My 64-bit Windows 7 computer has been acting up for months. Mainly, it bogs down, with long pauses for basic operations like copy-paste, or lags between typing and the text appearing on the screen, or slow switching between windows. I was blaming the age of the computer but something has been trying to alter a registry entry for the Zone Alarm firewall. The following notification comes up every time I start Windows or recover from Sleep or Hibernation: "Host Process for Windows Services has attempted to replace or set a key in the registry. This action is currently not permitted. If you trust this program and believe it requires registry key access then give it permission. If it does not need registry key access, or you know that it should not access registry keys, then deny it." Specifically, I believe the regitry entry is directly associated with ZoneAlarm.
I have run AVG anti-virus, Super-Anti-Spyware, Malwarebytes Anti-Malware, ccleaner, and AVG quick tune. The spyware hits were all cookies. The only malware hits were installers I never executed.
Sometimes, on rare occasions, the OS will wig out, flipping through windows for example. When this happens, I usually turn off WiFi, just in case, then reboot.
One note: AVG has detected malware embedded in documents and programs provided to me by a federal agency in relation to my work in the legal field (criminal defense).
I have used this forum in the past with great results. Any assistance is greatly appreciated!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-04-2016
Ran by Smash (administrator) on SIDEKICK (13-04-2016 12:27:53)
Running from C:\Users\Smash\Desktop
Loaded Profiles: Smash (Available Profiles: Smash)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\loggingserver.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 5\program\soffice.bin
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-12-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [VAIO Boot Manager] => C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [734608 2010-12-08] (Sony Corporation)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134792 2015-11-07] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3862440 2016-03-02] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-03-23] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25577864 2016-03-11] (Dropbox, Inc.)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2885704 2016-04-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595480 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [164152 2016-03-19] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Run: [Google Update] => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-17] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\System32\guard64.dll => No File
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.34.dll [2016-03-11] (Dropbox, Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
BootExecute: autocheck autochk *
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78140506-3DA9-43FC-9C03-501AECB1EB41}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8B8DA989-FDFB-41C7-BB78-976F220F8519}: [NameServer] 8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{C9223372-2268-4123-9BCD-5BEE223CA547}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid={71B385E5-DF6C-422B-AECE-DB6B1C5A64AA}&mid=16a5e9a8e31b47d392c621f6d1861e67-6836faf8d93bb821b307b958f54771d0a399a126&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-18 14:31:31&v=4.2.8.608&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://us.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_ir_15_19¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1Qzu0FtD0B0FzyyByCtB0FyBzyyE0D0AyB0EtN0D0Tzu0StCtBtBtBtN1L2XzutAtFtCtDtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyB0AyBtD0ByDyBtBtGzytB0B0DtG0AtA0EtBtGyDtBzytAtGyC0E0F0AzztAyEzzyBzy0CyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAzzyC0B0FyByByDtGyCyB0CyBtGyEyCyByDtG0ByDtC0BtG0DzytCzy0BtByEyE0FyE0EyC2QtN0A0LzutBtN1B2Z1V1T1S1NzuyByEzz%26cr%3D1974302693%26a%3Dwncy_ir_15_19%26os%3DWindows 7 Home Premium
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> {41C80240-0AEC-44F8-8EE1-D2D3167B43F9} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=goughDev3&Lan=en&q={searchTerms}&gu=537ee2f78e924e5983f43b29474475b5&tu=10GXy008x2B0CO0&sku=&tstsId=&ver=&&r=535
SearchScopes: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={71B385E5-DF6C-422B-AECE-DB6B1C5A64AA}&mid=16a5e9a8e31b47d392c621f6d1861e67-6836faf8d93bb821b307b958f54771d0a399a126&lang=en&ds=AVG&coid=avgtbavg&cmpid=0316av&pr=fr&d=2016-03-18 14:31:31&v=4.2.8.608&pid=wtu&sg=&sap=dsp&q={searchTerms}
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files\WOT\WOT.dll [2011-11-03] ()
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll [2016-03-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.2.9.726\AVG Web TuneUp.dll [2016-04-12] (AVG)
BHO-x32: WOT Helper -> {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} -> C:\Program Files (x86)\WOT\WOT.dll [2011-11-03] ()
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-03-26] (Oracle Corporation)
Toolbar: HKLM - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Toolbar: HKLM-x32 - WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll [2011-11-03] ()
Toolbar: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Toolbar: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2011-11-03] ()
Handler-x32: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll [2011-11-03] ()
FireFox:
========
FF ProfilePath: C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\5r3eu10f.default-1456934033330
FF DefaultSearchEngine.US: DuckDuckGo
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_182.dll [2016-03-19] ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_182.dll [2016-03-19] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.2.9\\npsitesafety.dll [No File]
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll [No File]
FF Plugin-x32: @checkpoint.com/FFApi -> C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll [No File]
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files (x86)\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-03-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 -> C:\Program Files (x86)\Winamp Detect\npwachk.dll [2013-12-12] (Nullsoft, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/O1DPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-01] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\5r3eu10f.default-1456934033330\searchplugins\avg-secure-search.xml [2016-04-12]
FF SearchPlugin: C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\5r3eu10f.default-1456934033330\searchplugins\ixquick-https.xml [2016-03-07]
FF SearchPlugin: C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\5r3eu10f.default-1456934033330\searchplugins\startpage-ssl.xml [2016-03-07]
FF Extension: Bookmarks menu - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\5r3eu10f.default-1456934033330\extensions\[email protected] [2016-03-02]
FF Extension: NoScript - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\5r3eu10f.default-1456934033330\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-04-06]
FF Extension: AVG Web TuneUp - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\5r3eu10f.default-1456934033330\Extensions\[email protected] [2016-04-12]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker => not found
Chrome:
=======
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR Profile: C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Rapport) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-25]
CHR Extension: (Freemake Video Converter) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj [2015-02-26]
CHR Extension: (ZoneAlarm Chrome Toolbar) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\kgdcapepedmpopjkmdbjnmmmfgllnfek [2015-01-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-07]
CHR HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [kgdcapepedmpopjkmdbjnmmmfgllnfek] - C:\Users\Smash\AppData\Roaming\Check Point Software Technologies LTD\zonealarm\1.8.29.17\zonealarm.crx [2014-02-11]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2011-10-06]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3934184 2016-03-02] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1074448 2016-03-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-03-02] (AVG Technologies CZ, s.r.o.)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-02] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-10-02] (Dropbox, Inc.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
S2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2372080 2016-03-23] (IBM Corp.)
