Hello all,
Yesterday my computer started acting weird and all of a sudden my taskbar icons all disappeared and my desktop icons all moved around. The computer seems slow ever since and I think I might have gotten a virus. Below are the logs - thanks in advance!
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-05-2015
Ran by Marzena (administrator) on MARZENA-PC on 21-05-2015 18:36:47
Running from C:\Users\Marzena\Desktop
Loaded Profiles: Marzena (Available profiles: Marzena)
Platform: Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
() C:\Windows\System32\PSIService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgemcx.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Siber Systems) C:\Program Files\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2015\avgcfgex.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [RtHDVCpl] => C:\Windows\RtHDVCpl.exe [4669440 2007-09-01] (Realtek Semiconductor)
HKLM-x32\...\Run: [HotKeysCmds] => C:\Windows\system32\hkcmd.exe [154136 2007-09-19] (Intel Corporation)
HKLM-x32\...\Run: [Persistence] => C:\Windows\system32\igfxpers.exe [137752 2007-09-19] (Intel Corporation)
HKLM-x32\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [118784 2007-06-08] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2015\avgui.exe [3745744 2015-05-18] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-04-23] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-05-15] (Apple Inc.)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files\Real\RealPlayer\update\realsched.exe [295512 2014-12-05] (RealNetworks, Inc.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2007-08-14] (Sony Corporation)
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\...\Run: [KSS] => "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\...\Run: [RoboForm] => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [109784 2014-03-05] (Siber Systems)
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [31090792 2015-01-23] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [AOLOverlayIcon] -> {AB0C8BE3-041C-47d6-8195-E089D32B38DD} => C:\DDI\overicon.dll [2007-10-05] (TODO: <Company name>)
BootExecute: autocheck autochk * SsiEfr.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope value is missing
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-10-22] (Hewlett-Packard Co.)
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2014-03-05] (Siber Systems Inc.)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-01-30] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-30] (Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-10-22] (Hewlett-Packard Co.)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2014-03-05] (Siber Systems Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-03-04] (Google Inc.)
Toolbar: HKU\S-1-5-21-1233255463-3445828113-3813920422-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2014-03-05] (Siber Systems Inc.)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-08] (Microsoft Corporation)
ATTENTION: There are more than 99 Catalog9 entries. Turn off the whitelisting to see all the entries. You may check Device Manager for presence of unusual amount of "Microsoft 6to4 Adapter" devices.
Winsock: Catalog5 01 C:\Windows\system32\mswsock.dll [223232 2009-09-11] (Microsoft Corporation) ATTENTION: LibraryPath should be "%SystemRoot%\system32\NLAapi.dll"
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll [2014-12-05] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files\Real\RealPlayer\Netscape6\nprpplugin.dll [2014-12-05] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1233255463-3445828113-3813920422-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Marzena\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-01-13] (Citrix Online)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-07-10]
FF HKLM\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-03-30]
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2011-01-12]
FF HKLM\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-12-05]
FF HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\...\Firefox\Extensions: [
[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-05]
CHR Extension: (Google Drive) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-05]
CHR Extension: (YouTube) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-05]
CHR Extension: (Google Search) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-05]
CHR Extension: (Google Sheets) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-05]
CHR Extension: (Bookmark Manager) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-18]
CHR Extension: (Google Wallet) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Marzena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-05]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-03-05]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2015\avgidsagent.exe [3438544 2015-05-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2015\avgwdsvc.exe [311792 2015-05-18] (AVG Technologies CZ, s.r.o.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [135168 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [630784 2008-03-25] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S3 MSCSPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe [45056 2006-12-14] (Sony Corporation) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2008-07-18] (Hewlett-Packard) [File not signed]
