Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Windows 7 will not update. Running slower than molasses in January.

Started by JoshE85 , Feb 22 2017 09:39 PM

Please log in to reply

#1
JoshE85

Posted 22 February 2017 - 09:39 PM

Member

Member
19 posts

I borrowed my mom my laptop and of course wrote it off for too many months before realizing she wasn't updating windows. Now I can't get windows to update. On top of this I'm quite positive it's now infected with either malware or a virus. I've run spybot, SUPERAntiSpyware, along with AVG. Spybot comes up with the same malware registry errors each time and says it fixed the problems, yet they come back and all the time windows will not update. Please help!!

#2
RKinner

Posted 22 February 2017 - 11:12 PM

Malware Expert

Expert
24,624 posts

I'm going to have this thread moved to malware. Should be transparent to you.

It's probably easier to just post the logs as you get them rather than saving them up for a big post.

Download : ADWCleaner to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer

NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).

Click on Scan and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.

The report will be saved in the C:\AdwCleaner folder.

Junkware-Removal-Tool

Please download Junkware Removal Tool to your desktop. Make sure you get the correct Download button. Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site

Pause your anti-virus. Close all browsers.

Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

Post the contents of JRT.txt into your next message.

Get FRST from http://www.bleepingc...very-scan-tool/You need to download the appropriate tool for your PC. If you don't know if you have a 32 or 64 bit system get them both. Only one will work and that's the right one.

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

Check the Addition.txt box

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste log back here.

It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

#3
JoshE85

Posted 22 February 2017 - 11:59 PM

Member

Topic Starter
Member
19 posts

Okay thanks for the response, I'll post the reports as soon as I get them.

#4
JoshE85

Posted 23 February 2017 - 12:41 AM

Member

Topic Starter
Member
19 posts

# AdwCleaner v6.043 - Logfile created 23/02/2017 at 00:30:07

# Updated on 27/01/2017 by Malwarebytes

# Database : 2017-02-23.1 [Local]

# Operating System : Windows 7 Home Premium Service Pack 1 (X64)

# Username : Josh - VAIO

# Running from : C:\Users\Josh\Downloads\AdwCleaner.exe

# Mode: Clean

# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

[-] Service deleted: vToolbarUpdater19.5.0

***** [ Folders ] *****

[-] Folder deleted: C:\ProgramData\Avg_Update_0215tb

[-] Folder deleted: C:\Users\Josh\AppData\Local\AVG SafeGuard toolbar

[-] Folder deleted: C:\Users\Josh\AppData\Local\AVG Secure Search

[-] Folder deleted: C:\Users\Josh\AppData\Local\PackageAware

[-] Folder deleted: C:\Users\Josh\AppData\LocalLow\AVG SafeGuard toolbar

[-] Folder deleted: C:\Users\Josh\AppData\LocalLow\Check Point Software Technologies LTD

[-] Folder deleted: C:\Users\Josh\AppData\Roaming\Check Point Software Technologies LTD

[-] Folder deleted: C:\Users\Josh\AppData\Roaming\eCyber

[-] Folder deleted: C:\Users\Josh\AppData\Roaming\iSafe

[-] Folder deleted: C:\Users\Mom\AppData\Local\AVG SafeGuard toolbar

[-] Folder deleted: C:\Users\Mom\AppData\Local\AVG Secure Search

[-] Folder deleted: C:\Users\Mom\AppData\LocalLow\AVG SafeGuard toolbar

[-] Folder deleted: C:\Users\Mom\AppData\LocalLow\Check Point Software Technologies LTD

[-] Folder deleted: C:\Program Files\Uninstaller

[-] Folder deleted: C:\Program Files\Common Files\AVG Secure Search

[-] Folder deleted: C:\ProgramData\AVG Secure Search

[-] Folder deleted: C:\ProgramData\Partner

[#] Folder deleted on reboot: C:\ProgramData\Application Data\AVG Secure Search

[#] Folder deleted on reboot: C:\ProgramData\Application Data\Partner

[-] Folder deleted: C:\Program Files (x86)\AVG SafeGuard toolbar

[-] Folder deleted: C:\Program Files (x86)\Check Point Software Technologies LTD

[-] Folder deleted: C:\Program Files (x86)\PrivateVPN

[-] Folder deleted: C:\Program Files (x86)\Common Files\AVG Secure Search

[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\Local\PackageAware

[-] Folder deleted: C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar

***** [ Files ] *****

[-] File deleted: C:\Windows\SysNative\log\iSafeKrnlCall.log

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_irismediainc.utop.it_0.localstorage

[#] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_foxi69.tlscdn.com_0.localstorage-journal

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_irismediainc.utop.it_0.localstorage

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_irismediainc.utop.it_0.localstorage-journal

[#] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_irismediainc.utop.it_0.localstorage

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_irismediainc.utop.it_0.localstorage-journal

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_view.contextualyield.com_0.localstorage

[-] File deleted: C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_view.contextualyield.com_0.localstorage-journal

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r1139-n-bc.exe

[-] Key deleted: HKLM\SOFTWARE\Classes\iMesh

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

[-] Key deleted: HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

[-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

[-] Key deleted: HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\iMesh

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{987D9269-F8A1-408F-BF62-4397D2F5363E}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E0722BEB-FDA1-4AA1-A2A8-15A74A5B3F70}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F1963E76-845B-474C-8C7F-D69A96D8AA34}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Key deleted: HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{06DEB529-DE09-43EC-B6E2-451AAB0FF000}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{E00DE9B9-B128-4C39-B732-B5D85013FA48}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}

[-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

[-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}

[-] Value deleted: HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

[-] Key deleted: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\Software\Check Point Software Technologies LTD

[-] Key deleted: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\Software\Imesh

[#] Key deleted on reboot: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\Software\iMesh

[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-756597455-3980464142-2539824116-1004\Software\Check Point Software Technologies LTD

[#] Key deleted on reboot: HKCU\Software\Check Point Software Technologies LTD

[#] Key deleted on reboot: HKCU\Software\Imesh

[#] Key deleted on reboot: HKCU\Software\iMesh

[-] Key deleted: HKLM\SOFTWARE\AVG Security Toolbar

[-] Key deleted: HKLM\SOFTWARE\Check Point Software Technologies LTD

[-] Key deleted: HKLM\SOFTWARE\SecureWebChannel

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-756597455-3980464142-2539824116-1004\Software\Check Point Software Technologies LTD

[#] Key deleted on reboot: [x64] HKCU\Software\Check Point Software Technologies LTD

[#] Key deleted on reboot: [x64] HKCU\Software\Imesh

[#] Key deleted on reboot: [x64] HKCU\Software\iMesh

[-] Key deleted: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\Software\Microsoft\Internet Explorer\SearchScopes\{CE9E4EE1-6B7B-4E60-92EB-5525BE464A15}

[#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CE9E4EE1-6B7B-4E60-92EB-5525BE464A15}

