Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Pop Ups, misdirected sites, slow running laptop. [Closed]


  • This topic is locked This topic is locked

#16
gem_84

gem_84

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

There still seems to be something wrong with firefox.  I have reset, refreshed, uninstalled and reinstalled it a few times but Avast is still popping up regularly saying it is blocking pages/ads.


  • 0

Advertisements


#17
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Provide a screenshot of the warning message from avast! along with a fresh set of FRST scan log.
  • 0

#18
gem_84

gem_84

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2015
Ran by Gem (administrator) on GEM-VAIO on 22-04-2015 18:25:58
Running from C:\Users\Gem\Desktop
Loaded Profiles: Gem (Available profiles: Gem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\Apache.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Apache Software Foundation) C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\Apache.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(BitTorrent Inc.) C:\Users\Gem\AppData\Roaming\BitTorrent\BitTorrent.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\Spotify.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-05-04] (Memeo Inc.)
HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-01] ()
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62360 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2219416 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [98200 2012-10-25] (SMART Technologies)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-02-13] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-09] (Avast Software s.r.o.)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\70cd5d8d-7865-4152-a061-02853ec67e4f.exe [183232 2015-04-22] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [Spotify Web Helper] => C:\Users\Gem\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-04-02] (Spotify Ltd)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-09] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {9B1BCEF8-43CA-48A7-AE95-A864AC326CF0} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {FDD636D9-8F25-4448-9022-DD29CB98CAB3} URL = http://services.zini...}&rf=sonyslices
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-09] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-09] (Avast Software s.r.o.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Gem\AppData\Roaming\Mozilla\Firefox\Profiles\fmly66ix.default-1429547664060
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1000779515-372188092-3968880-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll [2012-12-07] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-1000779515-372188092-3968880-1001: sainsburys.co.uk/SainsburysMP3DLMPlugin -> C:\Users\Gem\AppData\Local\Sainsburys Entertainment MP3 Download Manager\npSainsburysMP3DLMPlugin.dll [2014-02-21] (J Sainsbury PLC)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-09]

Chrome:
=======
CHR Profile: C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-25]
CHR Extension: (Google Drive) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-25]
CHR Extension: (YouTube) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-25]
CHR Extension: (Google Cast) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-08-25]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-08-25]
CHR Extension: (Google Search) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-25]
CHR Extension: (AdBlock) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-10]
CHR Extension: (Avast Online Security) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-12]
CHR Extension: (Google Wallet) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-25]
CHR Extension: (Gmail) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-09] (Avast Software s.r.o.)
R2 CollinsPrimary; C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\apache.exe [20541 2007-10-04] (Apache Software Foundation) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [582552 2012-10-24] (SMART Technologies)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [16280 2012-10-24] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [15256 2012-10-24] (SMART Technologies)
R3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24984 2012-10-24] (SMART Technologies ULC)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-21 19:26 - 2015-04-21 19:31 - 252228024 ____R () C:\Users\Gem\Downloads\Hannibal.S01E03.HDTV.x264-LOL.mp4
2015-04-20 17:45 - 2015-04-20 17:45 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-20 17:45 - 2015-04-20 17:45 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-20 17:44 - 2015-04-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-20 17:42 - 2015-04-20 17:42 - 00243320 _____ () C:\Users\Gem\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-17 10:46 - 2015-04-17 10:46 - 00003394 _____ () C:\Users\Gem\Desktop\MBReport.txt
2015-04-17 07:46 - 2015-04-18 10:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-17 07:45 - 2015-04-17 07:45 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-17 07:42 - 2015-04-17 07:43 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Gem\Desktop\mbam-setup-majorgeeks-2.1.4.1018.exe
2015-04-16 09:17 - 2015-04-16 09:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 09:17 - 2015-04-16 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 12:29 - 2015-03-17 06:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 12:29 - 2015-03-17 06:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 12:29 - 2015-03-17 06:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 12:29 - 2015-03-17 06:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 12:29 - 2015-03-17 06:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 12:29 - 2015-03-17 06:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 12:29 - 2015-03-17 06:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 12:29 - 2015-03-17 06:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 12:29 - 2015-03-17 06:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 12:29 - 2015-03-17 06:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 12:29 - 2015-03-17 06:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 12:29 - 2015-03-17 06:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 12:29 - 2015-03-17 06:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 12:29 - 2015-03-17 06:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 12:29 - 2015-03-17 06:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 12:29 - 2015-03-17 05:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 12:29 - 2015-03-17 05:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 12:29 - 2015-03-17 05:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 12:29 - 2015-03-17 05:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 12:29 - 2015-03-17 05:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 12:29 - 2015-03-17 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 12:29 - 2015-03-17 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 12:28 - 2015-03-25 04:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 12:28 - 2015-03-25 04:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 12:28 - 2015-03-25 04:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 12:28 - 2015-03-25 04:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 12:28 - 2015-03-23 04:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 12:28 - 2015-03-23 04:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 12:28 - 2015-03-23 04:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 12:16 - 2015-04-02 00:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 12:16 - 2015-03-13 05:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 12:16 - 2015-03-13 05:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 12:16 - 2015-03-13 04:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 12:16 - 2015-03-13 04:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 12:16 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 12:16 - 2015-03-13 04:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 12:16 - 2015-03-13 04:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 12:16 - 2015-03-13 04:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 12:16 - 2015-03-13 04:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 12:16 - 2015-03-13 04:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 12:16 - 2015-03-13 04:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 12:16 - 2015-03-13 04:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 12:16 - 2015-03-13 04:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 12:16 - 2015-03-13 03:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 12:16 - 2015-03-13 03:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 12:16 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 12:16 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 12:16 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 12:16 - 2015-03-10 04:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 12:16 - 2015-03-10 04:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 12:16 - 2015-03-10 04:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 12:16 - 2015-03-10 04:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 12:16 - 2015-03-05 06:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 12:16 - 2015-03-05 05:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 12:16 - 2015-02-25 04:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 12:15 - 2015-04-02 01:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 12:15 - 2015-03-13 05:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 12:15 - 2015-03-13 05:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 12:15 - 2015-03-13 05:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 12:15 - 2015-03-13 05:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 12:15 - 2015-03-13 05:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 12:15 - 2015-03-13 05:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 12:15 - 2015-03-13 05:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 12:15 - 2015-03-13 05:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 12:15 - 2015-03-13 04:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 12:15 - 2015-03-13 04:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 12:15 - 2015-03-13 04:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 12:15 - 2015-03-13 04:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 12:15 - 2015-03-13 04:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 12:15 - 2015-03-13 04:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 12:15 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 12:15 - 2015-03-13 04:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 12:15 - 2015-03-13 04:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 12:15 - 2015-03-13 04:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 12:15 - 2015-03-13 04:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 12:15 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 12:15 - 2015-03-13 04:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 12:15 - 2015-03-13 04:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 12:15 - 2015-03-13 04:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 12:15 - 2015-03-13 04:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 12:15 - 2015-03-13 04:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 12:15 - 2015-03-13 04:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 12:15 - 2015-03-13 04:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 12:15 - 2015-03-13 04:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 12:15 - 2015-03-13 04:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 12:15 - 2015-03-13 03:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 12:15 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 12:15 - 2015-03-13 03:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 12:15 - 2015-03-13 03:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 12:15 - 2015-03-13 03:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 12:15 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 12:15 - 2015-03-13 03:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 12:15 - 2015-03-13 03:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 12:15 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 12:14 - 2015-03-04 05:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 12:14 - 2015-03-04 05:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 12:14 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 10:00 - 2015-04-15 10:00 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-13 17:50 - 2015-04-19 16:41 - 00000000 ____D () C:\AdwCleaner
2015-04-13 17:49 - 2015-04-13 17:49 - 02217984 _____ () C:\Users\Gem\Desktop\adwcleaner_4.201.exe
2015-04-13 17:28 - 2015-04-22 18:25 - 00000000 ____D () C:\Users\Gem\Desktop\FRST-OlderVersion
2015-04-13 17:10 - 2015-04-13 17:10 - 00003196 _____ () C:\Windows\System32\Tasks\{5CA1CB10-8A8C-4090-8B8C-090112092F9D}
2015-04-13 11:44 - 2015-04-13 11:45 - 00000000 ____D () C:\Users\Gem\Downloads\My Head Is an Animal
2015-04-13 11:37 - 2015-04-13 11:39 - 00000000 ____D () C:\Users\Gem\Downloads\Vance Joy - Dream Your Life Away [2014] 320
2015-04-13 11:36 - 2015-04-13 11:37 - 00000000 ____D () C:\Users\Gem\Downloads\James Bay Chaos And The Calm [2015] 320
2015-04-13 11:24 - 2015-04-13 11:24 - 00000000 ____D () C:\Users\Gem\Downloads\Hozier (Deluxe Version)
2015-04-13 11:02 - 2015-04-13 11:02 - 00000000 ___RD () C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-12 16:28 - 2015-04-13 18:54 - 00036883 _____ () C:\Users\Gem\Desktop\Addition.txt
2015-04-12 16:25 - 2015-04-12 16:26 - 42925480 _____ (Oracle Corporation) C:\Users\Gem\Downloads\jre-8u40-windows-x64.exe
2015-04-12 16:25 - 2015-04-12 16:25 - 00560552 _____ (Oracle Corporation) C:\Users\Gem\Downloads\jre-8u40-windows-i586-iftw.exe
2015-04-12 16:16 - 2015-04-22 18:30 - 00021587 _____ () C:\Users\Gem\Desktop\FRST.txt
2015-04-12 16:14 - 2015-04-22 18:26 - 00000000 ____D () C:\FRST
2015-04-12 16:05 - 2015-04-22 18:25 - 02099712 _____ (Farbar) C:\Users\Gem\Desktop\FRST64.exe
2015-04-09 17:38 - 2015-04-09 17:38 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\AVAST Software
2015-04-09 17:37 - 2015-04-22 05:57 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-09 17:37 - 2015-04-09 17:37 - 00001922 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-09 17:37 - 2015-04-09 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-09 17:36 - 2015-04-09 17:36 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-09 17:36 - 2015-04-09 17:36 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-09 17:36 - 2015-04-09 17:36 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-09 17:36 - 2015-04-09 17:35 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-09 17:34 - 2015-04-09 17:34 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-09 17:33 - 2015-04-09 17:33 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Gem\Downloads\avast_free_antivirus_setup_online.exe
2015-04-09 17:33 - 2015-04-09 17:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-09 14:01 - 2015-04-09 14:01 - 00214576 _____ (Trend Micro Inc.) C:\Windows\RegBootClean.exe
2015-04-09 12:45 - 2015-04-09 12:45 - 00000010 _____ () C:\Users\Gem\AppData\Local\sponge.last.runtime.cache
2015-04-09 12:41 - 2015-04-09 12:41 - 00000000 ____D () C:\ProgramData\{290a0e81-86ce-5a7d-290a-a0e8186c3a06}
2015-04-09 12:36 - 2015-04-12 16:22 - 00000020 _____ () C:\Users\Gem\AppData\Roaming\appdataFr3.bin
2015-04-09 12:36 - 2015-04-09 14:01 - 00000000 ____D () C:\Program Files (x86)\IndepthMonitor
2015-04-09 12:35 - 2015-04-09 18:37 - 00000000 ____D () C:\Program Files (x86)\Translate This
2015-04-09 12:35 - 2015-04-09 18:36 - 00000000 ____D () C:\Program Files (x86)\SmootHivieW
2015-04-09 12:34 - 2015-04-09 12:35 - 00000000 ____D () C:\ProgramData\6211581295172710874
2015-04-08 15:49 - 2015-04-08 15:49 - 00000000 ____D () C:\Users\Gem\AppData\Local\Axialis
2015-04-06 07:36 - 2015-04-20 17:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-06 07:16 - 2015-04-06 07:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 07:16 - 2015-04-06 07:16 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-01 20:09 - 2015-04-01 20:17 - 286276844 _____ () C:\Users\Gem\Downloads\Hannibal.S01E01.HDTV.x264-LOL.mp4
2015-04-01 20:09 - 2015-04-01 20:16 - 293412737 _____ () C:\Users\Gem\Downloads\Hannibal.S01E02.HDTV.x264-LOL.mp4
2015-03-28 19:11 - 2015-04-09 17:52 - 00000000 ____D () C:\ProgramData\{83ddb60c-8505-95ca-83dd-db60c850d832}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-22 18:30 - 2015-02-10 19:30 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\BitTorrent
2015-04-22 18:30 - 2012-07-05 14:45 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\Spotify
2015-04-22 18:28 - 2014-10-31 07:49 - 00028676 _____ () C:\Windows\setupact.log
2015-04-22 18:26 - 2012-07-05 14:45 - 00000000 ____D () C:\Users\Gem\AppData\Local\Spotify
2015-04-22 18:22 - 2012-07-02 15:28 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3EFB1E-51E9-4E75-BDA9-D969562BCEF7}
2015-04-22 18:02 - 2013-07-04 16:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-22 18:02 - 2012-07-02 14:18 - 01648641 _____ () C:\Windows\WindowsUpdate.log
2015-04-22 17:51 - 2009-07-14 05:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-22 17:51 - 2009-07-14 05:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-22 17:41 - 2013-02-09 10:37 - 00000000 ____D () C:\Users\Gem\AppData\Local\Deployment
2015-04-22 17:35 - 2013-11-03 16:55 - 00000000 ____D () C:\ProgramData\Kodak
2015-04-22 06:03 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-22 06:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-20 16:51 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-19 16:42 - 2014-11-13 17:38 - 00011164 _____ () C:\Windows\PFRO.log
2015-04-17 15:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 07:45 - 2014-06-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-17 07:45 - 2014-06-17 20:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-16 15:03 - 2014-12-11 17:52 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 15:03 - 2014-05-01 17:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 15:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 09:31 - 2012-07-02 20:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 09:27 - 2011-02-11 00:03 - 00766780 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 09:17 - 2012-07-02 15:13 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 09:14 - 2013-07-14 20:53 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 08:18 - 2012-07-13 21:39 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 10:00 - 2013-07-04 16:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 10:00 - 2012-07-19 06:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 10:00 - 2012-07-19 06:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 18:28 - 2014-08-25 16:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-13 17:05 - 2012-07-02 17:33 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-04-13 09:49 - 2012-07-26 07:39 - 00000000 ____D () C:\Users\Gem\AppData\Local\CrashDumps
2015-04-12 16:29 - 2012-07-02 20:52 - 00000000 ____D () C:\Users\Gem\AppData\Local\Adobe
2015-04-09 19:31 - 2013-08-28 18:31 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\LockAP
2015-04-09 12:50 - 2012-07-29 08:56 - 00393302 _____ () C:\Users\Gem\AppData\Local\census.cache
2015-04-09 12:50 - 2012-07-29 08:56 - 00068638 _____ () C:\Users\Gem\AppData\Local\ars.cache
2015-04-09 12:37 - 2012-07-29 08:49 - 02073112 _____ (Trend Micro Inc.) C:\Users\Gem\Downloads\HousecallLauncher.exe
2015-04-09 09:26 - 2013-01-26 17:06 - 00000000 ____D () C:\Users\Gem\Documents\School
2015-04-02 17:26 - 2012-07-05 14:45 - 00001795 _____ () C:\Users\Gem\Desktop\Spotify.lnk
2015-04-02 17:26 - 2012-07-05 14:45 - 00001781 _____ () C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== Files in the root of some directories =======