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [204800 2007-09-20] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2006-12-14] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-07-18] (Hewlett-Packard) [File not signed]
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-05] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2006-12-14] (Sony Corporation) [File not signed]
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2007-06-28] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-08-14] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2818048 2007-09-23] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-08-09] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-08-09] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-Mobile-Gateway; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe [499712 2007-08-09] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2007-01-10] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-HTTP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [397312 2007-08-09] (Sony Corporation) [File not signed]
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2007-08-09] (Sony Corporation) [File not signed]
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292128 2007-09-29] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation) [File not signed]
R2 vToolbarUpdater13.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe [711112 2012-11-08] ()
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-28] (Sony Corporation) [File not signed]
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-28] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-19] (Microsoft Corporation)
S2 KSS; "C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" -r [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [132576 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [226784 2015-04-27] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [191968 2015-05-07] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [29664 2015-05-14] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [206816 2015-04-15] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [290272 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [166880 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [35808 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [213984 2015-05-04] (AVG Technologies CZ, s.r.o.)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\mbamswissarmy.sys [40776 2014-10-18] (Malwarebytes Corporation)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-05] (Texas Instruments)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [43520 2012-02-15] (Apple, Inc.) [File not signed]
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-19] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-21 18:36 - 2015-05-21 18:37 - 00023742 _____ () C:\Users\Marzena\Desktop\FRST.txt
2015-05-21 18:35 - 2015-05-21 18:36 - 00000000 ____D () C:\FRST
2015-05-21 18:34 - 2015-05-21 18:34 - 01147392 _____ (Farbar) C:\Users\Marzena\Downloads\FRST (1).exe
2015-05-21 18:34 - 2015-05-21 18:34 - 01147392 _____ (Farbar) C:\Users\Marzena\Desktop\FRST.exe
2015-05-20 22:02 - 2015-05-20 22:02 - 00000000 ____D () C:\Users\Marzena\AppData\Roaming\AVG2015
2015-05-20 21:59 - 2015-05-20 21:59 - 00000842 _____ () C:\Users\Public\Desktop\AVG 2015.lnk
2015-05-20 21:54 - 2015-05-20 22:00 - 00000000 ____D () C:\ProgramData\AVG2015
2015-05-20 21:51 - 2015-05-20 22:11 - 00000000 ____D () C:\Users\Marzena\AppData\Local\Avg2015
2015-05-20 21:51 - 2015-05-20 21:51 - 04818760 _____ (AVG Technologies) C:\Users\Marzena\Downloads\avg_free_stb_all_5863p1_177.exe
2015-05-18 20:31 - 2015-05-18 20:31 - 00000000 ____D () C:\Windows\system32\20-20 Technologies
2015-05-18 14:22 - 2015-05-18 14:22 - 02891995 _____ () C:\Users\Marzena\Downloads\Outlook.com (3).zip
2015-05-18 00:40 - 2015-05-18 00:40 - 00781040 _____ () C:\Users\Marzena\Downloads\Lost Gosling.zip
2015-05-14 13:49 - 2015-05-14 13:49 - 00029664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsshimx.sys
2015-05-13 02:51 - 2015-04-30 12:03 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 02:46 - 2015-04-19 17:24 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-05-13 02:46 - 2015-04-19 17:24 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-05-13 02:46 - 2015-04-19 17:24 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-05-13 02:46 - 2015-04-19 17:24 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-05-13 02:46 - 2015-04-19 16:19 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-05-13 02:46 - 2015-04-19 16:18 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-05-13 02:46 - 2015-04-19 16:13 - 00682496 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-05-13 02:46 - 2015-04-19 16:12 - 01072640 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 02:46 - 2015-04-19 16:12 - 00801792 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 02:46 - 2015-04-19 00:59 - 02065408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 02:45 - 2015-04-30 09:14 