[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CE9E4EE1-6B7B-4E60-92EB-5525BE464A15}

[-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

[-] Key deleted: HKLM\SOFTWARE\Classes\PROTOCOLS\handler\viprotocol

[-] Key deleted: HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh

[-] Key deleted: HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

[#] Key deleted on reboot: HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

***** [ Web browsers ] *****

[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: search.aol.com

[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: www.ask.com

[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com

[-] [C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com

[-] [C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com

[-] [C:\Users\Mom\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com

*************************

:: "Tracing" keys deleted

:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [12474 Bytes] - [23/02/2017 00:30:07]

C:\AdwCleaner\AdwCleaner[S0].txt - [11841 Bytes] - [23/02/2017 00:17:30]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [12622 Bytes] ##########

#5
JoshE85

Posted 23 February 2017 - 01:40 AM

Member

Topic Starter
Member
19 posts

Fack, I just paused Antivirus in order to run JRT only to immediately get the blue sod. I'm currently recovering from a restore point a few days ago. Then I guess I'll start from the beginning again.

#6
JoshE85

Posted 23 February 2017 - 01:54 AM

Member

Topic Starter
Member
19 posts

Nevermind apparently I just majorly screwed up my computer.

#7
JoshE85

Posted 23 February 2017 - 02:15 AM

Member

Topic Starter
Member
19 posts

System Restore did not complete successfully. Your computer's system files and settings were not changed.

Details:
System Restore failed to replace the file (D:\ProgramData\Oracle\Java\javapath\java.exe) with its original copy from the restore point.
An unspecified error occurred during System Restore. (0x80070003)

#8
JoshE85

Posted 23 February 2017 - 02:16 AM

Member

Topic Starter
Member
19 posts

Ideas for my next action?

#9
RKinner

Posted 23 February 2017 - 07:58 AM

Malware Expert

Expert
24,624 posts

If windows is running then get a FRST scan with addition.txt checked and post both logs. If not running then

see:

http://www.geekstogo...l/#entry2151691

#10
JoshE85

Posted 23 February 2017 - 10:21 AM

Member

Topic Starter
Member
19 posts

I was able to open windows in safe mode, I was waiting to hear from you before I did anything further. I really appreciate your help as this is very frustrating. I will attempt to get the frst report, can that be done in safe mode or is it safe/ should I attempt logging into regular windows.

#11
JoshE85

Posted 23 February 2017 - 12:38 PM

Member

Topic Starter
Member
19 posts

took a gamble and opened windows normally, the system seems stable so here come the frst reports.

#12
JoshE85

Posted 23 February 2017 - 12:39 PM

Member

Topic Starter
Member
19 posts

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2017 01

Ran by Josh (administrator) on VAIO (23-02-2017 12:24:13)

Running from C:\Users\Josh\Downloads

Loaded Profiles: Josh (Available Profiles: Josh & Mom)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOCareService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe

(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNAP3LAK.EXE

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(CANON INC.) C:\Windows\System32\spool\drivers\x64\3\CNABHSWD.EXE

(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

() C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe

(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe

(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe

(Digital Delivery Networks, Inc.) C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

() C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe

() C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe

(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe

(ALPS) C:\Program Files\Apoint\Apvfb.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7938080 2009-09-16] (Realtek Semiconductor)

HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-09-16] (Realtek Semiconductor Corp.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [208384 2009-09-27] (Alps Electric Co., Ltd.)

HKLM\...\Run: [CNAP3 Launcher] => C:\Windows\system32\spool\DRIVERS\x64\3\CNAP3LAK.EXE [228520 2012-06-13] (CANON INC.)

HKLM\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-20] (AVG Technologies CZ, s.r.o.)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)

HKLM-x32\...\Run: [SmartWiHelper] => C:\Program Files (x86)\Sony\SmartWi Connection Utility\SmartWiHelper.exe [80384 2009-10-05] (Sony Electronics Corporation)

HKLM-x32\...\Run: [PMBVolumeWatcher] => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [597792 2009-10-24] (Sony Corporation)

HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-20] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134480 2016-06-16] (Check Point Software Technologies Ltd.)

HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [239672 2017-02-20] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

Winlogon\Notify\VESWinlogon: C:\Windows\SysWOW64\VESWinlogon.dll [2009-11-04] (Sony Corporation)

HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7946144 2017-02-06] (SUPERAntiSpyware)

HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7451928 2015-03-13] (Piriform Ltd)

HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2009-11-09]

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-756597455-3980464142-2539824116-1004] => Proxy is enabled.

ProxyServer: [S-1-5-21-756597455-3980464142-2539824116-1004] => localhost:21320

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1

Tcpip\..\Interfaces\{622E0485-02B6-46EF-92FD-D3A225DB638B}: [DhcpNameServer] 192.168.43.1

ManualProxies: 1localhost:21320

Internet Explorer:

==================

HKU\S-1-5-21-756597455-3980464142-2539824116-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT

SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT

SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SNNT

SearchScopes: HKU\S-1-5-21-756597455-3980464142-2539824116-1004 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

SearchScopes: HKU\S-1-5-21-756597455-3980464142-2539824116-1004 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =

SearchScopes: HKU\S-1-5-21-756597455-3980464142-2539824116-1004 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-02-20] (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-20] (Oracle Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-12-09] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-12-09] (Oracle Corporation)

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-20] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-20] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32.dll [No File]

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()

FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-12-09] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-12-09] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-09-22] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-21] (Google Inc.)

Chrome:

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxps://www.google.com/

CHR StartupUrls: Default -> "hxxps://www.google.com/"

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\PepperFlash\pepflashplayer.dll => No File

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\ppGoogleNaClPluginChrome.dll => No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\pdf.dll => No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll => No File

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll => No File

CHR Plugin: (Java™ Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll => No File

CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll => No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll => No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll => No File

CHR Profile: C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default [2017-02-23]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-27]

CHR Extension: (XFINITY® TV Go Stream Live TV Online) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbefpbidnpmpfbkledpohpejdcgfnfif [2015-02-16]

CHR Extension: (Chrome Media Router) - C:\Users\Josh\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-14]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)

S4 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1256872 2017-02-20] (AVG Technologies CZ, s.r.o.)

S4 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [725976 2017-01-09] (AVG Technologies CZ, s.r.o.)

R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)

S3 MSSQL$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)

R2 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [60416 2012-11-13] (Digital Delivery Networks, Inc.) [File not signed]

S2 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)

S2 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)

S4 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [189984 2009-09-16] (Realtek Semiconductor)

S4 SampleCollector; C:\Program Files\Sony\VAIO Care\collsvc.exe [167424 2009-09-17] (Intel Corporation) [File not signed]

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.)

R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.)