2015-04-09 12:36 - 2015-04-12 16:22 - 0000020 _____ () C:\Users\Gem\AppData\Roaming\appdataFr3.bin
2013-08-28 06:42 - 2013-08-28 06:42 - 0000029 _____ () C:\Users\Gem\AppData\Roaming\mbam.context.scan
2012-07-29 08:56 - 2015-04-09 12:50 - 0068638 _____ () C:\Users\Gem\AppData\Local\ars.cache
2012-07-29 08:56 - 2015-04-09 12:50 - 0393302 _____ () C:\Users\Gem\AppData\Local\census.cache
2012-09-01 09:18 - 2015-01-11 17:49 - 0007680 _____ () C:\Users\Gem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-29 08:49 - 2012-07-29 08:49 - 0000036 _____ () C:\Users\Gem\AppData\Local\housecall.guid.cache
2015-04-09 12:45 - 2015-04-09 12:45 - 0000010 _____ () C:\Users\Gem\AppData\Local\sponge.last.runtime.cache

Some content of TEMP:
====================
C:\Users\Gem\AppData\Local\Temp\Quarantine.exe
C:\Users\Gem\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-17 14:03

==================== End Of Log ============================

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2015
Ran by Gem at 2015-04-22 18:32:02
Running from C:\Users\Gem\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{447CDCE5-F555-429B-BFA6-642C3C6D684F}) (Version: 3.1.2 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{0DF7096B-715A-4233-8633-C7A16ED6D616}) (Version: 3.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
BBC iPlayer Desktop (HKLM-x32\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.0.11 - British Broadcasting Corp.)
BBC iPlayer Desktop (x32 Version: 3.0.11 - British Broadcasting Corp.) Hidden
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BitTorrent (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\BitTorrent) (Version: 7.9.2.38657 - BitTorrent Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Collins Primary (remove only) (HKLM-x32\...\Collins Primary) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 37.0.1 (x86 en-GB)) (Version: 37.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)
Plugin (x32 Version: 1.0.0.0 - Sainsburys) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Primary Target Tracker (HKLM-x32\...\{D09AB53B-6204-4FA5-A3AC-FD66F9983451}) (Version: 15.1.1.5 - Target Tracker)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Sainsburys Entertainment MP3 Download Manager (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\{ca5d3dfd-8e2c-433c-a09c-829482611d48}) (Version: 2.0.20 - Sainsburys Entertainment)
Sainsburys Entertainment MP3 Download Manager (x32 Version: 2.0.20 - Sainsburys Entertainment) Hidden
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Sky Go Desktop (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\1313144945.go.sky.com) (Version:  - go.sky.com)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SMART Common Files (HKLM-x32\...\{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}) (Version: 11.1.34.1 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM-x32\...\{AD53E305-0F31-426E-85D1-35C63D913639}) (Version: 11.0.50.1 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}) (Version: 1.1.233.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}) (Version: 11.0.705.1 - SMART Technologies ULC)
SMART Product Drivers (HKLM-x32\...\{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}) (Version: 11.0.510.2 - SMART Technologies ULC)
SmootHivieW (HKLM-x32\...\{8CE9822A-21D0-0BCB-572F-5B74B2D0437A}) (Version:  - )
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Spotify (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Translate This (HKLM-x32\...\{F679D2F0-CE91-93C8-BD2D-062DF04DA0C1}) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.1.12200 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.1.12200 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.0.08120 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

