-8F09-55B98CBC78AD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25] (Google Inc.)
Task: {35EDE55C-1A40-44DF-AE93-3333FB62E7E5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-09] (Avast Software s.r.o.)
Task: {64FF1C4D-4A69-496A-B454-DDC9906A7177} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {70EDE0D7-B4EA-449F-8E86-03892D247554} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {71532B49-4909-4D3C-AC82-453E8096DD0B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {7E3B60AA-8CDB-49D2-B181-43B2B6D711AB} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {941B8D11-DAC5-401D-BED1-2AF95FC2114E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-25] (Google Inc.)
Task: {ACB12846-2297-4CF0-87EB-38371ED54757} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {BE4B303D-5E3B-4104-BBE2-880C87260D68} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-12] (Adobe Systems Incorporated)
Task: {C47ECD7B-08A9-4E3D-AB40-58D65B60B317} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {CEC4BEA5-A3D1-497C-B661-42F611E2671D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D0DAEB47-2A1D-4CD7-9971-0952FFA3C01E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {D295957E-18AC-4C95-8141-480670AF4FF6} - System32\Tasks\AmiUpdXp => C:\Users\Gem\AppData\Local\1307\a18318.exe <==== ATTENTION
Task: {DC568C83-B68C-4250-BE3F-F1F3B3E60FCE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E25F8A9E-9637-48B0-B585-E9F51C4BECDA} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {E9CF9EFF-81E0-4539-874F-6CC4254CC219} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {E9FAD057-C827-4DF2-A5A1-4D03B4C334A9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {F156CAF0-599F-4618-9E1E-811798CFEA04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Gem\AppData\Local\1307\a18318.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-30 02:46 - 2011-03-29 09:47 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 00325344 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
2012-07-04 07:46 - 2011-02-25 17:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 02925056 _____ () C:\Program Files\AVAST Software\Avast\defs\15040900\algo.dll
2015-04-09 20:59 - 2015-04-09 20:59 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15040901\algo.dll
2015-04-12 15:38 - 2015-04-12 15:38 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15041200\algo.dll
2007-04-20 22:30 - 2007-04-20 22:30 - 00040960 _____ () C:\Program Files (x86)\Collins Education\Collins Primary\php\ext\php_amf.dll
2012-07-02 14:40 - 2011-03-05 16:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-01 17:42 - 2011-06-01 17:42 - 00108296 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
2011-06-01 17:46 - 2011-06-01 17:46 - 00030984 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 02896608 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 00027360 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 23:59 - 2010-03-22 23:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2012-10-17 09:40 - 2012-10-17 09:40 - 00454656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2012-10-17 09:40 - 2012-10-17 09:40 - 00030208 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2011-06-01 17:16 - 2011-06-01 17:16 - 00241664 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2011-06-01 17:16 - 2011-06-01 17:16 - 00971776 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2014-10-19 14:38 - 2014-10-19 14:38 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2012-07-02 14:24 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
==================== Accounts: =============================
Administrator (S-1-5-21-1000779515-372188092-3968880-500 - Administrator - Disabled)
Gem (S-1-5-21-1000779515-372188092-3968880-1001 - Administrator - Enabled) => C:\Users\Gem
Guest (S-1-5-21-1000779515-372188092-3968880-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1000779515-372188092-3968880-1002 - Limited - Enabled)
==================== Faulty Device Manager Devices =============
Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/12/2015 04:26:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (04/12/2015 03:58:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 37.0.1.5570, time stamp: 0x551e23ee
Faulting module name: mozalloc.dll, version: 37.0.1.5570, time stamp: 0x551e1536
Exception code: 0x80000003
Fault offset: 0x00001aa1
Faulting process id: 0x22b8
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
Error: (04/09/2015 08:57:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/09/2015 08:55:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 4.1.168.192.in-addr.arpa. PTR Gem-VAIO.local.
Error: (04/09/2015 08:55:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.4:5353 18 4.1.168.192.in-addr.arpa. PTR Gem-VAIO-2.local.
Error: (04/09/2015 05:14:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iTunes.exe, version: 12.1.1.4, time stamp: 0x54de1991
Faulting module name: objc.dll, version: 1.528.0.126, time stamp: 0x54940801
Exception code: 0xc0000005
Fault offset: 0x0000000000020d92
Faulting process id: 0x234c
Faulting application start time: 0xiTunes.exe0
Faulting application path: iTunes.exe1
Faulting module path: iTunes.exe2
Report Id: iTunes.exe3
Error: (04/09/2015 02:09:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program firefox.exe version 37.0.1.5570 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 17c4
Start Time: 01d072c5eb4341f0
Termination Time: 12
Application Path: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Report Id: b01b77b8-deb9-11e4-b48b-642737a5f4fc
Error: (04/09/2015 02:04:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/09/2015 02:03:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 16 4.1.168.192.in-addr.arpa. PTR Gem-VAIO.local.
Error: (04/09/2015 02:03:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.4:5353 18 4.1.168.192.in-addr.arpa. PTR Gem-VAIO-2.local.
System errors:
=============
Error: (04/12/2015 03:33:20 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (04/12/2015 03:33:20 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Error: (04/12/2015 03:33:20 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (04/12/2015 03:33:19 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (04/12/2015 03:33:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Error: (04/12/2015 03:33:19 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (04/10/2015 05:53:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Error: (04/10/2015 05:53:09 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535
Error: (04/10/2015 05:53:09 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801
Error: (04/10/2015 05:53:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535
Microsoft Office Sessions:
=========================
Error: (01/05/2015 06:32:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 124 seconds with 120 seconds of active time. This session ended with a crash.
Error: (01/05/2015 06:29:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1017 seconds with 840 seconds of active time. This session ended with a crash.
Error: (03/01/2014 00:55:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time. This session ended with a crash.
Error: (06/02/2013 02:26:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 856 seconds with 360 seconds of active time. This session ended with a crash.
Error: (06/01/2013 06:48:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 826 seconds with 720 seconds of active time. This session ended with a crash.
Error: (06/01/2013 06:34:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 324 seconds with 300 seconds of active time. This session ended with a crash.
Error: (06/01/2013 03:55:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 360 seconds with 360 seconds of active time. This session ended with a crash.
Error: (05/30/2013 11:02:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4856 seconds with 3120 seconds of active time. This session ended with a crash.
Error: (03/29/2013 08:20:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5528 seconds with 2220 seconds of active time. This session ended with a crash.
Error: (03/09/2013 08:41:18 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2220 seconds with 1320 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel® Core i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 51%
Total physical RAM: 4043.86 MB
Available physical RAM: 1952.11 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 5084.54 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:582.37 GB) (Free:427.72 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 937E5357)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582.4 GB) - (Type=07 NTFS)
==================== End Of Log ============================