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 02:33 - 2015-04-10 19:22 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 14:20 - 2015-04-10 11:21 - 01139200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 14:20 - 2015-04-10 11:19 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 14:20 - 2015-04-10 11:19 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 14:20 - 2015-04-10 11:19 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 14:20 - 2015-04-10 11:19 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 14:20 - 2015-04-10 11:19 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 14:20 - 2015-04-10 11:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 14:20 - 2015-04-10 11:18 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-05-12 14:20 - 2015-04-10 11:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-05-12 14:20 - 2015-04-10 11:18 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-05-12 14:19 - 2015-04-10 11:30 - 12379136 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 14:19 - 2015-04-10 11:25 - 01810944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 14:19 - 2015-04-10 11:25 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 14:19 - 2015-04-10 11:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 14:19 - 2015-04-10 11:20 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 14:19 - 2015-04-10 11:20 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 14:19 - 2015-04-10 11:19 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 14:19 - 2015-04-10 11:19 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 14:19 - 2015-04-10 11:19 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-05-12 14:19 - 2015-04-10 11:18 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 14:19 - 2015-04-10 11:18 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 14:19 - 2015-04-10 11:18 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-10 23:49 - 2015-05-10 23:49 - 02394976 _____ () C:\Users\Marzena\Downloads\New Form Entry Contact Form.zip
2015-05-07 13:52 - 2015-05-07 13:52 - 00290272 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avglogx.sys
2015-05-07 13:52 - 2015-05-07 13:52 - 00191968 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidshx.sys
2015-05-07 13:52 - 2015-05-07 13:52 - 00166880 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx86.sys
2015-05-04 14:15 - 2015-05-04 14:15 - 00213984 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdix.sys
2015-04-27 13:19 - 2015-04-27 13:19 - 00226784 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdriverx.sys
2015-04-22 14:22 - 2015-04-22 14:22 - 01713756 _____ () C:\Users\Marzena\Downloads\DG Boston.zip
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-05-21 18:33 - 2006-11-02 08:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-21 18:33 - 2006-11-02 08:47 - 00003296 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 18:32 - 2012-11-23 13:51 - 01185786 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 18:27 - 2012-08-22 19:46 - 00000886 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-21 18:21 - 2015-01-13 15:11 - 00000574 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1233255463-3445828113-3813920422-1000.job
2015-05-21 18:21 - 2006-11-02 06:23 - 00000179 _____ () C:\Windows\win.ini
2015-05-21 17:53 - 2012-08-25 20:52 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-21 17:40 - 2014-05-18 12:27 - 00000000 ____D () C:\Users\Marzena\AppData\Roaming\Skype
2015-05-21 14:13 - 2010-10-17 12:06 - 00000000 ____D () C:\ProgramData\MFAData
2015-05-21 14:07 - 2012-08-22 19:46 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 14:07 - 2006-11-02 09:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-21 03:34 - 2006-11-02 09:01 - 00032574 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-20 22:02 - 2012-05-13 11:21 - 00000000 ___HD () C:\$AVG
2015-05-20 22:02 - 2006-11-02 08:37 - 00000000 ____D () C:\Program Files\Windows Sidebar
2015-05-20 22:01 - 2013-11-26 14:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-05-20 21:54 - 2008-09-07 11:08 - 00000000 ____D () C:\Program Files\AVG
2015-05-20 21:47 - 2012-08-22 19:47 - 00001971 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-13 14:19 - 2006-11-02 07:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2015-05-13 14:03 - 2006-11-02 08:47 - 03718096 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-13 13:55 - 2006-11-02 08:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2015-05-13 13:55 - 2006-11-02 08:37 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-13 02:51 - 2007-11-16 04:38 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-05-13 02:44 - 2013-08-14 03:15 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-13 02:35 - 2006-11-02 06:24 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-05-13 02:32 - 2010-06-03 21:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 02:31 - 2010-03-13 22:48 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2015-04-24 11:10 - 2006-11-02 06:33 - 00771970 _____ () C:\Windows\system32\PerfStringBackup.INI
==================== Files in the root of some directories =======
2008-06-28 23:05 - 2015-02-04 03:13 - 0012800 _____ () C:\Users\Marzena\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2008-08-11 19:08 - 2011-12-29 23:05 - 0003551 _____ () C:\ProgramData\hpzinstall.log