13-04-2015 17:10:54 Removed Java™ 6 Update 22 (64-bit)
13-04-2015 17:19:33 Removed Java™ 6 Update 22 (64-bit)
13-04-2015 17:29:07 Restore Point Created by FRST
14-04-2015 14:49:06 Windows Update
16-04-2015 07:51:14 Windows Update
16-04-2015 14:55:35 Windows Update
21-04-2015 16:32:15 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0285B227-06D6-4CF1-8052-5F4164D9B5E2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {164A55BC-DC82-474D-9A6C-BC9E2BA64D75} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {28C59DEE-0773-4879-8731-5AE4C3B26913} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {315D2BAC-607F-4DDF-9AF4-B9D10A5307F5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {35EDE55C-1A40-44DF-AE93-3333FB62E7E5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-09] (Avast Software s.r.o.)
Task: {439B7A8A-9E71-4992-82D3-3908BA2815D0} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {64FF1C4D-4A69-496A-B454-DDC9906A7177} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {70EDE0D7-B4EA-449F-8E86-03892D247554} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {71532B49-4909-4D3C-AC82-453E8096DD0B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {7E3B60AA-8CDB-49D2-B181-43B2B6D711AB} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {AA136350-8338-40E1-BEF1-101185E1ED3F} - System32\Tasks\{5CA1CB10-8A8C-4090-8B8C-090112092F9D} => pcalua.exe -a "C:\Program Files (x86)\DiscountMan\DiscountMan.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
Task: {ACB12846-2297-4CF0-87EB-38371ED54757} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {BE4B303D-5E3B-4104-BBE2-880C87260D68} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {CEC4BEA5-A3D1-497C-B661-42F611E2671D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D0DAEB47-2A1D-4CD7-9971-0952FFA3C01E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {DC568C83-B68C-4250-BE3F-F1F3B3E60FCE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E25F8A9E-9637-48B0-B585-E9F51C4BECDA} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {E9CF9EFF-81E0-4539-874F-6CC4254CC219} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {E9FAD057-C827-4DF2-A5A1-4D03B4C334A9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {F156CAF0-599F-4618-9E1E-811798CFEA04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-30 02:46 - 2011-03-29 09:47 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 00325344 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
2012-07-04 07:46 - 2011-02-25 17:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00306984 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-19 17:27 - 2015-04-19 17:27 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15041901\algo.dll
2015-04-22 18:05 - 2015-04-22 18:05 - 02926080 _____ () C:\Program Files\AVAST Software\Avast\defs\15042202\algo.dll
2007-04-20 22:30 - 2007-04-20 22:30 - 00040960 _____ () C:\Program Files (x86)\Collins Education\Collins Primary\php\ext\php_amf.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-07-02 14:40 - 2011-03-05 16:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 02896608 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 00027360 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 23:59 - 2010-03-22 23:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2011-06-01 17:42 - 2011-06-01 17:42 - 00108296 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
2011-06-01 17:46 - 2011-06-01 17:46 - 00030984 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2012-10-17 09:40 - 2012-10-17 09:40 - 00454656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2012-10-17 09:40 - 2012-10-17 09:40 - 00030208 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2011-06-01 17:16 - 2011-06-01 17:16 - 00241664 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2011-06-01 17:16 - 2011-06-01 17:16 - 00971776 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-19 14:38 - 2014-10-19 14:38 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2012-07-02 14:24 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-03-11 19:22 - 2015-04-02 17:26 - 40506936 _____ () C:\Users\Gem\AppData\Roaming\Spotify\libcef.dll
2015-03-11 19:22 - 2015-04-02 17:26 - 01365560 _____ () C:\Users\Gem\AppData\Roaming\Spotify\libglesv2.dll
2015-03-11 19:22 - 2015-04-02 17:26 - 00219192 _____ () C:\Users\Gem\AppData\Roaming\Spotify\libegl.dll
2015-03-11 19:22 - 2015-03-21 11:39 - 09305656 _____ () C:\Users\Gem\AppData\Roaming\Spotify\pdf.dll
2015-03-11 19:22 - 2015-04-02 17:26 - 00990776 _____ () C:\Users\Gem\AppData\Roaming\Spotify\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1000779515-372188092-3968880-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==================== Accounts: =============================

Administrator (S-1-5-21-1000779515-372188092-3968880-500 - Administrator - Disabled)
Gem (S-1-5-21-1000779515-372188092-3968880-1001 - Administrator - Enabled) => C:\Users\Gem
Guest (S-1-5-21-1000779515-372188092-3968880-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1000779515-372188092-3968880-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/22/2015 06:02:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1029

Error: (04/22/2015 06:02:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1029

Error: (04/22/2015 06:02:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/22/2015 03:14:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9610

Error: (04/22/2015 03:14:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9610

Error: (04/22/2015 03:14:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/21/2015 05:26:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998

Error: (04/21/2015 05:26:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998

Error: (04/21/2015 05:26:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/21/2015 04:47:53 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 421296


System errors:
=============
Error: (04/22/2015 06:02:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (04/22/2015 06:02:25 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (04/22/2015 06:02:25 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (04/22/2015 06:02:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (04/22/2015 06:02:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (04/22/2015 06:02:24 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (04/22/2015 05:35:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (04/22/2015 05:35:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (04/22/2015 05:35:34 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (04/22/2015 05:35:34 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (01/05/2015 06:32:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 124 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (01/05/2015 06:29:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1017 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (03/01/2014 00:55:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (06/02/2013 02:26:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 856 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (06/01/2013 06:48:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 826 seconds with 720 seconds of active time.  This session ended with a crash.

Error: (06/01/2013 06:34:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 324 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (06/01/2013 03:55:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 360 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (05/30/2013 11:02:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4856 seconds with 3120 seconds of active time.  This session ended with a crash.

Error: (03/29/2013 08:20:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5528 seconds with 2220 seconds of active time.  This session ended with a crash.

Error: (03/09/2013 08:41:18 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2220 seconds with 1320 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 50%
Total physical RAM: 4043.86 MB
Available physical RAM: 2002.67 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 4878.76 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:582.37 GB) (Free:425.48 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 937E5357)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#19
gem_84

gem_84

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

See attached.

Attached Thumbnails

  • Screen1.jpg
  • Screen3.png

Attached Files


Edited by gem_84, 22 April 2015 - 12:02 PM.

  • 0

#20
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
If you are connected via a router, please, reset your router as well. Proceed to the following fix afterwards.


 
  • Step #4 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
      CreateResTorePoint:
      CloseProcesses:
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
      SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
      FF Plugin HKU\S-1-5-21-1000779515-372188092-3968880-1001: sainsburys.co.uk/SainsburysMP3DLMPlugin -> C:\Users\Gem\AppData\Local\Sainsburys Entertainment MP3 Download Manager\npSainsburysMP3DLMPlugin.dll [2014-02-21] (J Sainsbury PLC)
      CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2014-08-25]
      2015-04-13 17:10 - 2015-04-13 17:10 - 00003196 _____ () C:\Windows\System32\Tasks\{5CA1CB10-8A8C-4090-8B8C-090112092F9D}
      File: C:\Users\Gem\AppData\Local\sponge.last.runtime.cache
      Folder: C:\Program Files (x86)\IndepthMonitor
      2015-04-09 12:35 - 2015-04-09 18:36 - 00000000 ____D () C:\Program Files (x86)\SmootHivieW
      Task: {AA136350-8338-40E1-BEF1-101185E1ED3F} - System32\Tasks\{5CA1CB10-8A8C-4090-8B8C-090112092F9D} => pcalua.exe -a "C:\Program Files (x86)\DiscountMan\DiscountMan.exe" -c /s /n /i:"ExecuteCommands;UninstallCommands" ""
      C:\Program Files (x86)\DiscountMan
      CMD: ipconfig /flushdns
      End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #5 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #6 ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting check the following box --
      • Enable detection for potentially unwanted programs
    • Click on Advanced Setting --
      • Check the box beside Remove Found Threats;
      • Check the box beside Scan archives
      • Check the box beside Scan for potentially unsafe applications
      • Check the box beside Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.
 
  • Required Log(s):
    • FRST Fix Log
    • Junkware Removal Tool Log
    • Malwarebytes' Anti-Malware Log
    • ESET Log
Regards,
Valinorum
  • 0

#21
gem_84

gem_84

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
 

What should I do with the threats found on ESET? There are 2 check boxes (uninstall and delete quarentined files), I haven't done anything with either yet, or pressed finish just in case.