R2 SOHDBSvr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [70952 2009-10-15] (Sony Corporation)

R2 SOHPlMgr; C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [91432 2009-10-15] (Sony Corporation)

S4 SQLAgent$DDNI; C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.DDNI\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)

R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)

R2 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [69632 2009-09-14] (Sony Corporation) [File not signed]

R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [642416 2009-09-14] (Sony Corporation)

R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3746584 2016-06-16] (Check Point Software Technologies Ltd.)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1642544 2014-02-28] (Sony Corporation)

R2 VzCdbSvc; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [206336 2009-09-14] (Sony Corporation) [File not signed]

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

S4 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114424 2016-05-24] (Check Point Software Technologies, Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)

R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [77416 2017-01-20] ()

R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-22] (Malwarebytes)

R3 MBAMFarflt; C:\Windows\system32\drivers\farflt.sys [110536 2017-02-23] (Malwarebytes)

R3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [43968 2017-02-23] (Malwarebytes)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251848 2017-02-23] (Malwarebytes)

R2 regi; C:\Windows\SysWOW64\drivers\regi.sys [11032 2007-04-17] (InterVideo)

R2 risdptsk; C:\Windows\system32\drivers\risdsn64.sys [76288 2009-09-23] (REDC)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [462304 2016-06-16] (Check Point Software Technologies Ltd.)

U2 IAStorDataMgrSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 12:24 - 2017-02-23 12:25 - 00020388 _____ C:\Users\Josh\Downloads\FRST.txt

2017-02-23 12:21 - 2017-02-23 12:24 - 00000000 ____D C:\FRST

2017-02-23 12:15 - 2017-02-23 12:15 - 02423296 _____ (Farbar) C:\Users\Josh\Downloads\FRST64.exe

2017-02-23 02:06 - 2017-02-23 02:07 - 00083166 _____ C:\Windows\ntbtlog.txt

2017-02-23 02:06 - 2017-02-23 02:06 - 537192223 _____ C:\Windows\MEMORY.DMP

2017-02-23 02:06 - 2017-02-23 02:06 - 00275952 _____ C:\Windows\Minidump\022317-32744-01.dmp

2017-02-23 01:25 - 2017-02-21 20:11 - 00029944 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avg114C.tmp

2017-02-23 01:24 - 2017-02-21 20:12 - 00992488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgB946.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00555152 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgC359.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00456936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgA074.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00336920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgAC78.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00311592 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgA880.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00311472 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgC676.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00192096 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgAAB3.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00165624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avg9D95.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00163512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgCCEC.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00127072 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgBF51.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00101624 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgBB0B.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00075664 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgBFFE.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00050848 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgAED9.tmp

2017-02-23 01:24 - 2017-02-21 20:11 - 00039288 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgBEC4.tmp

2017-02-23 00:44 - 2017-02-23 00:44 - 01638400 _____ (Malwarebytes) C:\Users\Josh\Downloads\JRT.exe

2017-02-23 00:11 - 2017-02-23 02:22 - 00000000 ____D C:\AdwCleaner

2017-02-23 00:06 - 2017-02-23 00:07 - 04015056 _____ C:\Users\Josh\Downloads\AdwCleaner.exe

2017-02-22 23:22 - 2017-02-22 23:22 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys

2017-02-22 23:21 - 2017-02-23 12:08 - 00251848 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2017-02-22 23:21 - 2017-02-23 12:08 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys

2017-02-22 23:21 - 2017-02-23 12:08 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys

2017-02-22 23:21 - 2017-02-23 02:07 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys

2017-02-22 23:20 - 2017-02-23 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-02-22 23:20 - 2017-02-23 02:26 - 00002020 _____ C:\Users\Public\Desktop\Malwarebytes.lnk

2017-02-22 23:20 - 2017-02-22 23:20 - 00000000 ____D C:\Program Files\Malwarebytes

2017-02-22 23:20 - 2017-01-20 07:47 - 00077416 _____ C:\Windows\system32\Drivers\mbae64.sys

2017-02-22 23:16 - 2017-02-22 23:17 - 55566792 _____ (Malwarebytes ) C:\Users\Josh\Downloads\mb3-setup-consumer-3.0.6.1469.exe

2017-02-21 20:12 - 2017-02-21 20:11 - 00397800 ____N (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe

2017-02-21 20:01 - 2017-02-21 20:01 - 03449304 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Josh\Downloads\AVG_Protection_Free_1606 (1).exe

2017-02-21 07:22 - 2017-02-22 07:22 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task eb07178b-1098-4b11-a4ea-5349236356d5.job

2017-02-21 07:22 - 2017-02-21 07:24 - 00003388 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task eb07178b-1098-4b11-a4ea-5349236356d5

2017-02-21 04:22 - 2017-02-23 04:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2017-02-21 04:22 - 2017-02-21 04:22 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk

2017-02-21 04:14 - 2017-02-21 04:14 - 29303536 _____ (SUPERAntiSpyware) C:\Users\Josh\Downloads\SUPERAntiSpyware (1).exe

2017-02-20 22:32 - 2016-12-09 00:02 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2017-02-20 22:22 - 2017-02-21 21:46 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater

2017-02-19 21:56 - 2017-02-19 21:56 - 00221662 _____ C:\Users\Josh\Downloads\MicrosoftProgram_Install_and_Uninstall.meta.diagcab

2017-02-19 21:53 - 2016-03-17 17:04 - 05551336 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2017-02-19 21:53 - 2016-03-17 17:04 - 00706280 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi

2017-02-19 21:53 - 2016-03-17 17:04 - 00154344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2017-02-19 21:53 - 2016-03-17 17:01 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2017-02-19 21:53 - 2016-03-17 17:01 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi

2017-02-19 21:53 - 2016-03-17 16:58 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2017-02-19 21:53 - 2016-03-17 16:57 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2017-02-19 21:53 - 2016-03-17 16:57 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2017-02-19 21:53 - 2016-03-17 16:57 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll

2017-02-19 21:53 - 2016-03-17 16:56 - 02084864 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2017-02-19 21:53 - 2016-03-17 16:54 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2017-02-19 21:53 - 2016-03-17 16:54 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2017-02-19 21:53 - 2016-03-17 16:53 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2017-02-19 21:53 - 2016-03-17 16:53 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2017-02-19 21:53 - 2016-03-17 16:53 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2017-02-19 21:53 - 2016-03-17 16:53 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2017-02-19 21:53 - 2016-03-17 16:50 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll

2017-02-19 21:53 - 2016-03-17 16:50 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2017-02-19 21:53 - 2016-03-17 16:50 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll

2017-02-19 21:53 - 2016-03-17 16:36 - 03998952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2017-02-19 21:53 - 2016-03-17 16:36 - 03943144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2017-02-19 21:53 - 2016-03-17 16:33 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2017-02-19 21:53 - 2016-03-17 16:31 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2017-02-19 21:53 - 2016-03-17 16:31 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2017-02-19 21:53 - 2016-03-17 16:29 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2017-02-19 21:53 - 2016-03-17 16:29 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll

2017-02-19 21:53 - 2016-03-17 16:27 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2017-02-19 21:53 - 2016-03-17 16:27 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2017-02-19 21:53 - 2016-03-17 16:26 - 00553984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2017-02-19 21:53 - 2016-03-17 16:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2017-02-19 21:53 - 2016-03-17 16:24 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll

2017-02-19 21:53 - 2016-03-17 15:53 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe

2017-02-19 21:53 - 2016-03-17 15:38 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2017-02-19 21:53 - 2016-03-17 15:37 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2017-02-19 21:53 - 2016-03-17 15:37 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2017-02-19 21:53 - 2015-09-14 15:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe

2017-02-19 21:52 - 2016-03-17 17:04 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2017-02-19 21:52 - 2016-03-17 16:58 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2017-02-19 21:52 - 2016-03-17 16:58 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2017-02-19 21:52 - 2016-03-17 16:57 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll

2017-02-19 21:52 - 2016-03-17 16:57 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2017-02-19 21:52 - 2016-03-17 16:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2017-02-19 21:52 - 2016-03-17 16:54 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2017-02-19 21:52 - 2016-03-17 16:54 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:31 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2017-02-19 21:52 - 2016-03-17 16:31 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2017-02-19 21:52 - 2016-03-17 16:31 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2017-02-19 21:52 - 2016-03-17 16:30 - 00171520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2017-02-19 21:52 - 2016-03-17 16:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2017-02-19 21:52 - 2016-03-17 16:30 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2017-02-19 21:52 - 2016-03-17 16:29 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2017-02-19 21:52 - 2016-03-17 16:28 - 01414144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2017-02-19 21:52 - 2016-03-17 16:27 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2017-02-19 21:52 - 2016-03-17 16:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2017-02-19 21:52 - 2016-03-17 16:25 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 16:24 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 15:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys

2017-02-19 21:52 - 2016-03-17 15:52 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe

2017-02-19 21:52 - 2016-03-17 15:51 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2017-02-19 21:52 - 2016-03-17 15:44 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2017-02-19 21:52 - 2016-03-17 15:43 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2017-02-19 21:52 - 2016-03-17 15:41 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2017-02-19 21:52 - 2016-03-17 15:35 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2017-02-19 21:52 - 2016-03-17 15:35 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2017-02-19 21:52 - 2016-03-17 15:30 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2017-02-19 21:52 - 2016-03-17 15:30 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2017-02-19 21:52 - 2016-03-17 15:30 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2017-02-19 21:52 - 2016-03-17 15:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2017-02-19 21:52 - 2016-03-17 15:29 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2017-02-19 21:52 - 2016-03-17 15:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 15:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 15:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2017-02-19 21:52 - 2016-03-17 15:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2017-02-19 21:52 - 2016-03-15 18:16 - 00760320 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll

2017-02-19 21:52 - 2016-03-15 18:16 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll

2017-02-19 21:52 - 2016-03-15 17:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll

2017-02-19 21:52 - 2015-09-23 07:18 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys

2017-02-19 21:52 - 2015-09-23 07:18 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll

2017-02-19 21:52 - 2015-09-23 07:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00994760 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:07 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00922432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll

2017-02-19 21:45 - 2015-11-19 08:06 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll

2017-02-19 21:45 - 2015-10-29 11:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll

2017-02-19 21:45 - 2015-10-29 11:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll

2017-02-19 21:45 - 2015-10-29 11:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe

2017-02-19 21:45 - 2015-10-29 11:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll

2017-02-19 21:45 - 2015-10-29 11:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll

2017-02-19 21:45 - 2015-10-29 11:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll

2017-02-19 21:45 - 2015-10-29 11:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe

2017-02-19 21:44 - 2015-12-20 12:50 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2017-02-19 21:44 - 2015-12-20 12:50 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2017-02-19 21:44 - 2015-12-20 08:08 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll

2017-02-19 21:43 - 2016-02-09 03:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\seclogon.dll

2017-02-19 21:43 - 2016-01-20 18:51 - 00073664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys

2017-02-19 21:08 - 2016-02-04 19:19 - 00381440 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll

2017-02-19 21:08 - 2016-02-04 12:41 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll

2017-02-17 04:06 - 2017-02-22 03:03 - 00000000 ____D C:\Users\Josh\AppData\Local\ElevatedDiagnostics

2017-02-17 04:00 - 2017-02-17 04:00 - 00313366 _____ C:\Users\Josh\Downloads\WindowsUpdate.diagcab

2017-01-30 16:07 - 2017-01-30 16:09 - 00000000 ____D C:\Users\Josh\Documents\CC Registry Back up

2017-01-27 20:40 - 2017-01-27 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point

2017-01-27 20:32 - 2017-01-27 20:32 - 00138439 _____ C:\Users\Josh\Downloads\Arrow Employment Application.pdf

2017-01-27 20:15 - 2017-01-27 20:15 - 00255785 _____ C:\Users\Josh\Downloads\EligibilityNotice_edd23b1481296841628.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-23 12:21 - 2009-07-13 22:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2017-02-23 12:21 - 2009-07-13 22:45 - 00010096 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2017-02-23 12:05 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2017-02-23 04:03 - 2016-12-09 00:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen

2017-02-23 04:03 - 2016-12-09 00:01 - 00000000 ____D C:\ProgramData\Avg

2017-02-23 04:03 - 2015-04-13 18:31 - 00000000 ___RD C:\Users\Josh\iCloudDrive

2017-02-23 04:03 - 2015-04-06 18:35 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy

2017-02-23 04:03 - 2015-04-03 17:51 - 00000000 ___SD C:\Windows\system32\GWX

2017-02-23 04:03 - 2013-12-09 21:47 - 00000000 ____D C:\Program Files\SUPERAntiSpyware

2017-02-23 04:03 - 2013-11-01 16:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-02-23 04:03 - 2013-09-03 18:14 - 00000000 ____D C:\Users\Josh

2017-02-23 04:03 - 2009-07-14 01:44 - 00000000 ___RD C:\Users\Public\Recorded TV

2017-02-23 04:03 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf

2017-02-23 02:06 - 2014-09-28 18:45 - 00000000 ____D C:\Windows\Minidump

2017-02-23 01:22 - 2017-01-04 23:59 - 00000000 ____D C:\Users\Josh\AppData\Local\AvgSetupLog

2017-02-23 00:28 - 2013-12-08 00:05 - 00000000 ____D C:\Windows\system32\log

2017-02-22 23:20 - 2013-12-09 21:49 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-02-21 21:47 - 2015-04-12 18:47 - 00003600 _____ C:\Windows\System32\Tasks\Video Service Cleaner

2017-02-21 21:47 - 2013-09-09 22:09 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute

2017-02-21 21:47 - 2013-09-03 18:31 - 00003304 _____ C:\Windows\System32\Tasks\VAIO Care Service

2017-02-21 21:46 - 2015-05-01 19:02 - 00000000 ____D C:\Users\Mom

2017-02-21 21:46 - 2015-03-29 13:10 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC

2017-02-21 21:46 - 2013-09-03 18:31 - 00003118 _____ C:\Windows\System32\Tasks\VAIO Care

2017-02-21 21:46 - 2013-09-03 17:47 - 00003330 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2017-02-21 21:46 - 2013-09-03 17:47 - 00003202 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2017-02-21 20:43 - 2015-03-29 13:03 - 00000000 ____D C:\Users\Josh\AppData\Roaming\Azureus

2017-02-21 20:27 - 2016-12-09 00:03 - 00003600 _____ C:\Windows\System32\Tasks\AVG EUpdate Task

2017-02-21 20:21 - 2015-07-05 12:01 - 00000000 ____D C:\Program Files\Common Files\AV

2017-02-21 20:21 - 2015-06-25 18:57 - 00000000 ____D C:\Users\Josh\AppData\Local\Avg

2017-02-21 20:21 - 2013-09-08 12:50 - 00000000 ____D C:\ProgramData\MFAData

2017-02-21 20:15 - 2016-12-09 00:22 - 00000000 ____D C:\Users\Josh\AppData\Roaming\AVG

2017-02-21 20:08 - 2013-09-09 22:06 - 00000000 ____D C:\Program Files (x86)\AVG

2017-02-21 20:06 - 2016-12-09 00:06 - 00000984 _____ C:\Users\Public\Desktop\AVG.lnk

2017-02-21 01:43 - 2013-09-03 17:46 - 00000000 ____D C:\Windows\Sonysys

2017-02-20 22:31 - 2014-09-15 13:20 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2017-02-20 22:30 - 2013-09-03 17:49 - 00000000 ____D C:\Program Files\Java

2017-02-20 22:22 - 2015-04-06 18:34 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2

2017-02-20 22:21 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\sysprep

2017-02-20 04:39 - 2009-07-13 23:13 - 00873342 _____ C:\Windows\system32\PerfStringBackup.INI

2017-02-18 18:19 - 2015-03-27 03:09 - 00000000 ____D C:\Users\Josh\AppData\Local\Amazon Music

2017-02-17 03:56 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF

2017-02-15 03:16 - 2013-09-28 19:36 - 00000952 ___SH C:\ProgramData\KGyGaAvL.sys

2017-01-31 07:17 - 2014-03-25 20:07 - 00000000 ____D C:\Users\Josh\Documents\ID's

2017-01-27 20:40 - 2015-04-06 20:53 - 00439048 _____ C:\Windows\system32\Drivers\vsconfig.xml

2017-01-27 20:40 - 2015-04-06 20:53 - 00000762 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk

==================== Files in the root of some directories =======

2015-03-30 16:14 - 2015-03-30 16:14 - 0009662 _____ () C:\Users\Josh\AppData\Roaming\em_64x64.ico

2015-11-27 04:47 - 2015-11-27 06:32 - 0000128 _____ () C:\Users\Josh\AppData\Roaming\wklnhst.dat

2015-04-06 15:28 - 2015-04-06 15:28 - 0000017 _____ () C:\Users\Josh\AppData\Local\resmon.resmoncfg

2015-03-29 12:17 - 2015-03-29 12:17 - 0000000 _____ () C:\Users\Josh\AppData\Local\{2DC2FE9B-9340-4B59-9059-5A1B2C001745}

2014-02-18 21:14 - 2014-02-18 21:14 - 0000057 _____ () C:\ProgramData\Ament.ini

2013-09-28 19:36 - 2017-02-15 03:16 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-16 23:14

==================== End of FRST.txt ============================

#13
JoshE85

Posted 23 February 2017 - 12:40 PM

Member

Topic Starter
Member
19 posts

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2017 01

Ran by Josh (23-02-2017 12:25:56)

Running from C:\Users\Josh\Downloads

Windows 7 Home Premium Service Pack 1 (X64) (2013-09-04 00:14:00)

Boot Mode: Normal

==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-756597455-3980464142-2539824116-500 - Administrator - Disabled)

Guest (S-1-5-21-756597455-3980464142-2539824116-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-756597455-3980464142-2539824116-1009 - Limited - Enabled)

Josh (S-1-5-21-756597455-3980464142-2539824116-1004 - Administrator - Enabled) => C:\Users\Josh

Mom (S-1-5-21-756597455-3980464142-2539824116-1007 - Limited - Enabled) => C:\Users\Mom

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}

AS: Spybot - Search and Destroy (Disabled - Out of date) {A16C3F68-9280-E053-1818-342707FECF4D}

AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 10 ActiveX (HKLM-x32\...\{B7B3E9B3-FB14-4927-894B-E9124509AF5A}) (Version: 10.0.32.18 - Adobe Systems, Inc.)

Adobe Flash Player 10 Plugin (HKLM-x32\...\{0DFB3DE8-65B9-44FF-AA0A-3BECC5A2BFD1}) (Version: 10.0.32.18 - Adobe Systems, Inc.)

Adobe Reader 9.1.2 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A91000000001}) (Version: 9.1.2 - Adobe Systems Incorporated)

Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)

Amazon Music (HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\Amazon Amazon Music) (Version: 3.8.1.754 - Amazon Services LLC)

Apple Application Support (32-bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)

Apple Application Support (64-bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)

ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)

AVG (HKLM\...\AvgZen) (Version: 1.151.2.59606 - AVG Technologies)

AVG Protection (HKLM\...\AVG) (Version: 2016.141.7998 - AVG Technologies)

AVG Zen (Version: 1.151.26 - AVG Technologies) Hidden

BitTorrent (HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\BitTorrent) (Version: 7.9.2.39589 - BitTorrent Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon Laser Printer/Scanner/Fax Extended Survey Program (HKLM\...\Canon Laser Printer/Scanner/Fax Extended Survey Program) (Version: 1.2.11.10002 - CANON INC.)

Canon Laser Printer/Scanner/Fax Extended Survey Program (Version: 1.2.11 - CANON INC.) Hidden

Canon LBP6030 6040 6018L Uninstaller (HKLM\...\Canon LBP6030 6040 6018L) (Version: 6, 1, 0, 0 - Canon Inc.)

CCleaner (HKLM\...\CCleaner) (Version: 5.04 - Piriform)

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.5.109 - Corel Inc.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Evernote (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 3.5.0.545 - Evernote Corp.)

FMW 1 (Version: 1.163.1 - AVG Technologies) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden

HP Deskjet 3050A J611 series Basic Device Software (HKLM\...\{1B77E249-B8D5-4E5E-8848-693ACEF84E6D}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

iCloud (HKLM\...\{309768A4-A2BB-4930-A5A2-8169678C9B4C}) (Version: 4.0.6.28 - Apple Inc.)

Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1892 - Intel Corporation)

Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)

iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)

Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)

Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)

Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.1.0.10210 - Sony Corporation)

Media Gallery (x32 Version: 1.1.0.10210 - Sony Corporation) Hidden

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version: - Microsoft Corporation)

Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft SQL Server 2008 Setup Support Files (HKLM-x32\...\{BA4DA261-CB60-4690-B202-44998DFC6986}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Works (HKLM-x32\...\{67E03279-F703-408F-B4BF-46B5FC8D70CD}) (Version: 9.7.0621 - Microsoft Corporation)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)

PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)

PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.0.00.10260 - Sony Corporation)

PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{88C252C8-A7EE-4B60-BF74-8E5919A8048F}) (Version: 1.0.00.09250 - Sony Corporation)

PMB VAIO Edition Guide (x32 Version: 1.0.00.09250 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.0.00.10160 - Sony Corporation)

PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.0.00.10160 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.0.00.10150 - Sony Corporation)

PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.0.00.10150 - Sony Corporation) Hidden

PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.0.00.10130 - Sony Corporation)

PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.0.00.10130 - Sony Corporation) Hidden

QuickBooks Financial Center (HKLM-x32\...\{0F962B79-D0DC-40D9-96BA-ED1355120CBA}) (Version: 1.30.0000 - Intuit Inc.)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5886 - Realtek Semiconductor Corp.)

Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.14.0 - SAMSUNG Electronics Co., Ltd.)

Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)

Service Pack 1 for SQL Server 2008 (KB968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)

Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.11200 - Sony Corporation)

SmartWi Connection Utility (HKLM-x32\...\{9B5F85CA-90D4-4AFC-BB37-32477FD0D2B9}) (Version: 4.9.4.20091005.2246 - Sony)

Sony Home Network Library (HKLM-x32\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 2.0.1.10160 - Sony Corporation)

Sony Home Network Library (x32 Version: 2.0.1.10160 - Sony Corporation) Hidden

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1236 - SUPERAntiSpyware.com)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)

VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 5.0.3.11130 - Sony Corporation)

VAIO Content Metadata Intelligent Analyzing Manager (HKLM-x32\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.0.09250 - Sony Corporation)

VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.0.09250 - Sony Corporation) Hidden

VAIO Content Metadata Intelligent Network Service Manager (HKLM-x32\...\{4427F384-B5BE-4769-B7D0-C784FC321EB1}) (Version: 3.6.0.09080 - Sony Corporation)

VAIO Content Metadata Intelligent Network Service Manager (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden

VAIO Content Metadata Manager Settings (HKLM-x32\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)

VAIO Content Metadata Manager Settings (x32 Version: 3.6.0.09240 - Sony Corporation) Hidden

VAIO Content Metadata XML Interface Library (HKLM-x32\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)

VAIO Content Metadata XML Interface Library (x32 Version: 3.6.0.09080 - Sony Corporation) Hidden

VAIO Content Monitoring Settings (HKLM-x32\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.4.1.09180 - Sony Corporation)

VAIO Content Monitoring Settings (x32 Version: 2.4.1.09180 - Sony Corporation) Hidden

VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.0.10160 - Sony Corporation)

VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)

VAIO Data Restore Tool (x32 Version: 1.2.0.09150 - Sony Corporation) Hidden

VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.0.00.09240 - Sony Corporation)

VAIO Entertainment Platform (HKLM-x32\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.6.0.09150 - Sony Corporation)

VAIO Entertainment Platform (x32 Version: 3.6.0.09150 - Sony Corporation) Hidden

VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.11040 - Sony Corporation)

VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden

VAIO Help and Support (HKLM-x32\...\{DB1C9CB7-DF65-4991-BD17-71BF9CD15BA0}) (Version: 10.00.1029 - Sony Corporation)

VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.1.10160 - Sony Corporation)

VAIO Media plus Opening Movie (HKLM-x32\...\{6BF03C88-C06A-48DC-B9A1-FE72B24E5FA9}) (Version: 2.0.0.07030 - Sony Corporation)

VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.0.00.09240 - Sony Corporation)

VAIO Movie Story Template Data (x32 Version: 2.0.00.09240 - Sony Corporation) Hidden

VAIO OOBE and Startup Assistant (HKLM-x32\...\{1B500D37-E7CF-480B-8054-8A563594EC4E}) (Version: 2.00.1110 - Sony Corporation)

VAIO Original Function Settings (HKLM-x32\...\{A63E7492-A0BC-4BB9-89A7-352965222380}) (Version: 2.0.0.07010 - Sony Corporation)

VAIO Original Function Settings (x32 Version: 2.0.0.07010 - Sony Corporation) Hidden

VAIO Personalization Manager (HKLM-x32\...\{A95187EF-BCF4-4468-B501-C0BAB976ADD1}) (Version: 2.0.0.06220 - Sony Corporation)

VAIO Personalization Manager (x32 Version: 2.0.0.06220 - Sony Corporation) Hidden

VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.11180 - Sony Corporation)

VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.2.0.3 - Sony Corporation)

VAIO Quick Web Access (x32 Version: 1.2.0.3 - Sony Corporation) Hidden

VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.1.0.09020 - Sony Corporation)

VAIO Survey (HKLM-x32\...\{34B37A74-125E-4406-87BA-E4BD3D097AE5}) (Version: 6.00.1028 - Sony Corporation)

VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.2.06030 - Sony Corporation)

VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)

VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)

VAIO Window Organizer (HKLM-x32\...\{6D320CE8-79EB-4D45-8C6D-DEF74D84B49A}) (Version: 2.0.0.08280 - Sony Corporation)

VD64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden

WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)

Windows Driver Package - Broadcom Bluetooth (06/15/2009 6.2.0.9000) (HKLM\...\6B8550A319DDC8B17F35F4A89988705E4592349B) (Version: 06/15/2009 6.2.0.9000 - Broadcom)

Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)

Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)

ZoneAlarm Firewall (x32 Version: 14.2.255.000 - Check Point Software Technologies Ltd.) Hidden

ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 14.2.255.000 - Check Point)

ZoneAlarm Security (x32 Version: 14.2.255.000 - Check Point Software Technologies Ltd.) Hidden

ZoneAlarm Security Toolbar (HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B3DC6A1-F0B4-44AE-B09C-44EAD2647265} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-12-12] (Oracle Corporation)

Task: {1CAAFDFE-CC4C-496B-B43F-344068E19877} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)

Task: {2A3115BA-0B84-4490-9D8F-CDF5BC461D04} - System32\Tasks\Sony\Java Update => C:\Program Files\Java\jre6\bin\jusched.exe

Task: {3AAD811F-04DA-4C2A-BB0F-E5F4B3B18B27} - System32\Tasks\Canon\OIPPESP\Canon OIP Product Extended Survey Program => C:\Program Files\Canon\OIPPESP\Cnpspcnt.exe [2013-08-30] (CANON INC.)