Files to move or delete:
====================
C:\Users\Marzena\CTX.DAT
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-21 14:27
==================== End of log ============================
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-05-2015
Ran by Marzena at 2015-05-21 18:38:17
Running from C:\Users\Marzena\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1233255463-3445828113-3813920422-500 - Administrator - Disabled)
Guest (S-1-5-21-1233255463-3445828113-3813920422-501 - Limited - Disabled)
Marzena (S-1-5-21-1233255463-3445828113-3813920422-1000 - Administrator - Enabled) => C:\Users\Marzena
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
32 Bit HP CIO Components Installer (Version: 2.1.5 - Hewlett-Packard) Hidden
AceBackup 3 (HKLM\...\{87B60A11-AA9E-43FE-A68F-B3C4F80F7D2F}) (Version: 3.0.2 - AceBIT)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM\...\Activation Assistant for the 2007 Microsoft Office suites) (Version: - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - )
Apple Application Support (HKLM\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5961 - AVG Technologies)
AVG 2015 (Version: 15.0.4347 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.5961 - AVG Technologies) Hidden
Bing Rewards Client Installer (Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (Version: 110.0.180.000 - Hewlett-Packard) Hidden
C4580 (Version: 110.0.218.000 - Hewlett-Packard) Hidden
C4580_Help (Version: 110.0.218.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (Version: 2.03.0000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.08 - Piriform)
Citrix Online Launcher (HKLM\...\{A08A6B7D-1F21-4843-85A3-77B8D15FAE0E}) (Version: 1.0.244 - Citrix)
Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.0.00.09140 - Sony Corporation)
Click to Disc (Version: 1.0.00.09140 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 1.0.00 - Sony Corporation)
Click to Disc Editor (Version: 1.0.00 - Sony Corporation) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Destination Component (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (Version: 11.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
eSupportQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
FileHippo.com Update Checker (HKLM\...\FileHippo.com) (Version: - )
GearDrvs (Version: 1 - Symantec Corporation) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 43.0.2357.65 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6227.252 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.27.5 - Google Inc.) Hidden
GoToMeeting 7.1.8.2553 (HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\...\GoToMeeting) (Version: 7.1.8.2553 - CitrixOnline)
GPBaseService (Version: 110.0.180.000 - Hewlett-Packard) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_104D0200) (Version: - )
HP Imaging Device Functions 11.0 (HKLM\...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart C4500 All-In-One Driver Software 11.0 Rel .4 (HKLM\...\{BED1705F-7558-40f7-9F52-6C6FBD58EA2E}) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM\...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{787D1A33-A97B-4245-87C0-7174609A540C}) (Version: 5.002.005.003 - Hewlett-Packard)
HPPhotoSmartPhotobookWebPack1 (Version: 2.03.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{79BD66B2-4DAE-4C3B-B08E-DC72E507C163}) (Version: 2.1.3.25 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: - )
iTunes (HKLM\...\{A9B3F8D5-DF4F-462B-81B7-4B69EBEDBC5B}) (Version: 11.2.0.115 - Apple Inc.)
Java 8 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LocationFree Player (HKLM\...\{D937DD80-3928-4617-876F-538A25AECB17}) (Version: 4.01.0000 - Sony Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)
MobileMe Control Panel (HKLM\...\{710BF966-43C8-4216-A8EC-BC4E169FF7C1}) (Version: 3.1.8.0 - Apple Inc.)
MSVCSetup (Version: 1.00.0000 - HP) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (Version: 110.0.180.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 11.0 (HKLM\...\HPOCR) (Version: 11.0 - HP)
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
OpenMG Limited Patch 4.7-07-15-19-01 (HKLM\...\OpenMG HotFix4.7-07-13-22-01) (Version: - )
OpenMG Secure Module (Version: 4.7.00.12140 - Sony Corporation) Hidden
OpenMG Secure Module 4.7.00 (HKLM\...\InstallShield_{CCD663AE-610D-4BDF-AAB0-E914B044527D}) (Version: 4.7.00.12140 - Sony Corporation)
PanoStandAlone (Version: 110.0.180.000 - Hewlett-Packard) Hidden
PS_AIO_04_C4580_ProductContext (Version: 110.0.218.000 - Hewlett-Packard) Hidden
PS_AIO_04_C4580_Software (Version: 110.0.218.000 - Hewlett-Packard) Hidden
PS_AIO_04_C4580_Software_Min (Version: 110.0.218.000 - Hewlett-Packard) Hidden
PSSWCORE (Version: 2.03.0000 - Hewlett-Packard) Hidden
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: - )
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
RoboForm 7-9-5-5 (All Users) (HKLM\...\AI RoboForm) (Version: 7-9-5-5 - Siber Systems)
Roxio Easy Media Creator Home (HKLM\...\{B7FB0C86-41A4-4402-9A33-912C462042A0}) (Version: 9.1.095 - Roxio)
Safari (HKLM\...\{FA4C2D53-205F-4245-9717-F3761154824D}) (Version: 5.34.57.2 - Apple Inc.)