 

[email protected] as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=7b00dfa973efe347b2e1526f5f35ca36
# engine=14521
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-25 07:09:58
# local_time=2013-07-25 08:09:58 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 1089639 127201248 0 0
# scanned=207883
# found=0
# cleaned=0
# scan_time=4932
[email protected] as downloader log:
all ok
[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=7b00dfa973efe347b2e1526f5f35ca36
# engine=23585
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-04-27 06:38:41
# local_time=2015-04-27 07:38:41 (+0000, GMT Daylight Time)
# country="United Kingdom"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 1562520 3043093 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 9940 182624971 0 0
# scanned=303950
# found=10
# cleaned=9
# scan_time=9666
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe"
sh=B49901CA942015B89C69CD94021D5B45ADABE634 ft=1 fh=c71c00115c0b6246 vn="a variant of Win32/Adware.MultiPlug.FL application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\TremendoUsSale\4MN0yxhTkiOAPy.dll"
sh=61F63DD3DCF53E31ECCE21EA2C5524505115A3CD ft=1 fh=45904c4cd210e08e vn="a variant of Win64/Adware.MultiPlug.G application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Program Files (x86)\TremendoUsSale\4MN0yxhTkiOAPy.x64.dll"
sh=5C64AC417091E1687194E50E4A171DA81023AD6D ft=1 fh=0150128e2cf83f93 vn="a variant of Win32/Adware.MultiPlug.HY application (cleaned by deleting - quarantined)" ac=C fn="C:\FRST\Quarantine\C\Users\Gem\AppData\Local\Temp\A1C0.exe.xBAD"
sh=3E37507BBD4C0287689634B2CDD77E59679681AF ft=1 fh=cbd9e88b633aff58 vn="Win32/Toolbar.Conduit.AP potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files\Vuze\.install4j\user\mism.exe"
sh=7D687D05DA69A2E0F1122983D90E88D91E11AFF0 ft=1 fh=c71c001178a23f88 vn="a variant of Win32/Adware.MultiPlug.IY application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\Mozilla Firefox\dbghelp.dll"
sh=25CF9B7BB46B581ED8DE03DDC56E1574087CACAA ft=1 fh=10c5a1651be6049d vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Gem\Downloads\ccsetup326.exe"
sh=59C75B45AC46FAC8C4018205544938C46B1BA631 ft=1 fh=ab462a0af6e69b03 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Gem\Downloads\ccsetup405.exe"
sh=B37B52285DE862B7CAEA96BB8EB99D9B10DE236F ft=1 fh=1dbf7062960066bb vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Gem\Downloads\Shockwave_Installer_Slim.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe"
 

JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.5 (04.27.2015:1)
OS: Windows 7 Home Premium x64
Ran by Gem on 27/04/2015 at 16:39:31.24
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\Gem\AppData\Roaming\getrighttogo





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/04/2015 at 16:43:09.17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-04-2015
Ran by Gem at 2015-04-13 17:28:55 Run:1
Running from C:\Users\Gem\Desktop
Loaded Profiles: Gem (Available profiles: Gem)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
Task: {D295957E-18AC-4C95-8141-480670AF4FF6} - System32\Tasks\AmiUpdXp => C:\Users\Gem\AppData\Local\1307\a18318.exe <==== ATTENTION
C:\Users\Gem\AppData\Local\1307
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Gem\AppData\Local\1307\a18318.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1000779515-372188092-3968880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM -> DefaultScope value is missing.
BHO: TremendoUsSale -> {ff7b3e9c-f873-428d-8c6a-fc3ae4829c29} -> C:\Program Files (x86)\TremendoUsSale\4MN0yxhTkiOAPy.x64.dll [2015-04-09] ()
BHO-x32: TremendoUsSale -> {ff7b3e9c-f873-428d-8c6a-fc3ae4829c29} -> C:\Program Files (x86)\TremendoUsSale\4MN0yxhTkiOAPy.dll [2015-04-09] ()
C:\Program Files (x86)\TremendoUsSale
CHR dev: Chrome dev build detected! <======= ATTENTION
S4 344c1489;  [X]
C:\Users\Gem\AppData\Local\Temp\A1C0.exe
C:\Users\Gem\AppData\Local\Temp\i4jdel0.exe
End
*****************

Restore point was successfully created.
Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D295957E-18AC-4C95-8141-480670AF4FF6}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D295957E-18AC-4C95-8141-480670AF4FF6}" => Key deleted successfully.
C:\Windows\System32\Tasks\AmiUpdXp => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AmiUpdXp" => Key deleted successfully.
C:\Users\Gem\AppData\Local\1307 => Moved successfully.
C:\Windows\Tasks\AmiUpdXp.job => Moved successfully.
C:\ProgramData\TEMP => ":DFC5A2B2" ADS removed successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
"HKU\S-1-5-21-1000779515-372188092-3968880-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ff7b3e9c-f873-428d-8c6a-fc3ae4829c29}" => Key deleted successfully.
"HKCR\CLSID\{ff7b3e9c-f873-428d-8c6a-fc3ae4829c29}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ff7b3e9c-f873-428d-8c6a-fc3ae4829c29}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{ff7b3e9c-f873-428d-8c6a-fc3ae4829c29}" => Key deleted successfully.
C:\Program Files (x86)\TremendoUsSale => Moved successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
344c1489 => Service deleted successfully.
C:\Users\Gem\AppData\Local\Temp\A1C0.exe => Moved successfully.
C:\Users\Gem\AppData\Local\Temp\i4jdel0.exe => Moved successfully.
EmptyTemp: => Removed 1.3 GB temporary data.


The system needed a reboot.

==== End of Fixlog 17:38:50 ====

 

 

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 17/04/2015
Scan Time: 07:47:06
Logfile: MBReport.txt
Administrator: Yes

Version: 2.01.4.1018
Malware Database: v2015.04.17.01
Rootkit Database: v2015.03.31.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Gem

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 405295
Time Elapsed: 2 hr, 49 min, 33 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.Agent, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{34BE6615-ADA0-46D1-9457-ABE77C82B0AD}, Quarantined, [f3b25617b7d39f9775ceb28acc3703fd],
PUP.Optional.Agent, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{34BE6615-ADA0-46D1-9457-ABE77C82B0AD}, Quarantined, [f3b25617b7d39f9775ceb28acc3703fd],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 4
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, Quarantined, [129374f964260a2c8940e705bc474fb1],
PUP.Optional.MultiPlug.A, C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa\167, Quarantined, [e2c35617a3e79d99384094c1d82dd42c],
PUP.Optional.MultiPlug.A, C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa, Quarantined, [e2c35617a3e79d99384094c1d82dd42c],
PUP.Optional.DiscountMan.A, C:\Program Files (x86)\DiscountMan, Quarantined, [baeb600d1a7074c2e1221da108fb37c9],

Files: 9
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, Quarantined, [129374f964260a2c8940e705bc474fb1],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, Quarantined, [129374f964260a2c8940e705bc474fb1],
PUP.Optional.MultiPlug.A, C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa\167\lsdb.js, Quarantined, [e2c35617a3e79d99384094c1d82dd42c],
PUP.Optional.MultiPlug.A, C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa\167\background.html, Quarantined, [e2c35617a3e79d99384094c1d82dd42c],
PUP.Optional.MultiPlug.A, C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa\167\content.js, Quarantined, [e2c35617a3e79d99384094c1d82dd42c],
PUP.Optional.MultiPlug.A, C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa\167\manifest.json, Quarantined, [e2c35617a3e79d99384094c1d82dd42c],
PUP.Optional.MultiPlug.A, C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\bohaeepgdechbpphaodjkjghdeajomaa\167\NmldY.js, Quarantined, [e2c35617a3e79d99384094c1d82dd42c],
PUP.Optional.DiscountMan.A, C:\Program Files (x86)\DiscountMan\DiscountMan.dat, Quarantined, [baeb600d1a7074c2e1221da108fb37c9],
PUP.Optional.DiscountMan.A, C:\Program Files (x86)\DiscountMan\DiscountMan.exe, Quarantined, [baeb600d1a7074c2e1221da108fb37c9],

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

 

 

 


  • 0

#22
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
You may delete the quarantined files. How is your PC?
  • 0

#23
gem_84

gem_84

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I haven't had any pop up blocker notifications from Avast since, so it's looking good!  Still running quite slowly, but it doesn't seem to be infected anymore.

 

Thank you!


  • 0

#24
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Logs are looking nice. Please perform a fresh FRST scan and post the logs.
  • 0

#25
gem_84

gem_84

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2015 01
Ran by Gem (administrator) on GEM-VAIO on 02-05-2015 07:16:20
Running from C:\Users\Gem\Desktop
Loaded Profiles: Gem (Available profiles: Gem)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apache Software Foundation) C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\Apache.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\Center\EKAiOHostService.exe
(Apache Software Foundation) C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\Apache.exe
(Eastman Kodak Company) C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\x64\3\EKIJ5000MUI.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoDashboard.exe
() C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
(Joyent, Inc) C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\SBWDKService.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\Office\SMARTInk-SBSDKProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Axentra Corporation) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInkPrivilegedAccess.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\Admload.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Gem\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_17_0_0_169.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe [3182080 2012-10-08] (Eastman Kodak Company)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-07] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [Memeo Instant Backup] => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe [136416 2011-05-04] (Memeo Inc.)
HKLM-x32\...\Run: [Seagate Dashboard] => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe [79112 2011-06-01] ()
HKLM-x32\...\Run: [sbsdk-server] => C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe [62360 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Board Service] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe [2219416 2012-10-24] (SMART Technologies)
HKLM-x32\...\Run: [SMART Ink] => C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe [98200 2012-10-25] (SMART Technologies)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [iSkysoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\iSkysoft\iSkysoft Helper Compact\ISHelper.exe
HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe
HKLM-x32\...\Run: [EKStatusMonitor] => C:\Program Files (x86)\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2750840 2013-12-11] (Eastman Kodak Company)
HKLM-x32\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\x64\3\EKIJ5000MUI.exe
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5512912 2015-04-09] (Avast Software s.r.o.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [Spotify Web Helper] => C:\Users\Gem\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2020920 2015-04-24] (Spotify Ltd)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-11-21] (Apple Inc.)
HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-11-21] (Apple Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-04-09] (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.c...q={searchTerms}
HKU\S-1-5-21-1000779515-372188092-3968880-1001\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {9B1BCEF8-43CA-48A7-AE95-A864AC326CF0} URL = http://rover.ebay.co...w={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = https://www.google.c...q={searchTerms}
SearchScopes: HKU\S-1-5-21-1000779515-372188092-3968880-1001 -> {FDD636D9-8F25-4448-9022-DD29CB98CAB3} URL = http://services.zini...}&rf=sonyslices
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-04-09] (Avast Software s.r.o.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-04-09] (Avast Software s.r.o.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Gem\AppData\Roaming\Mozilla\Firefox\Profiles\fmly66ix.default-1429547664060
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-04-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-07-30] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-05-10] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1000779515-372188092-3968880-1001: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10174.dll [2012-12-07] (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-04-09]