Task: {649C430F-54F3-47C1-A8B9-2D9E2F25DF5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09] (Google Inc.)

Task: {66333BD5-396A-4567-9514-04FBBDBA8D64} - System32\Tasks\Video Service Cleaner => C:\Program Files (x86)\Video Service\VideoService.exe <==== ATTENTION

Task: {7E9E9A34-C715-4687-A8A3-E7756CC412BB} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)

Task: {90D58A4A-8685-4AD3-BF54-C83B3115B01D} - System32\Tasks\Sony\OOBEReminder => C:\Program Files\Sony\First Experience\OOBEFcdRegistration.exe [2009-11-05] (Sony Electronics, Inc.)

Task: {92DB2401-DB00-4332-9A00-D9EA8E240DCE} - System32\Tasks\Sony\OOBESendInfo => C:\Program Files\Sony\First Experience\OOBESendInfo.exe [2009-11-05] ()

Task: {9523CD65-216D-44DD-9C3A-FFD2A034EDE0} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)

Task: {A3643014-F405-4B81-9F72-803D2D190DCB} - System32\Tasks\VAIO Care Service => C:\Program Files\Sony\VAIO Care\VAIOCareService.exe [2009-10-21] (Sony Corporation)

Task: {A3ADCF77-B1F1-4756-B6C1-736971F99C7D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)

Task: {A8E66B3F-8F0B-4E73-A3DE-04BBDE64F96B} - System32\Tasks\SUPERAntiSpyware Scheduled Task eb07178b-1098-4b11-a4ea-5349236356d5 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)

Task: {AD8E02C2-F691-47AA-BCEE-82438297F7B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-09] (Google Inc.)

Task: {B11CDC25-D744-4ADD-8CA8-536700AF6EB2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)

Task: {B158BDF8-D77A-4B08-B080-7B21AF3B7169} - System32\Tasks\Games\UpdateCheck_S-1-5-21-756597455-3980464142-2539824116-1004

Task: {E1ADE1B6-5EB4-4874-8B34-F5921F56E91C} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe

Task: {E1DF3531-6E45-41E3-A8B6-505FDBC44634} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-03-13] (Piriform Ltd)

Task: {F129461C-D8FB-4503-9A2B-79051C910BAB} - System32\Tasks\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2009-10-19] (Sony Corporation)

Task: {F8EFE358-CEB7-41C9-8AAA-636230155B2B} - System32\Tasks\Sony\VAIO Survey => C:\Program Files (x86)\Sony\VAIO Survey\VAIO Sat Survey.exe [2009-10-26] ()

Task: {FBA012BF-AB30-40E4-B0C5-516F982AA8B4} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)

Task: {FC5EF149-E9B0-4AE8-8901-50B11681A17D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task eb07178b-1098-4b11-a4ea-5349236356d5.job => C:\Program Files\SUPERAntiSpyware\SASTask.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2015-03-20 17:12 - 2015-03-20 17:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-09-03 18:03 - 2009-10-05 14:57 - 00016384 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\CCP.exe

2013-09-03 18:03 - 2009-10-05 14:42 - 00017920 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\ThirdPartyAppMgr.exe

2013-09-03 18:03 - 2009-10-05 14:42 - 00033792 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\PowerManager.exe

2013-09-03 18:31 - 2009-09-30 00:50 - 00238080 _____ () C:\Program Files\Sony\VAIO Care\ManagedVAIORecovery.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00075264 _____ () C:\Program Files\Sony\VAIO Care\VAIORecovery.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00069632 _____ () C:\Program Files\Sony\VAIO Care\Logging.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00028672 _____ () C:\Program Files\Sony\VAIO Care\VAIOCommon.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00206336 _____ () C:\Program Files\Sony\VAIO Care\OsServices.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00043008 _____ () C:\Program Files\Sony\VAIO Care\PluginFactory.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00043520 _____ () C:\Program Files\Sony\VAIO Care\XMLTools.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00059392 _____ () C:\Program Files\Sony\VAIO Care\VAIOInstallAppsDrivers.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00156160 _____ () C:\Program Files\Sony\VAIO Care\InstallDB.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00137216 _____ () C:\Program Files\Sony\VAIO Care\InstallationTools.dll

2013-09-03 18:31 - 2009-09-30 00:50 - 00024576 _____ () C:\Program Files\Sony\VAIO Care\VAIOUtility.dll

2017-02-22 23:20 - 2017-01-20 07:47 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll

2017-02-22 23:20 - 2017-01-20 07:47 - 02829776 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\arwlib.dll

2016-12-09 00:03 - 2016-12-09 00:03 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll

2015-04-06 18:35 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2015-04-06 18:35 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2015-04-06 18:35 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2013-09-03 18:03 - 2009-10-05 14:42 - 00121856 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SonyCommonLib.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00007680 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DebugMsg.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00009728 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Resources.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\SharedInterfaces.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00018944 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\DictionaryLookup.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\MessageXML.dll

2015-04-06 18:35 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2015-04-06 18:35 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.ThirdPartyApp.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00023040 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Generic.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00027648 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.BtPower.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00005120 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.Generic.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00015360 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.NativeWifiThirdPartyApp.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00011264 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.TosBtThirdPartyApp.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00006656 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.Plugin.WlanPower.dll

2013-09-03 18:03 - 2009-10-05 14:42 - 00004608 _____ () C:\Program Files (x86)\Sony\SmartWi Connection Utility\Kinoubi.Plugins.PluginManager.Power.dll

2013-09-03 18:38 - 2009-10-15 17:34 - 00376832 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\sqlite3.dll

2013-09-03 18:38 - 2009-11-04 19:32 - 00010752 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll

2013-09-03 18:38 - 2009-11-04 19:32 - 00009728 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com

IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com

IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com

IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com

IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com

IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com

IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com

IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\007guard.com -> install.007guard.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\008i.com -> 008i.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\008k.com -> www.008k.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\00hq.com -> www.00hq.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\010402.com -> 010402.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\0scan.com -> www.0scan.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\1-2005-search.com -> www.1-2005-search.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\1-domains-registrations.com -> www.1-domains-registrations.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\1000gratisproben.com -> www.1000gratisproben.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\1001namen.com -> www.1001namen.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\100888290cs.com -> mir.100888290cs.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\100sexlinks.com -> www.100sexlinks.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\10sek.com -> www.10sek.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\12-26.net -> user1.12-26.net

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\12-27.net -> user1.12-27.net

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\123fporn.info -> www.123fporn.info

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\123haustiereundmehr.com -> www.123haustiereundmehr.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\123moviedownload.com -> www.123moviedownload.com

IE restricted site: HKU\S-1-5-21-756597455-3980464142-2539824116-1004\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2015-04-06 19:36 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com

127.0.0.1 007guard.com

127.0.0.1 008i.com

127.0.0.1 www.008k.com

127.0.0.1 008k.com

127.0.0.1 www.00hq.com

127.0.0.1 00hq.com

127.0.0.1 010402.com

127.0.0.1 www.032439.com

127.0.0.1 032439.com

127.0.0.1 www.0scan.com

127.0.0.1 0scan.com

127.0.0.1 1000gratisproben.com

127.0.0.1 www.1000gratisproben.com

127.0.0.1 1001namen.com

127.0.0.1 www.1001namen.com

127.0.0.1 100888290cs.com

127.0.0.1 www.100888290cs.com

127.0.0.1 www.100sexlinks.com

127.0.0.1 100sexlinks.com

127.0.0.1 10sek.com

127.0.0.1 www.10sek.com

127.0.0.1 www.1-2005-search.com

127.0.0.1 1-2005-search.com

127.0.0.1 123fporn.info

127.0.0.1 www.123fporn.info

127.0.0.1 123haustiereundmehr.com

127.0.0.1 www.123haustiereundmehr.com

127.0.0.1 123moviedownload.com

127.0.0.1 www.123moviedownload.com

There are 15463 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-756597455-3980464142-2539824116-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\Josh\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.43.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: !SASCORE => 2

MSCONFIG\Services: ACDaemon => 2

MSCONFIG\Services: Apple Mobile Device Service => 2

MSCONFIG\Services: AvgAMPS => 3

MSCONFIG\Services: AVGIDSAgent => 2

MSCONFIG\Services: avgsvc => 2

MSCONFIG\Services: avgwd => 2

MSCONFIG\Services: Bonjour Service => 2

MSCONFIG\Services: btwdins => 2

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: IAANTMON => 2

MSCONFIG\Services: iPod Service => 2

MSCONFIG\Services: IviRegMgr => 2

MSCONFIG\Services: Oasis2Service => 2

MSCONFIG\Services: PMBDeviceInfoProvider => 2

MSCONFIG\Services: PSI_SVC_2 => 2

MSCONFIG\Services: Roxio UPnP Renderer 10 => 2

MSCONFIG\Services: Roxio Upnp Server 10 => 2

MSCONFIG\Services: RtkAudioService => 2

MSCONFIG\Services: SampleCollector => 3

MSCONFIG\Services: SOHCImp => 2

MSCONFIG\Services: SOHDBSvr => 2

MSCONFIG\Services: SOHDms => 2

MSCONFIG\Services: SOHDs => 2

MSCONFIG\Services: SOHPlMgr => 2

MSCONFIG\Services: uCamMonitor => 2

MSCONFIG\Services: VAIO Entertainment TV Device Arbitration Service => 2

MSCONFIG\Services: VAIO Event Service => 2

MSCONFIG\Services: VAIO Power Management => 3

MSCONFIG\Services: VCFw => 2

MSCONFIG\Services: VcmIAlzMgr => 3

MSCONFIG\Services: VcmINSMgr => 3

MSCONFIG\Services: VcmXmlIfHelper => 2

MSCONFIG\Services: vToolbarUpdater19.5.0 => 2

MSCONFIG\Services: VUAgent => 3

MSCONFIG\Services: VzCdbSvc => 2

MSCONFIG\Services: ZAPrivacyService => 2

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C77875C6-C440-4538-806F-83BC1EBDD838}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{6FFCDE32-257F-4B92-A3D3-F4439CE37485}] => (Allow) svchost.exe

FirewallRules: [{1E3B16C2-4407-458C-9627-9E8E640DFF90}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe

FirewallRules: [{1E8EC5AC-17D7-47F3-85E1-81A2B8A95E33}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{7B705F01-6E32-4F3A-98F3-4525BED8FF94}] => (Allow) LPort=2869

FirewallRules: [{0F2A843F-A3B3-4E3E-8759-75F3281D2A23}] => (Allow) LPort=1900

FirewallRules: [{D0A68632-55A0-4C8C-9E40-2318B87AADE6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{E81E552F-6A5A-4270-AC3E-9B5493281095}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{5CB31DA6-436E-4D03-97D0-1EA8CA2E64D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{D0A5D2FC-EE89-4F07-9018-56F4B1CA64C0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{C9C6EF36-6DD9-4414-BA4D-2F1EB6CD13B8}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\DeviceSetup.exe

FirewallRules: [{A76D61FC-891D-48DD-A1E5-9CD909DB968D}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe

FirewallRules: [{CE543982-99AA-44C4-8AE2-49F399D5DA3E}] => (Allow) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe

FirewallRules: [{2A43B96C-6ADC-41C7-850D-0C9B967471DE}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{B9E3BBAC-AE57-4E80-8E2C-97C2BA9DFF6D}] => (Allow) C:\Users\Josh\AppData\Roaming\BitTorrent\BitTorrent.exe

FirewallRules: [{3C4580B7-C681-45CB-9A5D-DD650737C145}] => (Allow) C:\Program Files\iTunes\iTunes.exe

FirewallRules: [{36370332-BF46-448A-8511-B68EAAB44460}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

FirewallRules: [{EFA33CFE-6A71-4B9B-8F6F-4C7AC6DB525D}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

FirewallRules: [{A3331403-4DEB-464B-946C-23FEE41FE19A}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

FirewallRules: [{6AE6C716-A965-456A-829F-3A21D3DFBF0C}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe

FirewallRules: [{ACB9AB01-02BE-460C-9EC5-BE8AA0EA3337}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{1060831B-4464-4CCB-BB1C-570463F1133C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{F6633C6F-1B60-437F-AB80-F2F073CDDB2A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe

FirewallRules: [{B171EAEA-7977-46F8-8F82-55A957D473D6}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

FirewallRules: [{2022F912-A531-484D-8BC4-1659D215394A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater

StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

18-02-2017 23:09:19 Windows Update

19-02-2017 23:22:46 Windows Update

20-02-2017 00:06:40 Windows Update

20-02-2017 04:18:37 Windows Update

21-02-2017 20:13:05 Device Driver Package Install: AVG Technologies Network Service

21-02-2017 20:16:06 Removed AVG

21-02-2017 20:18:33 Removed AVG 2016

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:

==================

Error: (02/23/2017 12:07:36 PM) (Source: VzCdbSvc) (EventID: 7) (User: )

Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (02/23/2017 12:07:35 PM) (Source: VzCdbSvc) (EventID: 7) (User: )

Description: Failed to load the plug-in module. (GUID = {48512A59-C8A5-4805-9048-23C9E4194BFA})(Error code = 0x80042000)

Error: (02/23/2017 12:06:17 PM) (Source: MSSQLServerADHelper100) (EventID: 100) (User: )

Description: '0' is an invalid number of start up parameters. This service takes two start up parameters.

Error: (02/23/2017 12:05:59 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksWP.exe".