S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
S4 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-12] (DEVGURU Co., LTD.)
S4 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3722912 2015-11-07] (Check Point Software Technologies Ltd.)
R2 vToolbarUpdater40.2.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\ToolbarUpdater.exe [1964616 2016-04-12] (AVG Secure Search)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [1223752 2016-04-12] ()
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [96272 2015-10-19] (Check Point Software Technologies, Ltd.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-06] ()
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-06] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-26] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378288 2016-02-03] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [269232 2016-03-02] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [302000 2015-10-08] (AVG Technologies CZ, s.r.o.)
R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.)
S3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [75264 2010-11-18] (Intel Corporation) [File not signed]
S3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [173568 2010-11-18] (Intel Corporation) [File not signed]
S3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [81408 2010-11-18] (Intel Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 intaud_WaveExtensible; no ImagePath
S3 iwdbus; no ImagePath
R1 RapportCerberus_1609035; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1609035.sys [1156456 2016-03-30] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [544360 2016-03-23] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [215560 2016-03-23] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [236248 2013-04-02] (Trusteer Ltd.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [523432 2016-03-23] (IBM Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-04-29] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [25608 2016-03-06] (SlimWare Utilities, Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462304 2015-11-07] (Check Point Software Technologies Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U2 MSSQL$DDNI; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-13 12:29 - 2016-04-13 12:29 - 31367109 _____ C:\Users\Smash\Downloads\vlc-2.2.2-win64.exe
2016-04-13 12:28 - 2016-04-13 12:28 - 06868672 _____ (Piriform Ltd) C:\Users\Smash\Downloads\ccsetup516.exe
2016-04-13 12:28 - 2016-04-13 12:28 - 01371668 _____ (Igor Pavlov) C:\Users\Smash\Downloads\7z1514-x64.exe
2016-04-13 12:27 - 2016-04-13 12:29 - 00031878 _____ C:\Users\Smash\Desktop\FRST.txt
2016-04-13 12:27 - 2016-04-13 12:27 - 00000000 ____D C:\FRST
2016-04-13 12:25 - 2016-04-13 12:25 - 02375168 _____ (Farbar) C:\Users\Smash\Desktop\FRST64.exe
2016-04-13 11:46 - 2016-04-13 12:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-04-13 10:39 - 2016-04-13 10:39 - 00000022 _____ C:\Windows\S.dirmngr
2016-04-08 14:57 - 2016-04-08 14:57 - 00014227 _____ C:\Users\Smash\Desktop\Adobe_Christine.odt
2016-04-08 13:36 - 2016-04-08 13:36 - 00021623 _____ C:\Users\Smash\Downloads\170719.pdf
2016-04-08 13:35 - 2016-04-08 13:35 - 00367592 _____ C:\Users\Smash\Downloads\174375.pdf
2016-04-08 13:35 - 2016-04-08 13:35 - 00349674 _____ C:\Users\Smash\Downloads\174492.pdf
2016-04-08 13:35 - 2016-04-08 13:35 - 00028292 _____ C:\Users\Smash\Downloads\174639.pdf
2016-04-08 13:34 - 2016-04-08 13:34 - 00046581 _____ C:\Users\Smash\Downloads\174470.pdf
2016-04-08 13:32 - 2016-04-08 13:32 - 00037603 _____ C:\Users\Smash\Downloads\174790.pdf
2016-04-08 13:23 - 2016-04-08 13:24 - 00140852 _____ C:\Users\Smash\Downloads\1322.pdf
2016-04-08 12:16 - 2016-04-08 12:17 - 00000000 ____D C:\Users\Smash\Downloads\softarchive.net_Hayes_Carll_Lovers_And_Leavers_WEB_2016_ENTiTLED
2016-04-08 12:16 - 2016-04-08 12:16 - 00000000 ____D C:\Users\Smash\Downloads\softarchive.net_Hayes_Carll_Lovers_And_Leavers_WEB_2016_ENTiTLED(1)
2016-04-07 14:40 - 2016-04-07 14:40 - 22577787 _____ C:\Users\Smash\Downloads\Mormonism_Unveiled.pdf
2016-04-07 14:40 - 2016-04-07 14:40 - 11718018 _____ C:\Users\Smash\Downloads\mormonmenace00lewigoog.pdf
2016-04-07 14:35 - 2016-04-07 14:35 - 02113541 _____ C:\Users\Smash\Downloads\23519-pdf.pdf
2016-04-07 14:06 - 2016-04-07 14:06 - 02347694 _____ C:\Users\Smash\Downloads\The Mormon Passage of George D. Watt_ First British Convert Scri.pdf
2016-04-07 13:55 - 2016-04-07 13:55 - 14883996 _____ C:\Users\Smash\Downloads\Mormonism.pdf
2016-04-07 13:45 - 2016-04-07 13:45 - 11772269 _____ C:\Users\Smash\Downloads\mormonismitslea00hydegoog.pdf
2016-04-07 13:38 - 2016-04-07 13:38 - 00375425 _____ C:\Users\Smash\Downloads\914.pdf
2016-04-07 13:36 - 2016-04-07 13:36 - 19350721 _____ C:\Users\Smash\Downloads\[Jerald_Tanner]_The_Changing_World_of_Mormonism(BookZZ.org).pdf
2016-04-06 15:47 - 2016-04-06 15:57 - 01627136 _____ C:\Users\Smash\Documents\Claude2.rmgc
2016-04-06 10:42 - 2016-04-06 10:42 - 12494984 _____ C:\Users\Smash\Downloads\Brighams_Destroying_Angel_1000657827.pdf
2016-04-02 08:29 - 2016-04-07 14:54 - 00000000 ____D C:\Users\Smash\Desktop\Pilot
2016-04-02 08:27 - 2016-04-02 08:27 - 00001733 _____ C:\Users\Smash\Desktop\FWCox-JosephSmith share a wife.txt
2016-03-26 11:28 - 2016-03-26 11:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-26 11:27 - 2016-03-26 11:28 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-26 11:27 - 2016-03-26 11:27 - 00000000 ____D C:\Program Files\iPod
2016-03-26 10:48 - 2016-03-26 10:45 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2016-03-25 14:10 - 2016-03-25 14:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-18 14:31 - 2016-04-12 08:48 - 00000000 ____D C:\ProgramData\AVG Web TuneUp