Chrome:
=======
CHR Profile: C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-25]
CHR Extension: (Google Drive) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-25]
CHR Extension: (YouTube) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-25]
CHR Extension: (Google Cast) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2014-08-25]
CHR Extension: (Google Search) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-25]
CHR Extension: (AdBlock) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-02-10]
CHR Extension: (Avast Online Security) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-04-12]
CHR Extension: (Google Wallet) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-25]
CHR Extension: (Gmail) - C:\Users\Gem\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-04-09] (Avast Software s.r.o.)
R2 CollinsPrimary; C:\Program Files (x86)\Collins Education\Collins Primary\Apache\bin\apache.exe [20541 2007-10-04] (Apache Software Foundation) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2361344 2011-03-29] (Realsil Microelectronics Inc.) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [582552 2012-10-24] (SMART Technologies)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1286784 2012-10-26] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-04-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-04-09] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-04-09] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-04-09] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-04-09] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-04-09] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [271200 2015-04-09] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [16280 2012-10-24] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [15256 2012-10-24] (SMART Technologies)
R3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [24984 2012-10-24] (SMART Technologies ULC)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-01 19:05 - 2015-05-01 19:42 - 00000000 ____D () C:\Users\Gem\Downloads\Get.Hard.2015.HC.HDRip.XViD-ETRG
2015-05-01 19:05 - 2015-05-01 19:05 - 00000000 ____D () C:\Users\Gem\Downloads\Kingsman.The.Secret.Service.2014.HC.HDRip.XViD.AC3-ETRG
2015-04-28 06:13 - 2015-04-28 06:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-27 16:43 - 2015-04-27 16:43 - 00000808 _____ () C:\Users\Gem\Desktop\JRT.txt
2015-04-27 16:39 - 2015-04-27 16:39 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-GEM-VAIO-Windows-7-Home-Premium-(64-bit).dat
2015-04-27 16:39 - 2015-04-27 16:39 - 00000000 ____D () C:\RegBackup
2015-04-27 16:36 - 2015-04-27 16:36 - 02715845 _____ (Thisisu) C:\Users\Gem\Downloads\JRT.exe
2015-04-24 16:11 - 2015-04-24 16:11 - 00000000 ___RD () C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-04-22 18:41 - 2015-04-22 18:41 - 00001753 _____ () C:\Users\Public\Desktop\iTunes.lnk
2015-04-22 18:41 - 2015-04-22 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-04-22 18:40 - 2015-04-22 18:41 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-22 18:40 - 2015-04-22 18:41 - 00000000 ____D () C:\Program Files\iTunes
2015-04-22 18:40 - 2015-04-22 18:40 - 00000000 ____D () C:\Program Files\iPod
2015-04-22 18:40 - 2015-04-22 18:40 - 00000000 ____D () C:\Program Files (x86)\iTunes
2015-04-21 19:26 - 2015-04-21 19:31 - 252228024 _____ () C:\Users\Gem\Downloads\Hannibal.S01E03.HDTV.x264-LOL.mp4
2015-04-20 17:45 - 2015-04-20 17:45 - 00001155 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-04-20 17:45 - 2015-04-20 17:45 - 00001143 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-04-20 17:44 - 2015-04-29 17:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-20 17:42 - 2015-04-20 17:42 - 00243320 _____ () C:\Users\Gem\Downloads\Firefox Setup Stub 37.0.1.exe
2015-04-17 10:46 - 2015-04-17 10:46 - 00003394 _____ () C:\Users\Gem\Desktop\MBReport.txt
2015-04-17 07:46 - 2015-04-18 10:47 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-17 07:45 - 2015-04-17 07:45 - 00001098 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-17 07:42 - 2015-04-17 07:43 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\Gem\Desktop\mbam-setup-majorgeeks-2.1.4.1018.exe
2015-04-16 09:17 - 2015-04-16 09:17 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-16 09:17 - 2015-04-16 09:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-15 12:29 - 2015-03-17 06:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 12:29 - 2015-03-17 06:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 12:29 - 2015-03-17 06:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 12:29 - 2015-03-17 06:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 12:29 - 2015-03-17 06:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 12:29 - 2015-03-17 06:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 12:29 - 2015-03-17 06:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 12:29 - 2015-03-17 06:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 12:29 - 2015-03-17 06:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 12:29 - 2015-03-17 06:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 12:29 - 2015-03-17 06:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 12:29 - 2015-03-17 06:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 12:29 - 2015-03-17 06:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 12:29 - 2015-03-17 06:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 12:29 - 2015-03-17 06:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 06:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 12:29 - 2015-03-17 06:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 12:29 - 2015-03-17 05:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 12:29 - 2015-03-17 05:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 12:29 - 2015-03-17 05:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 12:29 - 2015-03-17 05:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 12:29 - 2015-03-17 05:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 12:29 - 2015-03-17 05:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 12:29 - 2015-03-17 05:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 05:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 12:29 - 2015-03-17 04:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 12:29 - 2015-03-17 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 12:29 - 2015-03-17 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 12:28 - 2015-03-25 04:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 12:28 - 2015-03-25 04:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 12:28 - 2015-03-25 04:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 12:28 - 2015-03-25 04:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 12:28 - 2015-03-25 04:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 12:28 - 2015-03-25 04:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 12:28 - 2015-03-23 04:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 12:28 - 2015-03-23 04:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 12:28 - 2015-03-23 04:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 12:28 - 2015-03-23 04:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 12:16 - 2015-04-02 00:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 12:16 - 2015-03-13 05:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 12:16 - 2015-03-13 05:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 12:16 - 2015-03-13 04:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 12:16 - 2015-03-13 04:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 12:16 - 2015-03-13 04:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 12:16 - 2015-03-13 04:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 12:16 - 2015-03-13 04:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 12:16 - 2015-03-13 04:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 12:16 - 2015-03-13 04:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 12:16 - 2015-03-13 04:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 12:16 - 2015-03-13 04:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 12:16 - 2015-03-13 04:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 12:16 - 2015-03-13 04:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 12:16 - 2015-03-13 03:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 12:16 - 2015-03-13 03:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 12:16 - 2015-03-13 03:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 12:16 - 2015-03-13 03:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 12:16 - 2015-03-13 03:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 12:16 - 2015-03-10 04:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 12:16 - 2015-03-10 04:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 12:16 - 2015-03-10 04:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 12:16 - 2015-03-10 04:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 12:16 - 2015-03-05 06:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 12:16 - 2015-03-05 05:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 12:16 - 2015-02-25 04:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 12:15 - 2015-04-02 01:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 12:15 - 2015-03-13 05:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 12:15 - 2015-03-13 05:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 12:15 - 2015-03-13 05:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 12:15 - 2015-03-13 05:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 12:15 - 2015-03-13 05:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 12:15 - 2015-03-13 05:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 12:15 - 2015-03-13 05:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 12:15 - 2015-03-13 05:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 12:15 - 2015-03-13 04:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 12:15 - 2015-03-13 04:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 12:15 - 2015-03-13 04:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 12:15 - 2015-03-13 04:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 12:15 - 2015-03-13 04:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 12:15 - 2015-03-13 04:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 12:15 - 2015-03-13 04:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 12:15 - 2015-03-13 04:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 12:15 - 2015-03-13 04:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 12:15 - 2015-03-13 04:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 12:15 - 2015-03-13 04:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 12:15 - 2015-03-13 04:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 12:15 - 2015-03-13 04:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 12:15 - 2015-03-13 04:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 12:15 - 2015-03-13 04:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 12:15 - 2015-03-13 04:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 12:15 - 2015-03-13 04:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 12:15 - 2015-03-13 04:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 12:15 - 2015-03-13 04:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 12:15 - 2015-03-13 04:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 12:15 - 2015-03-13 04:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 12:15 - 2015-03-13 03:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 12:15 - 2015-03-13 03:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 12:15 - 2015-03-13 03:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 12:15 - 2015-03-13 03:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 12:15 - 2015-03-13 03:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 12:15 - 2015-03-13 03:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 12:15 - 2015-03-13 03:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 12:15 - 2015-03-13 03:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 12:15 - 2015-03-13 03:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 12:14 - 2015-03-04 05:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 12:14 - 2015-03-04 05:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 12:14 - 2015-03-04 05:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 10:00 - 2015-04-15 10:00 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-13 17:50 - 2015-04-19 16:41 - 00000000 ____D () C:\AdwCleaner
2015-04-13 17:49 - 2015-04-13 17:49 - 02217984 _____ () C:\Users\Gem\Desktop\adwcleaner_4.201.exe
2015-04-13 17:28 - 2015-05-02 07:16 - 00000000 ____D () C:\Users\Gem\Desktop\FRST-OlderVersion
2015-04-13 11:24 - 2015-04-13 11:24 - 00000000 ____D () C:\Users\Gem\Downloads\Hozier (Deluxe Version)
2015-04-12 16:28 - 2015-04-22 18:35 - 00037868 _____ () C:\Users\Gem\Desktop\Addition.txt
2015-04-12 16:25 - 2015-04-12 16:26 - 42925480 _____ (Oracle Corporation) C:\Users\Gem\Downloads\jre-8u40-windows-x64.exe
2015-04-12 16:25 - 2015-04-12 16:25 - 00560552 _____ (Oracle Corporation) C:\Users\Gem\Downloads\jre-8u40-windows-i586-iftw.exe
2015-04-12 16:16 - 2015-05-02 07:17 - 00020342 _____ () C:\Users\Gem\Desktop\FRST.txt
2015-04-12 16:14 - 2015-05-02 07:16 - 00000000 ____D () C:\FRST
2015-04-12 16:05 - 2015-05-02 07:16 - 02101248 _____ (Farbar) C:\Users\Gem\Desktop\FRST64.exe
2015-04-09 17:38 - 2015-04-09 17:38 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\AVAST Software
2015-04-09 17:37 - 2015-05-01 16:40 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-04-09 17:37 - 2015-04-09 17:37 - 00001922 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-04-09 17:37 - 2015-04-09 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-04-09 17:36 - 2015-04-09 17:36 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-04-09 17:36 - 2015-04-09 17:36 - 00271200 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00136752 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00088408 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-04-09 17:36 - 2015-04-09 17:36 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-04-09 17:36 - 2015-04-09 17:36 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-04-09 17:36 - 2015-04-09 17:35 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-04-09 17:34 - 2015-04-09 17:34 - 00000000 ____D () C:\Program Files\AVAST Software
2015-04-09 17:33 - 2015-04-09 17:33 - 05481352 _____ (Avast Software s.r.o.) C:\Users\Gem\Downloads\avast_free_antivirus_setup_online.exe
2015-04-09 17:33 - 2015-04-09 17:33 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-09 14:01 - 2015-04-09 14:01 - 00214576 _____ (Trend Micro Inc.) C:\Windows\RegBootClean.exe
2015-04-09 12:45 - 2015-04-09 12:45 - 00000010 _____ () C:\Users\Gem\AppData\Local\sponge.last.runtime.cache
2015-04-09 12:41 - 2015-04-09 12:41 - 00000000 ____D () C:\ProgramData\{290a0e81-86ce-5a7d-290a-a0e8186c3a06}
2015-04-09 12:36 - 2015-04-12 16:22 - 00000020 _____ () C:\Users\Gem\AppData\Roaming\appdataFr3.bin
2015-04-09 12:36 - 2015-04-09 14:01 - 00000000 ____D () C:\Program Files (x86)\IndepthMonitor
2015-04-09 12:35 - 2015-04-09 18:37 - 00000000 ____D () C:\Program Files (x86)\Translate This
2015-04-09 12:34 - 2015-04-09 12:35 - 00000000 ____D () C:\ProgramData\6211581295172710874
2015-04-08 15:49 - 2015-04-08 15:49 - 00000000 ____D () C:\Users\Gem\AppData\Local\Axialis
2015-04-06 07:16 - 2015-04-06 07:16 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-06 07:16 - 2015-04-06 07:16 - 00000000 ___SD () C:\Windows\system32\GWX