Scan (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 3.1.00.09240 - Sony Corporation)
Skype™ 7.1 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.1.105 - Skype Technologies S.A.)
SmartWebPrinting (Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.3.00 - Sony Corporation)
Status (Version: 110.0.180.000 - Hewlett-Packard) Hidden
SupportSoft Assisted Service (HKLM\...\{5A3F6A80-7913-475E-8B96-477A952CFA43}) (Version: 15 - SupportSoft)
Toolbox (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (Version: 110.0.180.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VAIO Center Access Bar (HKLM\...\{C299F969-AE3D-4679-ADF5-682A186CE62E}) (Version: 1.00.1001 - Sony)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 1.0.01.09270 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{ABF29EC7-47C1-4C63-8FE7-3824FD66F357}) (Version: 2.1.00.09284 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 2.1.00.09284 - Sony Corporation) Hidden
VAIO Content Metadata Manager Setting (HKLM\...\{69351E9E-23ED-41D5-B146-EDBF83C63B66}) (Version: 2.1.00.09281 - Sony Corporation)
VAIO Content Metadata Manager Setting (Version: 2.1.00.09281 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{B5E2DF30-1061-4DB4-AF28-08996C8E5680}) (Version: 2.1.00.09202 - Sony Corporation)
VAIO Content Metadata XML Interface Library (Version: 2.1.00.09202 - Sony Corporation) Hidden
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 2.1.00.09190 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Center (HKLM\...\{E74F7423-77CB-4F6A-A44D-604E1010FE50}) (Version: 3.00.1005 - Sony)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.0.00.06280 - Sony Corporation)
VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 3.3.00.09200 - Sony Corporation)
VAIO Help and Support (HKLM\...\{D47FE987-EA3D-424B-9886-B752501D7CE7}) (Version: 4.00.1016.NRVP - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 1.1.00.09190 - Sony Corporation)
VAIO Media (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media 6.0 (HKLM\...\{560F6B2E-F0DF-44E5-8190-A4A161F0E205}) (Version: 6.0.10 - Sony Corporation)
VAIO Media AC3 Decoder 1.0 (HKLM\...\{2063C2E8-3812-4BBD-9998-6610F80C1DD4}) (Version: - )
VAIO Media Content Collection 6.0 (HKLM\...\{500162A0-4DD5-460A-BAFD-895AAE48C532}) (Version: - Sony Corporation)
VAIO Media Integrated Server 6.2 (HKLM\...\{785EB1D4-ECEC-4195-99B4-73C47E187721}) (Version: - Sony Corporation)
VAIO Media Redistribution 6.0 (HKLM\...\{5855C127-1F20-404D-B7FB-1FD84D7EAB5E}) (Version: 6.0.10 - Sony Corporation)
VAIO Media Registration Tool (Version: 6.0.10 - Sony Corporation) Hidden
VAIO Media Registration Tool 6.0 (HKLM\...\{AF9A04EB-7D8E-41DE-9EDE-4AB9BB2B71B6}) (Version: 6.0.10 - Sony Corporation)
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.1.00.10160 - Sony Corporation)
VAIO Movie Story (Version: 1.1.00.10160 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.1.00.09281 - Sony Corporation)
VAIO MusicBox (HKLM\...\{4EA55D20-27FB-45D7-8726-147E8A5F6C62}) (Version: 1.1.01.09240 - Sony Corporation)
VAIO OOBE and Welcome Center (HKLM\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 4.00.1015.US - Sony Corporation)
VAIO Original Function Setting (HKLM\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 1.2.00.11100 - Sony Corporation)
VAIO PC Wireless LAN Wizard (HKLM\...\{BCED773C-99EE-48DD-8915-25733F69F0A8}) (Version: 1.01.1015 - Sony)
VAIO Power Management (HKLM\...\{802889F8-6AF5-45A5-9764-CA5B999E50FC}) (Version: 2.3.00.10100 - Sony Corporation)
VAIO Productivity Center (HKLM\...\{BABC878D-BB64-4688-9A88-1D9E88F339A9}) (Version: 3.00.1015 - Sony)
VAIO Security Center (HKLM\...\{CFED0AE3-6D93-4745-B8A0-F3410B493CC4}) (Version: 6.00.1015 - Sony Corporation)
VAIO Service Utility (HKLM\...\VAIO Service Utility) (Version: 1.2.0.0 - Sony)
VAIO Smart Network (HKLM\...\{3B659FAD-E772-44A3-B7E7-560FF084669F}) (Version: 1.2.00.09200 - Sony Corporation)
VAIO Startup Assistant (HKLM\...\{DFD0E9A9-F24A-492B-8975-8C938E32408F}) (Version: 1.00.1019 - Sony)
VAIO Survey (HKLM\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 5.00.7207 - Sony)
VAIO Update 3 (HKLM\...\{48820099-ED7D-424B-890C-9A82EF00656D}) (Version: 3.0.04.09200 - Sony Corporation)
VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.0.00.09200 - Sony Corporation)
VideoToolkit01 (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B8.411 - InterVideo Inc.)
WinDVD for VAIO (Version: 8.0-B8.411 - InterVideo Inc.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1233255463-3445828113-3813920422-1000_Classes\CLSID\{16569F81-76A4-4339-8745-BE295A404D9B}\InprocServer32 -> C:\Users\Marzena\AppData\Local\Microsoft\Windows Sidebar\Gadgets\VideoSony.gadget\dll\AOLVideoGadgetHelper.dll (AOL)
CustomCLSID: HKU\S-1-5-21-1233255463-3445828113-3813920422-1000_Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InprocServer32 -> C:\Windows\system32\shell32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1233255463-3445828113-3813920422-1000_Classes\CLSID\{693566bc-21f8-401e-8d42-e2c5ce50dacc}\localserver32 -> C:\Users\Marzena\AppData\Local\Temp\{d5641912-e47a-429c-879e-cfe13eac7a13}\IDriver.NonElevated.exe N (the data entry has 6 more characters).
CustomCLSID: HKU\S-1-5-21-1233255463-3445828113-3813920422-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Marzena\AppData\Local\Citrix\GoToMeeting\2128\G2MOutlookAddin.dll (Citrix Online, a division of Citrix Systems, Inc.)
==================== Restore Points =========================
10-12-2014 20:26:23 Windows Update
17-12-2014 19:25:21 Scheduled Checkpoint
04-01-2015 06:19:20 Scheduled Checkpoint
15-01-2015 03:06:47 Windows Update
31-01-2015 16:59:05 Scheduled Checkpoint
03-02-2015 16:27:43 Scheduled Checkpoint
06-02-2015 12:38:23 Scheduled Checkpoint
07-02-2015 16:57:39 Scheduled Checkpoint
11-02-2015 04:00:56 Windows Update
12-02-2015 04:00:23 Windows Update
18-03-2015 03:00:57 Windows Update
20-03-2015 10:57:33 Scheduled Checkpoint
22-03-2015 13:31:06 Scheduled Checkpoint
29-03-2015 17:31:55 Scheduled Checkpoint
08-04-2015 19:28:04 Scheduled Checkpoint
10-04-2015 15:46:36 Scheduled Checkpoint
15-04-2015 03:01:13 Windows Update
26-04-2015 13:39:20 Scheduled Checkpoint
13-05-2015 02:26:12 Windows Update
20-05-2015 21:53:08 Installed AVG 2015
20-05-2015 21:55:19 Installed AVG 2015
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2006-11-02 06:23 - 2013-01-19 20:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {1D7CE238-E0F8-45AC-A507-CBA61809C9A2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {2EB59130-18A2-4FC5-8628-EA0CF8AB5F30} - System32\Tasks\G2MUpdateTask-S-1-5-21-1233255463-3445828113-3813920422-1000 => C:\Users\Marzena\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe [2015-04-12] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {43819CFE-ABB1-4A00-AD6E-089F82F8FD5A} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [2007-09-20] (Sony Corporation)
Task: {46A62644-6379-4029-A30A-B5B0AC08E98C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1233255463-3445828113-3813920422-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {7FF6CBBA-0C3D-4BFC-A32E-B7905B171D34} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {899ABE53-B0B0-4439-9C2D-73C16DEBA8DD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-11-22] (Piriform Ltd)
Task: {95C7C25A-7A34-47A1-9B45-3F63D33A633E} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1233255463-3445828113-3813920422-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {9C1BD2A3-C122-4867-BA55-E00C6B658DE3} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2014-03-05] (Siber Systems)
Task: {9CCCDE05-562B-4F7A-B431-E1E887B71245} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {B6F7E416-6150-4BFA-9784-34243C783ECE} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DEA31126-7F46-4DEC-BA00-87AE0B63F572} - System32\Tasks\VAIO Service Utility => C:\Program Files\Sony\VAIO Service Utility\VAIO-SU.exe [2007-09-26] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-1233255463-3445828113-3813920422-1000.job => C:\Users\Marzena\AppData\Local\Citrix\GoToMeeting\2553\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2007-10-30 23:28 - 2007-09-19 08:19 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2007-11-16 04:48 - 2007-09-20 13:23 - 00192512 _____ () C:\Program Files\Sony\Network Utility\Cg10u.dll
2007-06-05 17:20 - 2007-06-05 17:20 - 00177704 _____ () C:\Windows\system32\PSIService.exe
2014-08-12 12:34 - 2014-08-12 12:34 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2007-10-31 14:15 - 2007-08-14 23:05 - 00010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2007-10-31 14:15 - 2007-08-14 23:05 - 00009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2012-11-08 17:25 - 2012-11-08 17:25 - 00711112 ____N () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\13.2.0\ToolbarUpdater.exe
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
AlternateDataStreams: C:\Users\Marzena\Downloads\No Subject.eml:OECustomProperty
AlternateDataStreams: C:\Users\Marzena\Downloads\sexy polish girl,.pretty polish girl,..oh wait,...your german,..yuck!hahahahah.eml:OECustomProperty
AlternateDataStreams: C:\Users\Marzena\Downloads\WP_20140309_001_1.mp4:TOC.WMV
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\125sms.co.uk -> www.125sms.co.uk
There are 5179 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1233255463-3445828113-3813920422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Marzena\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
DNS Servers: 192.168.1.1
==================== MSCONFIG/TASK MANAGER Error getting ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{F8317929-2681-40EA-897C-7EF51BA6213D}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{0FA28B74-1E0D-4528-B81C-4B1AA2025BCA}] => (Allow) C:\Program Files\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{AB719F27-5EA1-43E6-AC46-D75F291539DB}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{9130DE31-8E9B-4363-AAA6-6A5449EC7A3B}] => (Allow) C:\Program Files\AVG\AVG2013\avgnsx.exe
FirewallRules: [{38F774B9-C7DC-4138-B3A7-F5B11A84A866}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{C79CB059-3416-43BF-A62F-FF35A88AE630}] => (Allow) C:\Program Files\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{38425B6C-EBCF-4F1A-BC41-2190EF6E535F}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
FirewallRules: [{C0FB682B-BD2B-49B3-B302-AEA8A6695B8C}] => (Allow) C:\Program Files\AVG\AVG2013\avgemcx.exe
FirewallRules: [TCP Query User{F3F2372A-4373-4661-8992-97226A176EEC}C:\users\marzena\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marzena\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{5F665B47-2415-4D1B-B2E9-DD491A248DB6}C:\users\marzena\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\marzena\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E72F654F-4581-4110-B118-AACC7E2087B9}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{44C3D899-CF93-4D5C-ABB3-81802CC27679}] => (Allow) C:\Program Files\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{B0BF69E2-3ECF-43E2-BC76-0C4D287A8DDC}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{AEBE025B-A7F5-4BEE-B194-7CF87FDC5384}] => (Allow) C:\Program Files\AVG\AVG2014\avgnsx.exe
FirewallRules: [{2E16F7E8-538E-456E-8173-6C38F28B1A9F}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{6BCEE2E6-C3F8-4C8F-8E45-F8CB0DD0B6DC}] => (Allow) C:\Program Files\AVG\AVG2014\avgdiagex.exe
FirewallRules: [{9FA7C062-3D24-446D-AF84-5446AAF01851}] => (Allow) C:\Program Files\AVG\AVG2014\avgemcx.exe
FirewallRules: [{207E2F0D-387D-47C8-B4C7-BDCFDA5ADB54}] => (Allow) C:\Program Files\AVG\AVG2014\avgemcx.exe
FirewallRules: [{3FCC91C5-9CB9-4748-BA0F-065578EA9839}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{86643738-0C74-40C1-88D4-3F5A5DCC0185}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{AA4E8E79-519B-42CD-8B80-693DC18F829F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{CD14626F-7EB6-4EB1-95D0-6402E58B552D}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{EAF7BF04-03CA-43A2-B80A-C9157BF4F19E}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{71D3A496-232F-43B1-AEB1-AA1E800AFB83}] => (Allow) C:\Program Files\AVG\AVG2015\avgnsx.exe
FirewallRules: [{15FA9F93-3EB4-43AE-B507-025A68D36066}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{DB49577B-16D9-4856-BDFE-360BBAAD6BDE}] => (Allow) C:\Program Files\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{0F7E8A91-CA2C-476B-8B61-D98D8A8A61DF}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{FD919CC2-B7F7-4F33-8005-114A3C09D257}] => (Allow) C:\Program Files\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{2CFF26E0-B555-4D0E-8B2A-0CD37660891F}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
FirewallRules: [{3F5A15EB-BCEA-47C3-9331-559DA6BC7C65}] => (Allow) C:\Program Files\AVG\AVG2015\avgemcx.exe
==================== Faulty Device Manager Devices =============
Name: Microsoft 6to4 Adapter #6
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #11
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #14
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #17
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #27
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #28
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft 6to4 Adapter #29
Description: Microsoft 6to4 Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #15
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
Name: Microsoft ISATAP Adapter #38
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2015 03:19:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1045
Error: (05/21/2015 03:19:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1045
Error: (05/21/2015 03:19:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/21/2015 02:39:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7254
Error: (05/21/2015 02:39:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7254
Error: (05/21/2015 02:39:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/21/2015 02:39:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6255
Error: (05/21/2015 02:39:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6255
Error: (05/21/2015 02:39:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/21/2015 02:39:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5226
System errors:
=============
Error: (05/21/2015 02:10:17 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service
Error: (05/21/2015 02:08:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Kaspersky Security Scan Service%%3
Error: (05/21/2015 02:08:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/21/2015 03:33:35 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
Error: (05/21/2015 02:00:07 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000VzCdbSvc
Error: (05/20/2015 10:08:40 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: HP CUE DeviceDiscovery Service
Error: (05/20/2015 10:06:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Kaspersky Security Scan Service%%3
Error: (05/20/2015 10:06:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
Error: (05/20/2015 10:03:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {C2BFE331-6739-4270-86C9-493D9A04CD38}
Error: (05/20/2015 09:59:56 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: AVGIDSAgent3758213661 (0xE001CA1D)
Microsoft Office:
=========================
Error: (11/15/2010 09:41:30 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3139 seconds with 540 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2015-05-21 18:37:57.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:57.406
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:56.909
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:56.414
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:55.888
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:55.394
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:54.901
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:54.404
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidsdriverx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:04.579
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
Date: 2015-05-21 18:37:04.087
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core2 Duo CPU T5450 @ 1.66GHz
Percentage of memory in use: 76%
Total physical RAM: 2037.69 MB
Available physical RAM: 474.46 MB
Total Pagefile: 4318.62 MB
Available Pagefile: 2342.8 MB
Total Virtual: 2047.88 MB
Available Virtual: 1886.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:224.97 GB) (Free:104.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 1C3B98CE)
Partition 1: (Not Active) - (Size=7.9 GB) - (Type=27)
Partition 2: (Active) - (Size=225 GB) - (Type=07 NTFS)
==================== End of log ============================