2016-03-18 14:31 - 2016-04-12 08:48 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp
2016-03-18 14:31 - 2016-03-18 14:31 - 00000000 ____D C:\Users\Smash\AppData\Local\AVG Web TuneUp
2016-03-18 14:31 - 2016-03-18 14:31 - 00000000 ____D C:\ProgramData\AVG Secure Search
2016-03-18 14:31 - 2016-03-18 14:31 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2016-03-15 09:26 - 2016-03-15 09:26 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2016-03-15 09:26 - 2016-03-15 09:26 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-04-13 12:28 - 2015-10-02 13:23 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2016-04-13 12:16 - 2012-05-04 12:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-04-13 11:57 - 2015-02-26 11:23 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-13 11:39 - 2014-05-05 00:04 - 00000908 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA.job
2016-04-13 10:58 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-13 10:58 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-13 10:52 - 2015-10-02 13:23 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2016-04-13 10:49 - 2016-03-02 23:04 - 00537628 _____ C:\Windows\ntbtlog.txt
2016-04-13 10:39 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-13 01:01 - 2013-04-24 11:59 - 00000000 ____D C:\ProgramData\MFAData
2016-04-12 20:56 - 2015-05-27 09:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-04-12 14:39 - 2014-05-05 00:04 - 00000856 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core.job
2016-04-12 09:05 - 2013-04-29 16:15 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-08 14:57 - 2015-04-01 15:21 - 00641024 ___SH C:\Users\Smash\Desktop\Thumbs.db
2016-04-06 16:03 - 2014-05-28 09:39 - 01746944 _____ C:\Users\Smash\Documents\Keele.rmgc
2016-04-06 15:36 - 2014-05-28 09:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RootsMagic 6
2016-04-06 15:36 - 2014-05-28 09:18 - 00000000 ____D C:\Program Files (x86)\RootsMagic 6
2016-04-01 11:01 - 2014-08-19 15:24 - 00000000 ____D C:\Users\Smash\AppData\Local\Adobe
2016-03-31 17:11 - 2015-04-21 11:45 - 00000000 ____D C:\Users\Smash\AppData\Roaming\vlc
2016-03-30 18:40 - 2013-08-23 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2016-03-29 11:40 - 2012-11-06 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-03-28 15:16 - 2014-07-12 11:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-03-28 15:13 - 2014-07-12 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-03-28 15:13 - 2014-07-12 11:51 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-03-28 02:26 - 2011-10-05 23:54 - 00000000 ____D C:\Users\Smash\AppData\Local\CrashDumps
2016-03-26 11:28 - 2014-11-03 10:57 - 00000000 ____D C:\Program Files\iTunes
2016-03-26 11:27 - 2011-10-02 11:23 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-03-26 10:52 - 2011-08-19 12:23 - 00000000 ____D C:\Users\Smash\Documents\Admin
2016-03-26 10:48 - 2013-09-14 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-03-26 10:48 - 2011-10-01 21:44 - 00000000 ____D C:\Program Files (x86)\Java
2016-03-26 10:47 - 2011-10-01 21:45 - 00000000 ____D C:\Program Files\Java
2016-03-26 10:46 - 2015-09-02 14:46 - 00000000 ____D C:\Users\Smash\.oracle_jre_usage
2016-03-26 10:45 - 2015-11-21 20:37 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-03-26 10:42 - 2015-11-21 13:48 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2016-03-25 14:10 - 2015-10-02 13:23 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-03-24 19:39 - 2014-03-22 22:03 - 00000000 ____D C:\Users\Smash\Desktop\Copy
2016-03-23 19:18 - 2015-06-04 08:34 - 00215560 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2016-03-21 11:02 - 2009-07-13 23:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-21 11:02 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2016-03-20 13:07 - 2015-04-29 10:02 - 00001145 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Update.lnk
2016-03-19 17:46 - 2012-05-16 01:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-03-19 17:46 - 2012-05-16 01:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-03-19 10:35 - 2016-03-02 22:04 - 00001163 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-03-19 10:34 - 2012-05-16 01:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-03-19 10:32 - 2012-04-14 18:06 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-19 10:32 - 2011-10-05 23:57 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-18 14:31 - 2013-05-02 22:47 - 00000000 ____D C:\ProgramData\AVG Security Toolbar
2016-03-15 10:02 - 2014-03-31 10:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2016-03-15 09:26 - 2011-10-02 11:24 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-03-14 16:59 - 2016-02-23 18:19 - 00029446 _____ C:\Users\Smash\Desktop\MJ_AmazonGear2.odt
==================== Files in the root of some directories =======
2011-12-02 16:44 - 2011-12-02 16:44 - 0000278 _____ () C:\Users\Smash\AppData\Roaming\Fopydo.cfg
2011-12-02 16:44 - 2011-12-02 16:44 - 0000000 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0001024 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.pag
2011-12-02 16:44 - 2011-12-02 16:47 - 0004096 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0002048 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.pag
2013-03-28 12:07 - 2014-06-19 10:26 - 0005120 _____ () C:\Users\Smash\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-30 00:59 - 2011-10-30 00:59 - 0002412 _____ () C:\Users\Smash\AppData\Local\FastClean.20111030.005958.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0002423 _____ () C:\Users\Smash\AppData\Local\FastClean.20111107.225031.txt