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-02 07:17 - 2013-02-09 10:37 - 00000000 ____D () C:\Users\Gem\AppData\Local\Deployment
2015-05-02 07:16 - 2012-07-05 14:45 - 00000000 ____D () C:\Users\Gem\AppData\Local\Spotify
2015-05-02 07:15 - 2012-07-02 14:18 - 01878389 _____ () C:\Windows\WindowsUpdate.log
2015-05-02 07:11 - 2013-07-04 16:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-01 20:02 - 2012-07-05 14:45 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\Spotify
2015-05-01 20:01 - 2015-02-10 19:30 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\BitTorrent
2015-05-01 19:08 - 2014-10-31 07:49 - 00029852 _____ () C:\Windows\setupact.log
2015-05-01 19:04 - 2012-07-26 07:39 - 00000000 ____D () C:\Users\Gem\AppData\Local\CrashDumps
2015-05-01 18:00 - 2012-07-02 15:28 - 00003918 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{3F3EFB1E-51E9-4E75-BDA9-D969562BCEF7}
2015-05-01 16:44 - 2013-11-03 16:55 - 00000000 ____D () C:\ProgramData\Kodak
2015-04-29 17:46 - 2009-07-14 05:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-29 17:46 - 2009-07-14 05:45 - 00028848 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-29 17:36 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-28 12:51 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 06:20 - 2012-12-29 09:51 - 00001137 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2015-04-28 06:07 - 2014-05-15 20:10 - 00000000 ____D () C:\Users\Gem\AppData\Local\Sainsburys Entertainment MP3 Download Manager
2015-04-27 16:49 - 2013-07-25 06:45 - 02347384 _____ (ESET) C:\Users\Gem\Downloads\esetsmartinstaller_enu.exe
2015-04-27 16:31 - 2014-11-13 17:38 - 00011494 _____ () C:\Windows\PFRO.log
2015-04-22 18:40 - 2012-07-02 17:17 - 00000000 ____D () C:\Program Files\Common Files\Apple
2015-04-22 06:01 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-17 15:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2015-04-17 14:39 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-17 07:45 - 2014-06-17 20:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-17 07:45 - 2014-06-17 20:31 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-16 15:03 - 2014-12-11 17:52 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 15:03 - 2014-05-01 17:37 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 15:03 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-16 09:31 - 2012-07-02 20:22 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-16 09:27 - 2011-02-11 00:03 - 00766780 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 09:17 - 2012-07-02 15:13 - 00000000 ____D () C:\ProgramData\Skype
2015-04-16 09:14 - 2013-07-14 20:53 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 08:18 - 2012-07-13 21:39 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 10:00 - 2013-07-04 16:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-15 10:00 - 2012-07-19 06:22 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-15 10:00 - 2012-07-19 06:22 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-13 18:28 - 2014-08-25 16:46 - 00000000 ____D () C:\Program Files (x86)\Google
2015-04-13 17:05 - 2012-07-02 17:33 - 00001945 _____ () C:\Windows\epplauncher.mif
2015-04-12 16:29 - 2012-07-02 20:52 - 00000000 ____D () C:\Users\Gem\AppData\Local\Adobe
2015-04-09 19:31 - 2013-08-28 18:31 - 00000000 ____D () C:\Users\Gem\AppData\Roaming\LockAP
2015-04-09 17:52 - 2015-03-28 19:11 - 00000000 ____D () C:\ProgramData\{83ddb60c-8505-95ca-83dd-db60c850d832}
2015-04-09 12:50 - 2012-07-29 08:56 - 00393302 _____ () C:\Users\Gem\AppData\Local\census.cache
2015-04-09 12:50 - 2012-07-29 08:56 - 00068638 _____ () C:\Users\Gem\AppData\Local\ars.cache
2015-04-09 12:37 - 2012-07-29 08:49 - 02073112 _____ (Trend Micro Inc.) C:\Users\Gem\Downloads\HousecallLauncher.exe
2015-04-09 09:26 - 2013-01-26 17:06 - 00000000 ____D () C:\Users\Gem\Documents\School
2015-04-02 17:26 - 2012-07-05 14:45 - 00001795 _____ () C:\Users\Gem\Desktop\Spotify.lnk
2015-04-02 17:26 - 2012-07-05 14:45 - 00001781 _____ () C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk

==================== Files in the root of some directories =======

2015-04-09 12:36 - 2015-04-12 16:22 - 0000020 _____ () C:\Users\Gem\AppData\Roaming\appdataFr3.bin
2013-08-28 06:42 - 2013-08-28 06:42 - 0000029 _____ () C:\Users\Gem\AppData\Roaming\mbam.context.scan
2012-07-29 08:56 - 2015-04-09 12:50 - 0068638 _____ () C:\Users\Gem\AppData\Local\ars.cache
2012-07-29 08:56 - 2015-04-09 12:50 - 0393302 _____ () C:\Users\Gem\AppData\Local\census.cache
2012-09-01 09:18 - 2015-01-11 17:49 - 0007680 _____ () C:\Users\Gem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-07-29 08:49 - 2012-07-29 08:49 - 0000036 _____ () C:\Users\Gem\AppData\Local\housecall.guid.cache
2015-04-09 12:45 - 2015-04-09 12:45 - 0000010 _____ () C:\Users\Gem\AppData\Local\sponge.last.runtime.cache

Some content of TEMP:
====================
C:\Users\Gem\AppData\Local\Temp\Quarantine.exe
C:\Users\Gem\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-24 17:06

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2015 01
Ran by Gem at 2015-05-02 07:18:19
Running from C:\Users\Gem\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1000779515-372188092-3968880-500 - Administrator - Disabled)
Gem (S-1-5-21-1000779515-372188092-3968880-1001 - Administrator - Enabled) => C:\Users\Gem
Guest (S-1-5-21-1000779515-372188092-3968880-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1000779515-372188092-3968880-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader X (10.1.7) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.7 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (x32 Version: 5.8.10.0 - Your Company Name) Hidden
aioscnnr (x32 Version: 7.6.13.10 - Your Company Name) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{61438020-DDD4-42FA-99A2-50225441980A}) (Version: 2.0.1.142 - ArcSoft)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.392 - ArcSoft)
Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Atheros)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2215 - AVAST Software)
BBC iPlayer Desktop (HKLM-x32\...\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1) (Version: 3.0.11 - British Broadcasting Corp.)
BBC iPlayer Desktop (x32 Version: 3.0.11 - British Broadcasting Corp.) Hidden
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
BitTorrent (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\BitTorrent) (Version: 7.9.3.40101 - BitTorrent Inc.)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.3.0.100 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.05 - Piriform)
center (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Collins Primary (remove only) (HKLM-x32\...\Collins Primary) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.0.53 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
essentials (x32 Version: 7.8.0.0 - Eastman Kodak Company) Hidden
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2291 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.8.1.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM-x32\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.8.5.2 - Eastman Kodak Company)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Media Gallery (Version: 1.5.0.16020 - Your Company Name) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 37.0.2 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 en-GB)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
ocr (x32 Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OverDrive Media Console (HKLM-x32\...\{D07205E7-F6D3-4333-AFCC-782A07685B72}) (Version: 3.2.20 - OverDrive, Inc.)
Plugin (x32 Version: 1.0.0.0 - Sainsburys) Hidden
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.5.02.12220 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06140 - Sony Corporation) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden
Primary Target Tracker (HKLM-x32\...\{D09AB53B-6204-4FA5-A3AC-FD66F9983451}) (Version: 15.1.1.5 - Target Tracker)
PrintProjects (HKLM-x32\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
Qualcomm Atheros Direct Connect (x32 Version: 3.0 - Qualcomm Atheros) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.03020 - Sony Corporation) Hidden
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Sainsburys Entertainment MP3 Download Manager (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\{ca5d3dfd-8e2c-433c-a09c-829482611d48}) (Version: 2.0.20 - Sainsburys Entertainment)
Sainsburys Entertainment MP3 Download Manager (x32 Version: 2.0.20 - Sainsburys Entertainment) Hidden
Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
Sky Go Desktop (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\1313144945.go.sky.com) (Version:  - go.sky.com)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SMART Common Files (HKLM-x32\...\{ED2455F7-6AA6-4D3C-85E9-A72297DD7051}) (Version: 11.1.34.1 - SMART Technologies ULC)
SMART English (United Kingdom) Language Pack (HKLM-x32\...\{AD53E305-0F31-426E-85D1-35C63D913639}) (Version: 11.0.50.1 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{4A1F2472-6164-43FA-9D2F-B35E71A8DF32}) (Version: 1.1.233.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{AFE024C7-7CA7-4C8E-90EE-D877C7CD96A3}) (Version: 11.0.705.1 - SMART Technologies ULC)
SMART Product Drivers (HKLM-x32\...\{E3189F44-F7BD-4F96-B756-A0AEFAF61D3A}) (Version: 11.0.510.2 - SMART Technologies ULC)
SmootHivieW (HKLM-x32\...\{8CE9822A-21D0-0BCB-572F-5B74B2D0437A}) (Version:  - )
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Spotify (HKU\S-1-5-21-1000779515-372188092-3968880-1001\...\Spotify) (Version: 1.0.4.90.g0b6df40b - Spotify AB)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TomTom HOME (HKLM-x32\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Translate This (HKLM-x32\...\{F679D2F0-CE91-93C8-BD2D-062DF04DA0C1}) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - Media Gallery (HKLM-x32\...\{FA870BF1-44A1-4B7D-93E1-C101369AF0C1}) (Version: 1.5.0.16020 - Sony Corporation)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{66081CDD-C1FE-415F-BB3A-F2622BA27461}) (Version: 1.6.00.06030 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{270380EB-8812-42E1-8289-53700DB840D2}) (Version: 1.6.00.06140 - Sony Corporation)
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.0.1.03020 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.4.2.11150 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.5.0.03040 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.6.0.13140 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.6.0.13140 - Sony Corporation) Hidden
VAIO Easy Connect (HKLM-x32\...\InstallShield_{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 1.1.1.12200 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.1.1.12200 - Sony Corporation) Hidden
VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.2.02200 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.4.0.10090 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.2.0.14280 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.0.0.14150 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 2.0.0.02250 - Sony Corporation)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.4.5.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.4.5.3 - Sony Corporation) Hidden
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.4.2.09010 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.8.0.08120 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.4.0.14230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.1.1.10250 - Sony Corporation)
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VESx64 (Version: 1.0.0 - Sony Corporation) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VGClientX86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.8 (HKLM-x32\...\VLC media player) (Version: 2.0.8 - VideoLAN)
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.3.0.0 - Azureus Software, Inc.)
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

14-04-2015 14:49:06 Windows Update
16-04-2015 07:51:14 Windows Update
16-04-2015 14:55:35 Windows Update
21-04-2015 16:32:15 Windows Update
28-04-2015 06:06:15 Restore Point Created by FRST
28-04-2015 21:08:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0285B227-06D6-4CF1-8052-5F4164D9B5E2} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {164A55BC-DC82-474D-9A6C-BC9E2BA64D75} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {28C59DEE-0773-4879-8731-5AE4C3B26913} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {315D2BAC-607F-4DDF-9AF4-B9D10A5307F5} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {35EDE55C-1A40-44DF-AE93-3333FB62E7E5} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-04-09] (Avast Software s.r.o.)
Task: {64FF1C4D-4A69-496A-B454-DDC9906A7177} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-02-15] (Sony Corporation)
Task: {70EDE0D7-B4EA-449F-8E86-03892D247554} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2012-02-20] (Sony Corporation)
Task: {71532B49-4909-4D3C-AC82-453E8096DD0B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-08-21] (Piriform Ltd)
Task: {7E3B60AA-8CDB-49D2-B181-43B2B6D711AB} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-02-20] (Sony Corporation)
Task: {8AAD71AD-F651-47B9-AAED-1ECB83B4C0C5} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-26] (Sony Corporation)
Task: {ACB12846-2297-4CF0-87EB-38371ED54757} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {BE4B303D-5E3B-4104-BBE2-880C87260D68} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {CEC4BEA5-A3D1-497C-B661-42F611E2671D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D0DAEB47-2A1D-4CD7-9971-0952FFA3C01E} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {DC568C83-B68C-4250-BE3F-F1F3B3E60FCE} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {E25F8A9E-9637-48B0-B585-E9F51C4BECDA} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {E9CF9EFF-81E0-4539-874F-6CC4254CC219} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {E9FAD057-C827-4DF2-A5A1-4D03B4C334A9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2012-10-26] (Sony Corporation)
Task: {F156CAF0-599F-4618-9E1E-811798CFEA04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) ==============