2012-09-26 13:53 - 2012-09-26 13:53 - 0000036 _____ () C:\Users\Smash\AppData\Local\housecall.guid.cache
2011-10-17 12:46 - 2015-12-10 17:44 - 0006269 _____ () C:\Users\Smash\AppData\Local\ipublish.ini
2011-10-30 01:02 - 2011-10-30 01:02 - 0020956 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111030.010200.txt
2011-11-30 00:58 - 2011-11-30 00:58 - 0002507 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111129.235800.txt
2011-10-28 18:58 - 2011-10-28 18:58 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111028.185833.txt
2011-10-29 21:39 - 2011-10-29 21:39 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111029.213921.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0001690 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010044.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0000844 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010056.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0000673 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010118.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001665 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010125.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001283 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010136.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010148.txt
2011-10-30 01:02 - 2011-10-30 01:02 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010227.txt
2011-10-30 12:18 - 2011-10-30 12:18 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.121845.txt
2011-10-30 22:47 - 2011-10-30 22:47 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.224744.txt
2011-10-30 23:34 - 2011-10-30 23:34 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.233445.txt
2011-11-07 17:22 - 2011-11-07 17:22 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.162224.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195107.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195132.txt
2011-11-07 21:57 - 2011-11-07 21:57 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205752.txt
2011-11-07 21:59 - 2011-11-07 21:59 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205923.txt
2011-11-07 23:26 - 2011-11-07 23:26 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.222653.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0001559 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225052.txt
2011-11-07 23:55 - 2011-11-07 23:55 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225509.txt
2011-11-08 00:36 - 2011-11-08 00:36 - 0001630 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.233620.txt
2011-11-08 09:16 - 2011-11-08 09:16 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111108.081621.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0000663 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235743.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235759.txt
2013-02-02 23:54 - 2013-02-02 23:54 - 0007608 _____ () C:\Users\Smash\AppData\Local\Resmon.ResmonCfg
2015-12-07 10:34 - 2015-12-07 10:34 - 0000000 _____ () C:\Users\Smash\AppData\Local\{BB0833BE-4241-46E7-8141-B04A6DBB28DB}
2014-06-21 00:47 - 2014-06-21 00:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-04-07 12:50 - 2014-01-31 13:19 - 0009101 _____ () C:\ProgramData\hpzinstall.log
Some files in TEMP:
====================
C:\Users\Smash\AppData\Local\Temp\avguirn_08902266721.exe
C:\Users\Smash\AppData\Local\Temp\RM6Setup.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-02-03 14:47
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version:13-04-2016
Ran by Smash (2016-04-13 12:30:10)
Running from C:\Users\Smash\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-01 02:12:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4071271752-2530744919-2841666311-500 - Administrator - Disabled)
Guest (S-1-5-21-4071271752-2530744919-2841666311-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4071271752-2530744919-2841666311-1007 - Limited - Enabled)
Smash (S-1-5-21-4071271752-2530744919-2841666311-1001 - Administrator - Enabled) => C:\Users\Smash
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\uTorrent) (Version: 3.4.5.41712 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.144 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.182 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{FD8C1365-2229-4F37-A126-558DB2471CBE}) (Version: 7.0.828.1 - Mythicsoft Ltd)
Akamai NetSession Interface (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32-bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6F085FCD-4B6A-4F63-AF23-B74629C40797}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version: - )
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.369 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{158BEEC4-CC30-BF2F-248D-B52AF953E9C1}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}) (Version: 2.3.0.0 - ATI Technologies Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
AVG (Version: 16.51.7497 - AVG Technologies) Hidden
AVG 2016 (Version: 16.0.4545 - AVG Technologies) Hidden
AVG Protection (HKLM\...\AVG) (Version: 2016.51.7497 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.9.726 - AVG Technologies)
Bass Audio Decoder (remove only) (HKLM-x32\...\Bass Audio Decoder) (Version: - )
Best Buy pc app (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.1.1.0 - Best Buy) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (en-US) - Greyfirst)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.16.1 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.37 - Dropbox, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Express Scribe (HKLM-x32\...\Scribe) (Version: - NCH Software)
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.5.0.0 - NewsGator Technologies, Inc.)
ffdshow v1.3.4533 [2014-09-29] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4533.0 - )
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version: - FileHippo.com)
FMW 1 (Version: 1.72.2 - AVG Technologies) Hidden
Freemake Video Converter version 4.1.6 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.6 - Ellora Assets Corporation)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.21.135 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
ICMV Audio Codec (HKLM-x32\...\{2767EE80-D340-41F2-A922-F7F8114F9642}) (Version: 1.0.0 - PCS Inc.)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.40.0000 - Intel® Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPublish Vista Fix (HKLM-x32\...\{AA4258DE-83B2-4FAE-A36B-D5246B1CC529}) (Version: 1.00.0000 - IPRO Tech)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{8E7A6BD9-016E-4AA0-9A09-BB03537562D8}) (Version: 12.3.3.17 - Apple Inc.)
iTunes Export (HKLM-x32\...\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1) (Version: 2.2.2 - UNKNOWN)
iTunes Export (x32 Version: 2.2.2 - UNKNOWN) Hidden
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LAV Filters 0.64 (HKLM-x32\...\lavfilters_is1) (Version: 0.64 - Hendrik Leppkes)
LibreOffice 5.0 Help Pack (English (United States)) (HKLM-x32\...\{4F90B951-6F28-4899-B87B-FF2A822B337C}) (Version: 5.0.4.2 - The Document Foundation)
LibreOffice 5.0.5.2 (HKLM-x32\...\{43D862C3-739D-4FF6-91C0-25612368CC81}) (Version: 5.0.5.2 - The Document Foundation)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Filter Pack 2.0 (HKLM\...\{95140000-2000-0409-1000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Monkey's Audio (HKLM-x32\...\Monkey's Audio_is1) (Version: - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 45.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.0.2 (x86 en-US)) (Version: 45.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.2.5941 - Mozilla)
Mozilla Thunderbird 38.7.2 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 38.7.2 (x86 en-US)) (Version: 38.7.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nextiva Codec (HKLM-x32\...\{BE18FDC3-7E2E-4DE5-B471-DB74491768F2}) (Version: 61.7.5194 - Verint Video Solutions)
Nextiva Codec (x32 Version: 61.7.5194 - Verint Video Solutions) Hidden
OpenVPN 2.3.10-I602 (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
PCTDServiceActivation (HKLM-x32\...\{8C678F94-F511-443E-B543-F26EA1471DE6}) (Version: 1.0.0.0 - OakTree)
PDF Reader for Windows 7 (HKLM-x32\...\PDF Reader for Windows_is1) (Version: - PDFLogic Corporation)
PDFill FREE PDF Tools (HKLM\...\{60724DF0-7436-48B8-BEF9-07BA4C3880EE}) (Version: 9.0 - PlotSoft LLC)
PDFill FREE PDF Writer (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
Pixlr-o-matic (HKLM-x32\...\Pixlromatic) (Version: 2.1 - UNKNOWN)
Pixlr-o-matic (x32 Version: 2.1 - UNKNOWN) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: 5.4.0.0 - Popcorn Time)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Rapport (Version: 3.5.1205.20 - Trusteer) Hidden
Rapport (x32 Version: 3.5.1609.47 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
RootsMagic 6.3.3.2 (HKLM-x32\...\{94433E0D-764C-4964-AD0B-EC46BCA7E68E}_is1) (Version: RootsMagic 6.3.3.2 - RootsMagic, Inc.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scribus 1.4.5 (HKLM-x32\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
Shotcut (HKLM-x32\...\Shotcut) (Version: - )
Skype™ 7.13 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.13.101 - Skype Technologies S.A.)
SQLite Studio 1.0.0.0 (HKLM-x32\...\SQLite Studio) (Version: 1.0.0.0 - SQLite Studio)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Trelby (HKLM-x32\...\Trelby) (Version: 2.2.0.0 - Trelby.org)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1609.47 - Trusteer)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.4.0.11260 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (x32 Version: 4.1.0.10120 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{884A242B-BE5C-4F9F-9177-F44156A5D081}) (Version: 13.00.0927 - Sony Corporation)
VAIO Manual (x32 Version: 1.2.0.11040 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.4.0.12090 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO Wireless Wizard (x32 Version: 4.0.0.02180 - Sony) Hidden
VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.05 - NCH Software)
Vidiot (HKLM-x32\...\Vidiot) (Version: 0.3.14 - Eric Raijmakers)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
VSDC Free Video Editor version 3.1.0.354 (HKLM-x32\...\VSDC Free Video Editor_is1) (Version: 3.1.0.354 - Flash-Integro LLC)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
Widevine Media Optimizer Chrome 6.0.0 (HKLM-x32\...\optimizer_chrome) (Version: 6.0.0.12757 - Widevine Technologies)
WinDirStat 1.1.2 (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\WinDirStat) (Version: - )
Windows Driver Package - Apple Inc. Apple Keyboard (04/06/2009 3.0.0.0) (HKLM\...\831BF8DFEC5520D988361807D534A2041AE4AAB3) (Version: 04/06/2009 3.0.0.0 - Apple Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinrarPasswordRemover version 1.0.6.2 (HKLM-x32\...\{04A85C36-78A7-4BC3-A0F0-95774D83250C}_is1) (Version: 1.0.6.2 - winrarpasswordremover.com)
WOT for Internet Explorer (HKLM\...\{C0DA129B-1E45-494D-A362-5CD0109C306B}) (Version: 11.11.7.0 - WOT Services Oy)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
ZoneAlarm Firewall (x32 Version: 14.1.011.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 14.1.011.000 - Check Point)
ZoneAlarm Security (x32 Version: 14.1.011.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {018B1721-E072-4364-8D90-825EC7AF9CCF} - System32\Tasks\1114avUpdateInfo => C:\ProgramData\Avg_Update_1114av\1114av_AVG-Secure-Search-Update.exe
Task: {05D3968C-35F4-4561-86FB-A1293AB7AC50} - System32\Tasks\SONY\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {0BAE5C25-4291-4C90-A3AE-811C69454DDF} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
Task: {0BE49048-3F16-41B9-9D75-85D34A0C2F01} - System32\Tasks\{24631B87-D7C1-4886-ABEA-156E3C83D88C} => pcalua.exe -a C:\Users\Smash\AppData\Local\Temp\{D62A597A-1E4D-4185-818C-8C6525AC1D3F}\setup.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {0FF12B22-A136-4635-AB96-3F104735A8D1} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {12A1A51C-39DF-42E4-B8C2-0A5761280397} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {19B710C1-04F0-41E5-AA04-AA43436F3C11} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe
Task: {1AC20139-DB94-4423-A918-61F621A0B354} - System32\Tasks\{5F732CC5-BA84-4B3F-839A-7F48DFC6746B} => pcalua.exe -a C:\Users\Smash\Downloads\iview438_setup.exe -d C:\Users\Smash\Downloads
Task: {219E6605-38D3-43A6-8108-AF814A3B4A66} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {29FC249D-D34F-43D5-B31D-181F9C8A56AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2B73F4C9-58FC-4836-9CC8-19EC5E31D7B4} - System32\Tasks\{0AA94112-1785-4BD0-9EFB-458D4F6ED92A} => pcalua.exe -a C:\Users\Smash\Downloads\iview436_setup.exe -d C:\Users\Smash\Downloads
Task: {347297C6-E3B3-4E4E-830E-3CA99F987F60} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3B950FB6-7DFA-4609-B87E-3825D1A2D618} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {3C46779F-35B5-4001-9DDA-58C81235B229} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {40A096EE-B83B-4AAB-A5AE-A2934C93CF5C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {41819088-A8BC-4861-BB49-193E98E9D83E} - System32\Tasks\{D414B8ED-D6BC-49B8-9A63-E0CF52C539CE} => pcalua.exe -a C:\Users\Smash\AppData\Local\Temp\{4C41463B-8F1B-4758-845D-7B3CE5F8F956}\setup.exe -d "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63"
Task: {4EB1F4E6-6137-47B0-A9B2-A8B2F75B157B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {51B4A5F6-6823-490A-BB5C-AA90A70C35DC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {56A73690-8E97-4E76-892A-2858265A621D} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {57090A8A-30A7-47EC-9D0F-9BE28D4E7098} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {59A92FEC-435A-438C-B64B-EF8AF13FFBEE} - System32\Tasks\{8008C5DA-2CEC-4EC2-B27E-E5CB918B7477} => pcalua.exe -a C:\Users\Smash\Downloads\REDAUD-00241521-0042.EXE -d C:\Users\Smash\Downloads
Task: {5B6C7520-3BCE-4746-800E-5C6D69449108} - System32\Tasks\{219A881F-3E23-45A5-9CE7-7C69F791FC31} => pcalua.exe -a C:\Users\Smash\AppData\Local\Temp\GLF1B7A\TROUBL~1.EXE -d C:\Users\Smash\AppData\Local\Temp\GLF1B7A
Task: {5E4B7954-36B3-4FB7-87C6-D91AE43B797E} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {607C9AD0-62DE-4153-81EF-B78C7EC0D6F1} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {6AEEF879-56E0-4431-93EB-DA5E6C2698D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {77F59F2A-BD32-43C3-A267-191B769859C3} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {9D2D09BA-C6E5-49C9-AB25-42DD614DE70D} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A1311EF3-BCB8-4B7E-AC7B-2E688698C22A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {A490F319-E7B8-48D5-B3EB-13C66B0A8455} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {A4D65AE0-8F31-4727-8EA8-479FCE98C70E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {A75AC770-20E4-4ED3-B161-07722ED551B7} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {AB61E329-C56C-40B3-9A4E-4DA211E3A917} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {B589FCE7-016A-4E55-B8DE-F38A3943F31F} - System32\Tasks\{8FA53170-EF92-4001-89C4-00DF11A20276} => pcalua.exe -a C:\Users\Smash\Downloads\SOAOTH-00268817-1040.EXE -d C:\Users\Smash\Downloads
Task: {BA84E96E-FB88-4445-94CC-B9A271CC451D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {C4192730-EE4E-4D47-A048-B4B834F27125} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {C5DB83F2-4D6D-419A-9CE2-24B70BEA2775} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-10-02] (Dropbox, Inc.)
Task: {C7D17672-9B69-4B53-ACC5-57786DB5ABCF} - System32\Tasks\{3B79AAB1-A228-446F-B871-E205E30B5369} => pcalua.exe -a C:\Users\Smash\Downloads\A2DVID-00243349-0042.EXE -d C:\Users\Smash\Downloads
Task: {D75AD3A9-032C-4E12-A79F-2BEA1493016A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {DDC72502-CBAA-4122-AEAB-1752192F3201} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {E2743CE4-95F9-471E-BB60-B06476656696} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {ECC66BDA-76EF-4E7A-83E9-BD4B8B900194} - System32\Tasks\{AE1E4F9E-5CF0-4DBA-9477-DB881E746D26} => pcalua.exe -a C:\Users\Smash\Downloads\CYAOTH-00302475-1040.EXE -d C:\Users\Smash\Desktop
Task: {F1458236-19DB-471D-AA9A-2A02E2110BFF} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {F1A658EA-E1BE-42AD-B91A-EC9F534FE772} - System32\Tasks\Sony Corporation\VAIO Boot Manager\VAIO Boot Manager => C:\Program Files (x86)\Sony\VAIO Boot Manager\SetProcessTask.exe [2010-12-08] (Sony Corporation)
Task: {F978F1FB-15CE-42F7-8942-5F69635C319E} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {FBB01521-7038-41B9-A22D-2B4FFD38DA0F} - System32\Tasks\{6D7AA99A-FE84-4F4F-AF80-F2B78756374C} => pcalua.exe -a C:\Users\Smash\Downloads\iview437_setup.exe -d C:\Users\Smash\Downloads
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core.job => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA.job => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-03-18 14:31 - 2016-04-12 08:47 - 01223752 _____ () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2013-10-07 08:54 - 2013-10-07 08:54 - 00218112 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2016-04-12 08:48 - 2016-04-12 08:47 - 00192584 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\loggingserver.exe
2011-01-14 02:20 - 2011-01-14 01:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2016-03-18 14:31 - 2016-04-12 08:47 - 02885704 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2011-11-09 11:55 - 2011-11-09 11:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-12-22 03:53 - 2011-12-22 03:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2015-01-27 06:18 - 2015-01-27 06:18 - 02926800 _____ () C:\Program Files (x86)\FileHippo.com\FileHippo.AppManager.exe
2016-03-18 22:56 - 2016-03-18 22:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-07 08:49 - 2013-10-07 08:49 - 00221184 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2013-10-07 08:47 - 2013-10-07 08:47 - 00037888 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2013-10-07 08:44 - 2013-10-07 08:44 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2013-10-07 08:49 - 2013-10-07 08:49 - 00069632 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2013-10-07 08:49 - 2013-10-07 08:49 - 00628224 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-11.dll
2012-12-09 20:08 - 2010-12-23 17:24 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2016-04-12 08:48 - 2016-04-12 08:47 - 00533576 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.2.9\log4cplusU.dll
2014-10-20 17:31 - 2014-10-20 17:31 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll
2011-09-30 19:36 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-06-02 14:51 - 2015-06-02 14:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2015-10-24 09:05 - 2016-04-07 10:50 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll
2016-03-18 22:56 - 2016-03-18 22:56 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 01040488 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxml2.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 00372840 _____ () C:\Program Files (x86)\LibreOffice 5\program\glew32.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 00182376 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxslt.dll
2016-02-05 15:07 - 2016-02-05 15:07 - 00116328 _____ () C:\Program Files (x86)\LibreOffice 5\program\python3.dll
2016-02-05 12:38 - 2016-02-05 12:38 - 00049152 _____ () C:\Program Files (x86)\LibreOffice 5\program\python-core-3.3.3\lib\_socket.pyd
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [105]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100sexlinks.com -> 100sexlinks.com
There are 5315 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2012-09-30 12:42 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Smash\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: CLKMSVC10_9EC60124 => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostServiceSony => 3
MSCONFIG\Services: SampleCollector => 3
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDms => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Update service => 2
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VcmIAlzMgr => 3
MSCONFIG\Services: VcmINSMgr => 3
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Smash^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Smash\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: FoneLabAppService => C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
MSCONFIG\startupreg: Google Update => "C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PCTD Service Activation => "C:\Program Files (x86)\OakTree\PCTDServiceActivation\PCTDServiceActivation.exe" -checkcounter
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Smash\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{023C3592-320C-4971-9C93-4C75C7AC6B76}C:\users\smash\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\smash\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B13813CD-6B5E-459F-B7A1-804F20038605}C:\users\smash\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\smash\appdata\local\akamai\netsession_win.exe
FirewallRules: [{14544FC5-913F-4AD1-A367-22CEC5E88444}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{C2F437FC-47D2-46D8-A2BC-20160B61E050}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{EC3CEBF6-5C39-4AB0-BB43-C0AF2A458945}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{DE0F158B-E83B-4150-AF6D-8A2B6A08590F}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{DB8E8FA0-1970-40CC-B64E-3524CCB16848}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{08E3B29B-087A-498A-9AA4-9D4B14630EA5}] => (Allow) C:\Users\Smash\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{A41E20D1-FC46-42C5-907F-00033935E992}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{F60E6DFF-9523-4B41-82C7-635214E82701}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\VideoEditor.exe
FirewallRules: [{EF377A26-9C4E-42DC-85E6-9D3C6BABEF77}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{769FE128-E966-4457-B8C6-5030F238FDAD}] => (Allow) C:\Program Files (x86)\FlashIntegro\VideoEditor\Updater.exe
FirewallRules: [{0FB0AF28-BDCB-49A7-A3D6-C53077361EE8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43E4E20D-54A2-4507-8507-A9997CCF1F1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F403A9BC-C366-4599-9508-4666038E0037}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22686F09-5D7C-470B-9CE9-3E2AE058EAB0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3926585F-199C-4884-9D55-C868AC2101A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2E45D614-F044-42B7-A8BB-AC4701CE8FE2}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{25C472E6-4FE1-4113-B55D-5516C264E811}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{907646CD-68AD-4E56-A17D-52EFE1726DE1}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{2EFCB86C-68E7-4432-A2D5-840903AFDEE4}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{E418575D-E8C8-49FD-8B3C-B8183D3C9CF0}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{7C2E2B5F-0D14-4A24-87A6-C1090DAFEA09}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{3E491B7C-2BA9-44A2-BF30-1EC4D0B90F35}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{4384C372-CED3-4A1E-AC6B-9D635D21490B}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{3DAB5CA1-9A5F-4382-A0DB-A53E863CA1CC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{B0A3DA81-18EF-4DFF-8435-AC34A1B1EB76}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{8053A87D-A853-4E63-9DCF-FB862B308F93}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{B835312F-2993-466C-8967-89A53B6416CC}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{930C7A79-C26E-4B35-892A-4CBC45EEBE30}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{BBC93858-7350-4932-88D2-44AD9E3FB3CE}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{61019C97-75A2-41A7-97F9-294B7C6EF390}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{87BC04C5-E56B-40CC-A5FA-63DC13A34796}] => (Allow) LPort=2869
FirewallRules: [{3093A95B-4816-4CC1-996F-20E7D133163C}] => (Allow) LPort=1900
FirewallRules: [{2B546B05-E7A8-4D8C-A0AE-EEBACF834785}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A6ABC26A-5D24-45D1-B352-E25D4357FC43}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E586744B-9AE0-4D72-AADF-F76A668AD8F9}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E9123649-9321-4505-A048-32332A89E488}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{378C59B8-922A-493C-A35A-448FF5CC3BC8}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4A838782-A3D6-4BE5-A740-4120C11E6328}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0CC236CF-1E4B-499E-8E0B-038BAA5DFE5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0CCD8663-D654-4AF8-B574-C902B1A7EF40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{00F8A307-20C2-449E-8DB8-AC96FABF6569}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{405F5D56-C1DB-49A3-B19E-EC4FDC15DDC7}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{7A62D681-031D-4D3D-88AA-89C8C3E48E1D}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{CF1FD1B8-D1E5-43D3-AC65-B262857CD412}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{98BD9D17-FB70-4C68-B14A-542C7A86D206}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{EB68BEBD-8529-4730-BF67-F9BC5B730DD6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{263094E7-B747-4123-926C-F4ACEC18211F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{5EF931BC-F63D-4F00-B2D8-89FE753FC80B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe
FirewallRules: [{E97ADCC0-1EF3-4EBD-9DE9-4F0615EBBB99}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{DEF86CCD-7898-4A85-9310-A5E6EC9ECF8F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{9B13A7DF-7DB1-4295-8205-16BC206153BB}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{B9258C30-5BFD-4B2D-A18F-9783EA796FD7}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{2C7DC71B-CFFD-4E8F-9B0C-F38DA174E2B2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
06-03-2016 11:18:52 Removed AVG Driver Updater
19-03-2016 09:11:52 Installed iTunes
30-03-2016 18:39:23 Installed Rapport
==================== Faulty Device Manager Devices =============
Name: Intel® Centrino® Advanced-N + WiMAX 6250
Description: Intel® Centrino® Advanced-N + WiMAX 6250
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/13/2016 12:08:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5148
Error: (04/13/2016 12:08:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5148
Error: (04/13/2016 12:08:31 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/13/2016 12:08:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4040
Error: (04/13/2016 12:08:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4040
Error: (04/13/2016 12:08:30 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/13/2016 12:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3011
Error: (04/13/2016 12:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3011
Error: (04/13/2016 12:08:29 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/13/2016 12:08:28 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1997
System errors:
=============
Error: (04/13/2016 10:41:43 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service service terminated with the following error:
%%268439616
Error: (04/13/2016 01:49:44 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (04/12/2016 09:00:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service service terminated with the following error:
%%268439616
Error: (04/12/2016 04:52:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}
Error: (04/12/2016 04:52:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}
Error: (04/12/2016 08:46:48 AM) (Source: NetBT) (EventID: 4307) (User: )
Description: Initialization failed because the transport refused to open initial addresses.
Error: (04/10/2016 04:02:52 PM) (Source: Server) (EventID: 2505) (User: )
Description: The server could not bind to the transport \Device\NetBT_Tcpip_{C9223372-2268-4123-9BCD-5BEE223CA547} because another computer on the network has the same name. The server could not start.
Error: (04/08/2016 08:30:33 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Energy Server Service service terminated with the following error:
%%268439616
Error: (04/08/2016 08:28:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The ZoneAlarm Privacy Service service failed to start due to the following error:
%%1053
Error: (04/08/2016 08:28:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the ZoneAlarm Privacy Service service to connect.
CodeIntegrity:
===================================
Date: 2013-07-09 11:13:47.671
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-09 10:20:16.638
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-09 08:24:19.270
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-09 08:08:10.015
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-08 21:20:44.011
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-08 16:57:00.982
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-08 16:43:03.037
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-08 16:07:19.812
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-08 15:59:19.376
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-07-08 15:39:20.097
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 77%
Total physical RAM: 4011.86 MB
Available physical RAM: 890.35 MB
Total Virtual: 8021.93 MB
Available Virtual: 4638.68 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:454.75 GB) (Free:41.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 05776A7F)
Partition 1: (Not Active) - (Size=10.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Edited by blues71, 13 April 2016 - 12:51 PM.