2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-30 02:46 - 2011-03-29 09:47 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 00325344 _____ () C:\Program Files (x86)\Memeo\AutoBackup\InstantBackup.exe
2012-07-04 07:46 - 2011-02-25 17:14 - 00297472 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00070656 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00063488 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00215040 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00260608 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00059904 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00157696 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00138752 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2012-07-04 07:46 - 2011-02-25 17:14 - 00025600 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-09 17:36 - 2015-04-09 17:36 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-04-29 17:27 - 2015-04-29 17:27 - 02925568 _____ () C:\Program Files\AVAST Software\Avast\defs\15042900\algo.dll
2015-05-01 20:44 - 2015-05-01 20:44 - 02926592 _____ () C:\Program Files\AVAST Software\Avast\defs\15050101\algo.dll
2007-04-20 22:30 - 2007-04-20 22:30 - 00040960 _____ () C:\Program Files (x86)\Collins Education\Collins Primary\php\ext\php_amf.dll
2012-07-02 14:40 - 2011-03-05 16:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-06-01 17:42 - 2011-06-01 17:42 - 00108296 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Memeo.Progress.dll
2011-06-01 17:46 - 2011-06-01 17:46 - 00030984 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\Plugins\Memeo.Dashboard.SeagateSharePlusPlugin.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 02896608 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.UI.dll
2011-05-04 22:04 - 2011-05-04 22:04 - 00027360 _____ () C:\Program Files (x86)\Memeo\AutoBackup\Memeo.Client.DriveDetection.dll
2010-03-22 23:59 - 2010-03-22 23:59 - 00504293 _____ () C:\Program Files (x86)\Memeo\AutoBackup\sqlite3.DLL
2012-10-17 09:40 - 2012-10-17 09:40 - 00454656 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\SBSDK.node
2012-10-17 09:40 - 2012-10-17 09:40 - 00030208 _____ () C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\node_modules\HWR.node
2015-04-09 17:36 - 2015-04-09 17:36 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-19 14:38 - 2014-10-19 14:38 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ba8588c3319d63350220ec2ac3eb2c36\IsdiInterop.ni.dll
2012-07-02 14:24 - 2010-09-13 18:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2011-06-01 17:16 - 2011-06-01 17:16 - 00241664 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libupnp.dll
2011-06-01 17:16 - 2011-06-01 17:16 - 00971776 _____ () C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\libxml2.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1000779515-372188092-3968880-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Gem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [{2EEAAE20-0887-4E3E-9ECB-4F6CFCDBD55D}] => (Allow) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
FirewallRules: [{D035D982-1E08-4553-854A-0944122CFA96}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{FC14716C-2EB7-444F-B3E0-AF679527661E}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{592C4BCA-E4CC-4E85-A530-EACF352492B7}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{08BAF713-DF39-4121-BFF2-B40431177DFC}] => (Allow) LPort=2869
FirewallRules: [{37A71FA8-627E-4D85-B744-6994E64208FA}] => (Allow) LPort=1900
FirewallRules: [{7EBF5370-E414-403E-B07F-28D3FFD7BFF0}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{7F8F2519-D5ED-4DB3-9FE3-CB1953552A33}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{163CD20B-FCB3-4DB9-8109-38CAA352BDA2}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{1197822F-9B30-4A70-A455-A7CC69A57A82}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A78D4875-7CF0-4C9B-8237-3A41A0D4F12B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DA927FED-E7ED-4896-8257-79DFB51BF7B6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B6BF2EBA-A82B-4901-A81C-A7C0C20DCAFA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{048EAEE3-2E3E-40AE-A2E4-514DFB242729}C:\users\gem\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gem\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{460E4D4B-8400-41A4-8207-4282DC9D789A}C:\users\gem\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\gem\appdata\roaming\spotify\spotify.exe
FirewallRules: [{CC0C2E41-877F-455C-8A39-3489971921CB}] => (Allow) C:\Program Files (x86)\Seagate\Seagate Dashboard\HipServAgent\HipServAgent.exe
FirewallRules: [{9858B468-42C9-4865-91BF-77BA81AEFC2D}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
FirewallRules: [{9E3C35D2-E947-4780-B8FE-F949E76BE229}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{474C421F-E756-44DB-A7BB-6720DFCD6E94}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [{F540BDDE-2047-4CA3-B40B-68926938BB74}] => (Allow) C:\Program Files\Sony\VAIO Smart Network\WFDA\WiFiDirectApplication.exe
FirewallRules: [TCP Query User{134A122D-C953-4E6F-B20E-14C05BC327D0}C:\users\gem\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gem\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6BF774CE-1009-4E32-B661-03585223C8E5}C:\users\gem\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\gem\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{09B7DB5E-9A31-4B3B-8377-F0ECD52BAC65}C:\program files (x86)\collins education\collins primary\apache\bin\apache.exe] => (Allow) C:\program files (x86)\collins education\collins primary\apache\bin\apache.exe
FirewallRules: [UDP Query User{65FA3574-0529-4172-A0C6-FDB74BD552A8}C:\program files (x86)\collins education\collins primary\apache\bin\apache.exe] => (Allow) C:\program files (x86)\collins education\collins primary\apache\bin\apache.exe
FirewallRules: [{A3875D77-125E-478D-95FE-766188FCD107}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{F855B218-B132-4BDE-AD3E-80EADE52F202}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{11828F52-20A5-4CFA-9916-98389A562F6B}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{B90E19F3-4340-4C94-9789-2BB620924DE9}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{F8E6A5C6-265B-4335-B3C7-3570D8CE7177}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{2AD5DECB-8B03-410B-82BC-8C60113A1850}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{23D6463D-A1DA-4291-8572-917822263951}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe
FirewallRules: [{34EB7580-07EF-45E8-AA7D-AA1E353B8AE1}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\VantageService.exe
FirewallRules: [{F77DEAA6-C224-4A3A-81E7-8E970C33ADAD}] => (Allow) C:\Users\Gem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{67C5BF6C-F072-4F82-B4CA-E5BC893E233C}] => (Allow) C:\Users\Gem\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{3B41AE27-8736-4A07-8D8B-E86C651DD07F}] => (Allow) LPort=5353
FirewallRules: [{4E7B21F1-B002-4EA6-B6FD-65E444D90096}] => (Allow) LPort=9322
FirewallRules: [{D0E9C001-A930-49E6-ACBB-6DFAD44E64BC}] => (Allow) LPort=5353
FirewallRules: [{73D632E7-A39B-4FF9-B9AE-7D09B27C944D}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [{BC0CA27B-926A-4220-9518-D070C40F4FDC}] => (Allow) C:\Program Files\Vuze\Azureus.exe
FirewallRules: [TCP Query User{825D0101-F4CD-4626-A493-7309321FE425}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [UDP Query User{21FB9BA8-4B84-4681-A046-19F9575D4182}C:\program files\vuze\azureus.exe] => (Block) C:\program files\vuze\azureus.exe
FirewallRules: [{10C775BF-8724-4D86-B35B-A450EC2383FD}] => (Allow) C:\Users\Gem\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{ACE71C1B-110A-48CB-A4D0-5879DF8048FD}] => (Allow) C:\Users\Gem\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{C1988FE9-496F-4910-850F-29ADEFFC797F}] => (Allow) LPort=9322
FirewallRules: [{066806F2-955D-472D-B4B3-44C47F9BA9D3}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{DDFA77D3-86BA-47C7-B70B-4DC7DF93B41C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\AiOHomeCenter.exe
FirewallRules: [{46B3D6A2-5D15-47A7-96B7-9B0A17059640}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{35ACA79D-61DC-4CB5-9F88-6DC9FC9D3B1C}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\Kodak.Statistics.exe
FirewallRules: [{455D710A-6729-4E6C-8ABE-584D9E64BB73}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{505328AD-9E9A-43F7-A0CF-FB265DDAE749}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Center\NetworkPrinterDiscovery.exe
FirewallRules: [{552D02F3-81D0-43E3-8A7B-0D231B215154}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{84518C63-9951-4E24-9231-C85E86682D88}] => (Allow) C:\Program Files (x86)\Kodak\AiO\Firmware\KodakAiOUpdater.exe
FirewallRules: [{A2163D9B-C2E1-4140-93C2-13CEE93BC694}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{EA7DA023-FDDC-4052-861E-4BA6FD1BF23C}] => (Allow) C:\ProgramData\Kodak\Installer\Setup.exe
FirewallRules: [{0CBC595E-7063-4F9C-A877-C8C0540B7C2C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3DD795A9-7265-4B94-928D-CC302CF71DD4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{1CF1E0D6-831B-400C-9114-BF7590A09356}] => (Allow) C:\Program Files\iTunes\iTunes.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft Teredo Tunneling Adapter
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2015 07:04:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 11.0.9600.17728, time stamp: 0x55024724
Faulting module name: KERNEL32.dll, version: 6.1.7601.18798, time stamp: 0x5507b484
Exception code: 0xc0000005
Fault offset: 0x00011398
Faulting process id: 0x1dc4
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3

Error: (05/01/2015 06:37:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1061

Error: (05/01/2015 06:37:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1061

Error: (05/01/2015 06:10:56 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/01/2015 06:00:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/30/2015 02:49:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 21608151

Error: (04/30/2015 02:49:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 21608151

Error: (04/30/2015 02:49:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/29/2015 07:19:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1014

Error: (04/29/2015 07:19:29 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1014


System errors:
=============
Error: (05/02/2015 07:11:06 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (05/02/2015 07:11:06 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (05/02/2015 07:11:06 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/02/2015 07:11:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (05/02/2015 07:11:03 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (05/02/2015 07:11:03 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/02/2015 07:11:02 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (05/02/2015 07:11:02 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (05/02/2015 07:11:02 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (05/02/2015 04:07:22 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (01/05/2015 06:32:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 124 seconds with 120 seconds of active time.  This session ended with a crash.

Error: (01/05/2015 06:29:40 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 8, Application Name: Microsoft Office Publisher, Application Version: 12.0.6676.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1017 seconds with 840 seconds of active time.  This session ended with a crash.

Error: (03/01/2014 00:55:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6690.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 267 seconds with 240 seconds of active time.  This session ended with a crash.

Error: (06/02/2013 02:26:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 856 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (06/01/2013 06:48:16 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 826 seconds with 720 seconds of active time.  This session ended with a crash.

Error: (06/01/2013 06:34:13 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 324 seconds with 300 seconds of active time.  This session ended with a crash.

Error: (06/01/2013 03:55:27 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 360 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (05/30/2013 11:02:31 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4856 seconds with 3120 seconds of active time.  This session ended with a crash.

Error: (03/29/2013 08:20:09 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5528 seconds with 2220 seconds of active time.  This session ended with a crash.

Error: (03/09/2013 08:41:18 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2220 seconds with 1320 seconds of active time.  This session ended with a crash.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 47%
Total physical RAM: 4043.86 MB
Available physical RAM: 2113.4 MB
Total Pagefile: 8085.91 MB
Available Pagefile: 5221.83 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:582.37 GB) (Free:421.56 GB) NTFS
Drive f: (FLASH DRIVE) (Removable) (Total:7.19 GB) (Free:1.66 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 937E5357)
Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=582.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.2 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=7.2 GB) - (Type=0C)

==================== End Of Log ============================


  • 0

Advertisements


#26
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Try uninstalling software you do not use.
  • 0

#27
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,913 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP