Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Laptop Working Very Slowly


  • Please log in to reply

#1
steerock

steerock

    Member

  • Member
  • PipPip
  • 11 posts

My laptop has slowed down its performance considerably recently.  It takes a long time to boot up and programs which used to run easily together now take ages to move from one screen to the next.  Streaming video and music is often very slow or not working at all.  It's a big change in general.  Here are my Farbar results.  Any help would be greatly appreciated. Thanks.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2017
Ran by Steven (administrator) on STEVEN-VAIO (14-03-2017 19:23:08)
Running from C:\Users\Steven\Downloads
Loaded Profiles: Steven (Available Profiles: Steven)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
() C:\Program Files (x86)\PURE Flow Server\twonkymediaserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Trend Micro Inc.) C:\Users\Steven\Downloads\HijackThis.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_Plugin.exe [1269336 2016-12-28] (Adobe Systems Incorporated)
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {1ea397d7-76bc-11e1-a95c-78843cce4804} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {1ea39865-76bc-11e1-a95c-78843cce4804} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {1eeed60e-949b-11e1-a668-889ffadde1ab} - E:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {39929d4e-249e-11e1-bc8a-889ffadde1ab} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {39929d5b-249e-11e1-bc8a-889ffadde1ab} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {3f67d399-2580-11e1-a468-889ffadde1ab} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {557b76fa-9836-11e1-9053-78843cce4804} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {a2070423-9518-11e1-8104-78843cce4804} - E:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {aefd8ef9-8090-11e1-acde-001e101f1ed9} - E:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {dd19bad6-f62d-11e2-a44b-889ffadde1ab} - E:\Autorun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {e6e3aa3b-24c3-11e1-a30a-889ffadde1ab} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-09] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2040362551-1992677624-864970315-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{21F82B78-34F0-447E-AF1C-1E62054430EA}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131090029093873987&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131090029093873987&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131090029093973988&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
SearchScopes: HKLM -> DefaultScope {3737072F-5A8F-2EE6-8712-044DB87DB92A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3737072F-5A8F-2EE6-8712-044DB87DB92A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {3624F650-B084-AC23-231E-7A9E580E85EE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {3624F650-B084-AC23-231E-7A9E580E85EE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {2DF17E1C-60E0-4309-8FAA-5276BBF0F59D} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&intl=uk&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {54891980-DFFF-4A9B-A4DE-89364EC77B87} URL = hxxp://uk.shopping.com/?linkin_id=8056359
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {86D3D0F1-70CC-407B-8A29-F6C3243609ED} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {CD33A181-6D1A-4985-9933-1810166F1C4C} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-15/4?satitle={searchTerms}
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-09] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-09] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-18] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}

FireFox:
========
FF DefaultProfile: 7cqt8q83.default
FF ProfilePath: C:\Users\Steven\AppData\Roaming\mozilla\firefox\Profiles\7cqt8q83.default [2017-03-14]
FF user.js: detected! => C:\Users\Steven\AppData\Roaming\mozilla\firefox\Profiles\7cqt8q83.default\user.js [2015-06-13]
FF Homepage: mozilla\firefox\Profiles\7cqt8q83.default -> hxxps://www.google.co.uk
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-09]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-28] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-18] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2040362551-1992677624-864970315-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Steven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.co.uk/
CHR DefaultSearchURL: Profile 1 -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Profile 1 -> Yahoo
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default [2016-10-25]
CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (avast! Ad Blocker) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-11-18] [UpdateUrl: hxxps://update.adblockplus.org/avast-adblocker.xml] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Yahoo Web) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-11-19]
CHR Extension: (Twitch Styler) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\odhlabjijhhjhgmfpbajmhkepfpmaogh [2015-11-29]
CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-12]
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-06-11]
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-04]
CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-13]
CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (avast! Ad Blocker) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-11-18] [UpdateUrl: hxxps://update.adblockplus.org/avast-adblocker.xml] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05]
CHR Extension: (Avast Online Security) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-04]
CHR Extension: (Wappalyzer) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2017-01-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22]
CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-09] (AVAST Software)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-03-09] (Native Instruments GmbH) [File not signed]
R2 PURE Flow Server; C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe [153176 2010-12-20] ()
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 a4djavs; C:\Windows\System32\Drivers\a4djavs.sys [358480 2012-02-22] (Native Instruments GmbH)
S3 a4djavs_x64; C:\Windows\System32\Drivers\a4djavs_x64.sys [44560 2009-03-26] (Native Instruments GmbH)
S3 a4djusb_svc; C:\Windows\System32\Drivers\a4djusb.sys [97360 2012-02-22] (Native Instruments GmbH)
S3 a4djusb_x64; C:\Windows\System32\Drivers\a4djusb_x64.sys [249872 2009-03-26] (Native Instruments GmbH)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 fs2_1394; C:\Windows\System32\Drivers\fs2_1394_x64.sys [183344 2007-10-09] (BridgeCo AG)
S3 fs2_avs; C:\Windows\System32\Drivers\fs2_avs_x64.sys [69168 2007-10-09] (BridgeCo AG)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-01] (REALiX™)
R3 LoopBeMidi1; C:\Windows\System32\drivers\loopbe1.sys [13824 2011-04-09] (nerds.de)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-14] (Malwarebytes)
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2014-10-17] (Novation DMS Ltd.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-04-12] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-08-01] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ta6avs; C:\Windows\System32\Drivers\ta6avs.sys [359784 2012-12-18] (Native Instruments GmbH)
S3 ta6usb_svc; C:\Windows\System32\Drivers\ta6usb.sys [78696 2012-12-18] (Native Instruments GmbH)
S3 cpuz137; \??\C:\Users\Steven\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATTENTION
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 19:23 - 2017-03-14 19:25 - 00028088 _____ C:\Users\Steven\Downloads\FRST.txt
2017-03-14 19:22 - 2017-03-14 19:23 - 00000000 ____D C:\FRST
2017-03-14 19:22 - 2017-03-14 19:22 - 02424832 _____ (Farbar) C:\Users\Steven\Downloads\FRST64.exe
2017-03-14 19:14 - 2017-03-14 19:14 - 00000828 _____ C:\Users\Steven\Documents\'hosts'.txt
2017-03-14 19:10 - 2017-03-14 19:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Steven\Downloads\HijackThis.exe
2017-03-14 19:06 - 2017-03-14 19:06 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-09 21:47 - 2017-03-14 19:16 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-09 21:47 - 2017-03-09 21:43 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-09 21:47 - 2017-03-09 21:43 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-09 21:47 - 2017-03-09 21:43 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-09 21:47 - 2017-03-09 21:43 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-09 21:46 - 2017-03-09 21:45 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-03 21:43 - 2017-03-03 21:43 - 00000000 _____ C:\Windows\SysWOW64\shoFB8F.tmp
2017-02-28 21:49 - 2017-02-28 21:55 - 95692262 _____ C:\Users\Steven\Downloads\jon_kennedy_ha_ep_jkf037_mp3.zip
2017-02-28 21:21 - 2017-02-28 21:54 - 101029136 _____ C:\Users\Steven\Downloads\Redeyes - Hey Lover [Link 2017 Re Hussle].wav
2017-02-27 19:35 - 2017-02-27 19:36 - 00221520 _____ C:\Windows\ntbtlog.txt
2017-02-23 19:51 - 2017-02-21 19:15 - 00085040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-02-18 20:59 - 2017-02-18 20:59 - 00000000 _____ C:\Windows\SysWOW64\shoA986.tmp
2017-02-18 19:57 - 2017-02-18 19:57 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-02-18 19:56 - 2017-03-14 19:04 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-18 19:56 - 2017-03-04 22:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-02-18 19:56 - 2017-03-04 22:27 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-18 19:56 - 2017-03-04 08:30 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-02-18 19:56 - 2017-02-27 19:35 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-02-18 19:56 - 2017-02-18 19:56 - 00001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-18 19:56 - 2017-02-18 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-18 19:56 - 2017-02-18 19:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-18 19:40 - 2017-02-18 19:43 - 55566792 _____ (Malwarebytes ) C:\Users\Steven\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-13 19:34 - 2017-02-13 22:09 - 00019968 _____ C:\Users\Steven\Documents\FINANCES FEB 17.xls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-03-14 19:21 - 2013-03-01 17:29 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 19:19 - 2016-11-17 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-14 19:13 - 2009-07-14 04:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-14 19:13 - 2009-07-14 04:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-14 19:11 - 2011-05-17 16:32 - 00000000 ____D C:\Users\Steven\AppData\Local\VirtualStore
2017-03-14 19:10 - 2009-07-14 05:13 - 00783464 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-14 19:10 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2017-03-14 19:08 - 2015-05-03 08:06 - 00000000 ____D C:\ProgramData\PURE Flow Server
2017-03-14 19:06 - 2016-11-18 17:52 - 00000000 ____D C:\Users\Steven\AppData\LocalLow\Mozilla
2017-03-14 19:05 - 2012-04-27 16:21 - 00000000 ____D C:\Program Files (x86)\PURE Flow Server
2017-03-14 19:03 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-12 01:48 - 2016-03-01 12:49 - 00003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1456836545
2017-03-12 01:38 - 2011-09-06 17:52 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-12 01:24 - 2010-11-13 04:18 - 00000000 ____D C:\Temp
2017-03-09 22:25 - 2014-10-17 22:24 - 00000000 ____D C:\Users\Steven\AppData\Roaming\vlc
2017-03-09 21:45 - 2014-04-23 21:46 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-09 21:45 - 2014-01-03 17:40 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-09 21:45 - 2013-03-01 17:29 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148951928049401
2017-03-09 21:45 - 2013-03-01 17:29 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-09 21:45 - 2012-02-25 17:33 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-09 21:45 - 2011-09-06 17:52 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-09 21:44 - 2016-03-01 12:43 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-09 21:44 - 2011-09-06 17:52 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-09 21:35 - 2015-06-13 13:59 - 00000000 ____D C:\ProgramData\ProductData
2017-03-04 23:37 - 2016-12-24 12:06 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-02 19:56 - 2011-10-17 16:41 - 00000000 ____D C:\ProgramData\TEMP
2017-02-23 21:24 - 2013-07-15 02:02 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 21:17 - 2011-05-24 21:20 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-21 19:19 - 2015-12-29 16:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-20 11:57 - 2011-05-25 19:13 - 00000000 ____D C:\Users\Steven\AppData\Roaming\uTorrent
2017-02-18 22:58 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-18 21:20 - 2013-10-03 19:52 - 00000000 ____D C:\ProgramData\Oracle
2017-02-18 21:19 - 2013-10-03 19:51 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-18 21:18 - 2014-04-22 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-18 21:17 - 2014-12-23 08:55 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-02-18 21:14 - 2016-12-24 12:06 - 00003894 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-18 21:14 - 2013-02-26 17:05 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-18 21:14 - 2013-02-26 17:05 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-18 21:13 - 2013-02-26 17:05 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-18 21:13 - 2010-11-13 03:54 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-18 21:11 - 2011-05-23 20:13 - 00000000 ____D C:\Users\Steven\AppData\Local\Adobe
2017-02-18 21:05 - 2015-06-18 17:27 - 00000000 ____D C:\Program Files (x86)\Wise
2017-02-18 20:58 - 2011-05-17 16:32 - 00000000 ____D C:\Users\Steven
2017-02-18 19:56 - 2013-04-04 22:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-18 19:39 - 2013-04-04 21:53 - 00000000 ____D C:\Program Files (x86)\MySpace Grab
2017-02-17 19:16 - 2015-09-03 18:32 - 00000000 ____D C:\Users\Steven\AppData\Roaming\dvdcss
2017-02-12 21:31 - 2017-02-10 18:10 - 00000000 ____D C:\Users\Steven\Desktop\New Mix

==================== Files in the root of some directories =======

2013-02-03 16:04 - 2017-01-25 19:49 - 0001127 _____ () C:\Users\Steven\AppData\Roaming\buttrc
2011-06-05 19:42 - 2013-06-04 20:44 - 0007168 _____ () C:\Users\Steven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-13 14:56 - 2015-10-16 19:02 - 0007598 _____ () C:\Users\Steven\AppData\Local\Resmon.ResmonCfg
2016-05-29 09:02 - 2016-05-29 09:02 - 0000000 _____ () C:\Users\Steven\AppData\Local\{B237FDFF-D177-4B91-B22A-0D526D1FB60C}
2013-08-28 17:45 - 2013-08-28 17:45 - 0000000 _____ () C:\ProgramData\3b3d36222a3c543e283a3b_c
2011-10-02 16:31 - 2011-10-02 16:31 - 0000048 ____H () C:\ProgramData\ezsidmv.dat

Some files in TEMP:
====================
2016-11-13 19:17 - 2016-11-13 19:17 - 0737856 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-02-18 21:09 - 2017-02-18 21:09 - 0739904 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u121-windows-au.exe
2015-11-13 21:22 - 2015-11-13 21:23 - 0585824 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u65-windows-au.exe
2015-11-19 14:50 - 2015-11-19 14:50 - 0585824 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-04-06 18:24 - 2016-04-06 18:24 - 0736320 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-05-04 18:42 - 2016-05-04 18:42 - 0739904 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-04-18 18:58 - 2016-03-17 22:31 - 1114112 _____ (Microsoft Corporation) C:\Users\Steven\AppData\Local\Temp\kernel32.dll
2016-04-15 18:24 - 2016-09-27 14:41 - 0734815 _____ (Remote Mouse                                                ) C:\Users\Steven\AppData\Local\Temp\RemoteMouse.exe
2015-09-29 07:53 - 2010-06-04 20:03 - 21779028 _____ () C:\Users\Steven\AppData\Local\Temp\VAIOScreensaverGeneric.exe
2016-07-16 12:03 - 2016-07-16 12:04 - 30533688 _____ () C:\Users\Steven\AppData\Local\Temp\vlc-2.2.4-win32.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-05-28 08:13

==================== End of FRST.txt ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by Steven (14-03-2017 19:26:23)
Running from C:\Users\Steven\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-05-17 16:32:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2040362551-1992677624-864970315-500 - Administrator - Disabled)
Guest (S-1-5-21-2040362551-1992677624-864970315-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2040362551-1992677624-864970315-1002 - Limited - Enabled)
Steven (S-1-5-21-2040362551-1992677624-864970315-1000 - Administrator - Enabled) => C:\Users\Steven

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Ableton Live v7.0.2 (HKLM-x32\...\Ableton Live_is1) (Version:  - Team AiR)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
AnyBurn (HKLM-x32\...\AnyBurn) (Version: 3.3 - Power Software Ltd)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audacity®, the Free, Cross-Platform Sound Editor 1.3.13 (HKLM-x32\...\Audacity®, the Free, Cross-Platform Sound Editor 1.3.13) (Version:  - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
butt (HKLM-x32\...\butt) (Version:  - )
Classic Menu for Office (HKLM-x32\...\{3ACF7A26-1743-4A84-85F1-2450B35925E4}) (Version: 4.50 - Addintools)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.98 - NCH Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version:  - Image-Line)
Free Brochure Maker (HKLM-x32\...\{FB36D4E2-9C07-46F9-85C9-74CBF61358C4}) (Version: 1.0.0 - Media Freeware)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LoopBe1 - Internal MIDI Port (HKLM-x32\...\LoopBe1) (Version:  - )
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-GB)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version:  - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version:  - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version:  - Native Instruments)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 -  Microsoft)
Novation USB Audio Driver 2.6 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.6 - Novation DMS Ltd.)
ODF Add-in for Microsoft Office (HKLM-x32\...\{54178A9B-7B4B-4B24-B863-7B44EBF28318}) (Version: 3.0.5250.0 - OpenXML/ODF Translator Team)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden
PURE Flow Server (HKLM-x32\...\TwonkyMediaPURE Flow Server) (Version: 5.1.11.0 - PURE Digital)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)
ReMOTE Editor (HKLM-x32\...\ReMOTE Editor_is1) (Version:  - Novation DMS Ltd.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\ChromeHTML: ->  <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04949907-1854-4F16-81DE-B286B4B2950E} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {08F5AD28-E126-4359-BEA6-6589138AA4A3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {09A3822E-974F-451A-A438-7F8CE43418F6} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {0BC76242-2760-4B35-BF0C-4A394BB615AF} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {0FA5F9AB-DA94-4E21-B33C-631BDBC7238A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000UA => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {1298FDB0-1064-4C7E-9304-FD7632CC6FE6} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ea569ef24dc7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1D0033DD-DA78-4C5C-AC74-E7CE09F80B54} - System32\Tasks\{A9E3793D-51BF-452E-B998-A9F73ECB88A3} => pcalua.exe -a C:\PROGRA~2\NATIVE~1\TRAKTO~1\UNWISE.EXE -c C:\PROGRA~2\NATIVE~1\TRAKTO~1\INSTALL.LOG
Task: {2113F758-F147-4D29-A7FC-3FB40A1C9A38} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {2827C3FF-766F-4013-96B0-E5FCF6BC55C2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-18] (Adobe Systems Incorporated)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3224F72F-C488-4109-A0CA-8F3F079E31E2} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {338EF30C-8E2A-4A75-8E0F-CC4F7AE99AC2} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {36FBA130-B638-4146-9B3C-089F835C4FF5} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {41247BD9-5C79-41D8-91D4-253FB107C9A1} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {43A5BCF5-4440-4AFE-8677-9F4E1C6D0D9B} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {530FCC00-D0F5-4850-9337-CE555A24E33F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {57721B6B-97C6-4D61-B968-6CEEE9088312} - System32\Tasks\WiseCleaner\WDRSkipUAC => C:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe
Task: {584BE112-1E6B-4B63-B57C-C01C90D493A7} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {5A1B6DDF-07C4-4966-B4AE-E9A21AA800B7} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5D6DF6D3-150F-4160-9AA6-5D23512BF240} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-10-25] (Sony Corporation)
Task: {604EA8FB-11EE-4944-8907-E5BFE5183995} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {655AA076-ADE3-4EBA-BB2E-6C2F6A0E02DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {6AE83B38-EAFE-43C2-8142-7C3AD33E5ECD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-09] (AVAST Software)
Task: {7F90AF34-AC12-4BF4-A20C-4E63D0985DDA} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {869721E4-335B-4CC5-8514-872131EEF773} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8C64B10B-E037-4E74-9BD1-EB871462C1DA} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {8CCFE848-9615-4E6C-A99D-BE522DC8C6D8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000Core => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => %windir%\system32\srtasks.exe
Task: {A68B0481-125E-447D-9CB4-051F8267DEE8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {AD94C473-B9C3-4060-98E5-91B9391959F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B568354C-44BC-4EBB-9C47-9D65F707043D} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BE056B16-AADA-4FB9-BE6A-7463463087F1} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {BFE760D4-B295-4742-B7EC-13681933D127} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {E389831D-F867-457F-8B42-40E93500B2B9} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E3AD4AD9-0B15-4789-A81F-5510FA797378} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E491A2E7-8057-494C-AEE6-B63BA932D39B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {EA9726FB-A93D-4B8A-B0EB-4B51003DB6A5} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {ED9C6BED-ED90-4393-B198-7F77D1E5B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-18] (Adobe Systems Incorporated)
Task: {EFE70292-57F1-45CD-88C8-BFBFF160E9DA} - System32\Tasks\SafeZone scheduled Autoupdate 1456836545 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {F4FBB5DF-8D56-41BA-9D1B-52B6D316FEB0} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-10-25] (Sony Corporation)
Task: {F88D6372-CD5A-4FDE-81E4-1AA138257A50} - System32\Tasks\Driver Booster SkipUAC (Steven) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FB0C07C8-3EEC-4137-9F56-305AD9A2D949} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FB6F9E83-E3DB-4FED-9867-87EBD7DA1334} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FD51B6C3-CC03-40FF-9DFE-2C4E7DB377DD} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ea569fb7dffe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FF5A47BF-A650-4DB7-A20D-05B216AD478E} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000Core.job => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000UA.job => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Steven\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk

ShortcutWithArgument: C:\Users\Steven\Desktop\Roca - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-12-20 18:30 - 2010-12-20 18:30 - 00153176 _____ () C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
2016-09-27 14:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2010-12-20 18:30 - 2010-12-20 18:30 - 01173080 _____ () C:\Program Files (x86)\PURE Flow Server\TwonkyMediaServer.exe
2017-02-18 19:56 - 2017-03-04 22:27 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-09 21:44 - 2017-03-09 21:44 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-03-09 21:45 - 2017-03-09 21:45 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2012-12-27 06:17 - 2012-12-27 06:17 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-03-09 21:44 - 2017-03-09 21:44 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-09 21:45 - 2017-03-09 21:45 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-14 19:18 - 2017-03-14 19:18 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031402\algo.dll
2010-11-13 03:48 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-13 03:48 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2016-04-15 18:25 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2016-05-11 18:29 - 2016-05-11 18:29 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5d3fdf7962e3a154830b603096be4216\IsdiInterop.ni.dll
2010-10-12 17:14 - 2010-03-04 03:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:D282699C [244]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 02:34 - 2017-01-07 11:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2040362551-1992677624-864970315-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LoopBe1 Monitor.lnk => C:\Windows\pss\LoopBe1 Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PURE FlowServer Tray Control.lnk => C:\Windows\pss\PURE FlowServer Tray Control.lnk.CommonStartup
MSCONFIG\startupreg: Facebook Update => "C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Remote Mouse => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C0FCA942-6EC2-4507-A7A4-086FD102FAEB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C44E6472-1926-4519-AD5B-BFB1CE5C9689}] => (Allow) svchost.exe
FirewallRules: [{C161E1FB-5B7A-4738-8CA3-E79F3EF4C51E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{93939600-CBAE-4733-8F08-66A561F3A11C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F63E3097-5455-4E95-B6FE-918D63A6505C}] => (Allow) LPort=2869
FirewallRules: [{BB9A2087-8453-4DA3-9C72-54FBF0F6389D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{D9C3AF3C-2C8C-48A3-A684-34A5DDB514BB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D4EAB824-147A-4522-800A-625E2412CEC6}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{45393287-9BA8-4415-9270-EBA3E27C165D}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{6727C768-0888-4406-B695-7D5EAAE6E098}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{02D7BB25-0203-45EE-816E-AFCACF2B3899}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{88F31ED7-B9BC-48F9-8580-F529EEE8FE34}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{60884864-C56B-44A8-89DF-09FCD3257499}C:\users\steven\downloads\avionics200903-win32.exe] => (Allow) C:\users\steven\downloads\avionics200903-win32.exe
FirewallRules: [UDP Query User{7F95AB57-91B4-4B52-9776-57F64F0B90CD}C:\users\steven\downloads\avionics200903-win32.exe] => (Allow) C:\users\steven\downloads\avionics200903-win32.exe
FirewallRules: [TCP Query User{53B87689-73C4-42DA-A3ED-193B7E034297}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{6CF10685-E81E-47BE-BA44-9ED2B9CD461F}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{415A80FD-01E3-4EC5-99DD-95DCDEFCAE82}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{74B2B1BE-2FDF-41A7-AE37-9C5A6E1B87DD}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [{E13E6BD6-4155-42D5-A268-74ACF54BCC53}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{36557C62-E13F-4303-97C9-5C7D19BC9A6D}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{A3DA8133-2876-46B4-A1E8-B2464E8166D3}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{17D6AC49-5B82-4A1F-9B22-187C6B5CE3E1}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{64E4F0E0-F223-4E11-AEAA-E29252EF8C64}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
FirewallRules: [{6D71E15A-412A-417E-BC10-6939D90DE7D5}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
FirewallRules: [{565C61B8-1232-45FB-AC6B-52D7E3037D8F}] => (Allow) C:\Users\Steven\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B55A8ECA-D0F0-493F-8EE5-AF4FB20C0837}] => (Allow) C:\Users\Steven\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9084A3AB-ACBA-4A24-8F6C-1D24E1B3F9C5}] => (Allow) C:\Users\Steven\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{A51CA167-0DAE-4F90-87B6-2E3C5D9C9175}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94C05DC7-2C6C-4549-AC9C-4AC7AF5DC079}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B01CB381-35B8-49D0-AFAE-A206ACFE1230}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4C66CDB8-1637-4C75-9F0C-1B0167E15E5E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6A464F57-2609-4959-99A5-2855A7A3E365}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{0FF4F580-0213-4562-90AE-EB6505819D3D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{E5F9C38B-5173-4B1C-9EFC-30A5342D3620}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{A21AE13D-6EB4-4B0C-B7CD-8E6E95DE1F76}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{8BBFEC3A-5392-4651-B04F-BFA325AA08BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE28E065-0883-4AA5-96B4-49939A419EFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8B92B56-3EEF-42BA-983D-A09714496088}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{B6332C5C-376A-48A0-9BAE-92DA054A0057}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{0CDD1C91-33A4-478E-897F-DAD0F54A9061}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{265A19EA-D9F7-4E61-8EAF-1F85204A1E5E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{3BC586F5-EB23-421A-A360-4856C1D0FF0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{723323CC-9FCD-4B64-AF60-B9CE6B895EEC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{C1B3420E-2E61-445D-838D-77887272648A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe

==================== Restore Points =========================

23-02-2017 21:16:38 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2017 11:55:17 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (03/09/2017 09:28:56 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (03/03/2017 09:43:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe8dc59db0
Faulting process id: 0xcf0
Faulting application start time: 0x01d29464bc3332d6
Faulting application path: C:\Program Files\Sony\VAIO Care\VCAgent.exe
Faulting module path: unknown
Report Id: 719768a0-005a-11e7-b773-78843cce4804

Error: (03/03/2017 09:43:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at VCAgent.SnyUtilsBatteryCareWrapper.UnRegWnd(IntPtr)
   at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

Error: (02/21/2017 08:47:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/19/2017 08:20:37 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/18/2017 09:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: flashplayer24ppau_ha_install.exe, version: 2.0.0.137, time stamp: 0x5899b2e7
Faulting module name: flashplayer24ppau_ha_install.exe, version: 2.0.0.137, time stamp: 0x5899b2e7
Exception code: 0xc0000005
Fault offset: 0x00005087
Faulting process id: 0xfc0
Faulting application start time: 0x01d28a2b3cf6a7e1
Faulting application path: C:\Users\Steven\Downloads\flashplayer24ppau_ha_install.exe
Faulting module path: C:\Users\Steven\Downloads\flashplayer24ppau_ha_install.exe
Report Id: 8178a088-f61e-11e6-9612-78843cce4804

Error: (02/17/2017 07:24:04 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/16/2017 10:58:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (02/15/2017 06:34:05 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:


System errors:
=============
Error: (03/14/2017 07:05:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (03/12/2017 01:35:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The VAIO Care Performance Service service hung on starting.

Error: (03/03/2017 09:43:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (03/03/2017 09:42:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} did not register with DCOM within the required timeout.

Error: (03/03/2017 07:59:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The VAIO Care Performance Service service hung on starting.

Error: (02/27/2017 08:20:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:19:22 on ‎27/‎02/‎2017 was unexpected.

Error: (02/27/2017 07:58:08 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The NIHardwareService service did not shut down properly after receiving a preshutdown control.

Error: (02/27/2017 07:57:35 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.

Error: (02/27/2017 07:57:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.

Error: (02/27/2017 07:35:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswVmm
DfsC
discache
ESProtectionDriver
HWiNFO32
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf


==================== Memory info ===========================

Processor: Intel® Core™ i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 50%
Total physical RAM: 3758.1 MB
Available physical RAM: 1875.05 MB
Total Virtual: 7514.38 MB
Available Virtual: 4990.59 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.51 GB) (Free:196.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1B42C395)
Partition 1: (Not Active) - (Size=13.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,052 posts
  • MVP
Get Process Explorer
 
Save it to your desktop then run it (Vista or Win7+ - right click and Run As Administrator).  
 
View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures
 
 
Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
 
 
Get the free version of Speccy:
 
http://www.filehippo...download_speccy (Look in the upper right for the Download
Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
Download, Save and Install it.  Tell it you do not need CCLEANER.    Run Speccy.  When it finishes (the little icon in the bottom left will stop moving), 
File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
(It will be near the top,  10-20  lines down.) Save the file.  Attach the file to your next post.  Attaching the log is the best option as it is too big for the forum.  Attaching is a multi step process.
 
First click on More Reply Options
Then scroll down to where you see
Choose File and click on it.  Point it at the file and hit Open.
Now click on Attach this file.
 
 
 
 
 
Wait a full minute then:
 
File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
 
 
Copy the next 2 lines:
 
TASKLIST /SVC  > \junk.txt
notepad \junk.txt
 
Open an Elevated Command Prompt:
Start, All Programs, Accessories then right click on Command Prompt and Run as Administrator
 
 
Right click and Paste (or Edit then Paste) and the copied lines should appear.
Hit Enter if notepad does not open.  Copy and paste the text from notepad into a reply. 

  • 0

#3
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Speccy Log attached as requested.

 

Many thanks :)

Attached Files


  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,052 posts
  • MVP

Process Explorer and VEW logs?

 

So far Speccy says it may be running a bit hot.  Common on a laptop.  They get dust caught between the fan and the heatsink and it restricts the air flow so that they overheat.  Speccy has not been very accurate with the temps recently so best to get a second opinion.

 

 
 
Download, save and Install it (Win 7+ or Vista right click and Run As Admin.) then run it (Win 7+ or Vista right click and Run As Admin.).
 
It will tell you your temps in real time what is the highest temp it shows when the PC is not doing a lot?  If you watch a video or do an anti-virus scan how high does it go?
 
click on the S.M.A.R.T. tab.  Click on the down arrow to the right of the Hard Disk box.  Select your hard drive.  Click on Perform and In-depth Online Analysis of this hard disk.  Your browser will open.
 
At the bottom of the new page will be a line:  
 
The link to get back and see a new report about this hard disk in the future is this.
 
Right click on the underlined "this" and select Copy Link Address.  Move to a Reply and Paste (Ctrl + v).  This will give us a second opinion on the drive too.

 

You have a Seagate hard drive that is showing a lot of errors and has some reallocated sectors plus another 6 pending.  Make sure you have any data like pictures backed up as it could fail at any time.  


  • 0

#5
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Process explorer log attached.

 

Sorry, I don't know what you mean by VEW log?

 

Just going to run the other suggestion.

 

Thanks

Attached Files


  • 0

#6
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

http://www.hddstatus...cation=96DC2B8D

 

Run whilst YouTube playing and pics being backed up to ExtHDD.

 

Many thanks for your assistance.


  • 0

#7
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,052 posts
  • MVP

Speedfan didn't think too much of your hard drive either.  I would get Seatools for Windows from Seagate and run it and have it do an extended test of your drive.  WIll take a few hours but it might fix some things.

 

What does Speedfan say is the highest temperature on the Readings Page:

 

sf.JPG

 

 

VEW: Thought I had put that in the last post but guess it got left out:

 

 
1. Please download the Event Viewer Tool by Vino Rosso
and save it to your Desktop:
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 
 
Can you close Firefox and rerun Process Explorer and make a new log and post it?

  • 0

#8
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Sorry for the delay.

 

VEW System Log:

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 24/03/2017 20:23:34

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 27/02/2017 20:19:59
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 10/01/2017 22:14:35
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 22/12/2016 18:06:42
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 22/12/2016 18:03:26
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 08/10/2016 16:32:53
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 03/10/2016 20:23:23
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 21/09/2016 21:23:16
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 14/07/2016 00:49:32
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 26/06/2016 14:46:36
Type: Critical Category: 64
Event: 10111 Source: Microsoft-Windows-DriverFrameworks-UserMode
The device MTP USB Device (location (unknown)) is offline due to a user-mode driver crash.  Windows will attempt to restart the device 5 more times.  Please contact the device manufacturer for more information about this problem.

Log: 'System' Date/Time: 26/06/2016 14:46:36
Type: Critical Category: 64
Event: 10110 Source: Microsoft-Windows-DriverFrameworks-UserMode
A problem has occurred with one or more user-mode drivers and the hosting process has been terminated.  This may temporarily interrupt your ability to access the devices.

Log: 'System' Date/Time: 31/05/2016 18:19:47
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 15/05/2016 19:08:52
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 15/05/2016 14:55:07
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 29/04/2016 19:16:15
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

Log: 'System' Date/Time: 09/04/2016 21:11:31
Type: Critical Category: 63
Event: 41 Source: Microsoft-Windows-Kernel-Power
The system has rebooted without cleanly shutting down first. This error could be caused if the system stopped responding, crashed, or lost power unexpectedly.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 24/03/2017 20:04:27
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The VAIO Care Performance Service service hung on starting.

Log: 'System' Date/Time: 24/03/2017 19:58:32
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The VSNService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 24/03/2017 19:58:32
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the VSNService service to connect.

Log: 'System' Date/Time: 22/03/2017 19:03:38
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 22/03/2017 19:01:05
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The NIHardwareService service did not shut down properly after receiving a preshutdown control.

Log: 'System' Date/Time: 22/03/2017 19:00:32
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.

Log: 'System' Date/Time: 22/03/2017 19:00:00
Type: Error Category: 0
Event: 7043 Source: Service Control Manager
The Group Policy Client service did not shut down properly after receiving a preshutdown control.

Log: 'System' Date/Time: 21/03/2017 19:02:12
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 21/03/2017 19:01:50
Type: Error Category: 0
Event: 7034 Source: Service Control Manager
The LiveUpdate service terminated unexpectedly.  It has done this 1 time(s).

Log: 'System' Date/Time: 21/03/2017 19:00:35
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The VSNService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 21/03/2017 19:00:35
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the VSNService service to connect.

Log: 'System' Date/Time: 18/03/2017 19:36:12
Type: Error Category: 0
Event: 7000 Source: Service Control Manager
The RemoteMouseService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.

Log: 'System' Date/Time: 18/03/2017 19:36:12
Type: Error Category: 0
Event: 7009 Source: Service Control Manager
A timeout was reached (30000 milliseconds) while waiting for the RemoteMouseService service to connect.

Log: 'System' Date/Time: 16/03/2017 22:54:14
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 16/03/2017 22:53:34
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 14/03/2017 19:05:01
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 12/03/2017 01:35:35
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The VAIO Care Performance Service service hung on starting.

Log: 'System' Date/Time: 03/03/2017 21:43:22
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 03/03/2017 21:42:42
Type: Error Category: 0
Event: 10010 Source: Microsoft-Windows-DistributedCOM
The server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} did not register with DCOM within the required timeout.

Log: 'System' Date/Time: 03/03/2017 19:59:12
Type: Error Category: 0
Event: 7022 Source: Service Control Manager
The VAIO Care Performance Service service hung on starting.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'System' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'System' Date/Time: 23/03/2017 00:52:43
Type: Warning Category: 212
Event: 219 Source: Microsoft-Windows-Kernel-PnP
The driver \Driver\WUDFRd failed to load for the device WpdBusEnumRoot\UMB\2&37c186b&0&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_SANDISK&PROD_CRUZER_BLADE&REV_1.00#4C531001600518113212&0#.

Log: 'System' Date/Time: 22/03/2017 20:20:27
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 22/03/2017 20:20:27
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 22/03/2017 20:19:49
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume3\Windows\System32\dllhost.exe with process id 6804 stopped the removal or ejection for the device USB\VID_26BD&PID_9917\070A714931E2FB04.

Log: 'System' Date/Time: 22/03/2017 20:19:36
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume3\Windows\System32\dllhost.exe with process id 6804 stopped the removal or ejection for the device USB\VID_26BD&PID_9917\070A714931E2FB04.

Log: 'System' Date/Time: 22/03/2017 20:19:14
Type: Warning Category: 223
Event: 225 Source: Microsoft-Windows-Kernel-PnP
The application \Device\HarddiskVolume3\Windows\System32\dllhost.exe with process id 6804 stopped the removal or ejection for the device USB\VID_26BD&PID_9917\070A714931E2FB04.

Log: 'System' Date/Time: 21/03/2017 21:43:02
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 19/03/2017 17:30:12
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 19/03/2017 17:30:12
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 16/03/2017 19:43:04
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 14/03/2017 19:13:02
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/03/2017 14:18:19
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 12/03/2017 01:29:00
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.

Log: 'System' Date/Time: 12/03/2017 01:28:59
Type: Warning Category: 0
Event: 10002 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN Extensibility Module has stopped.  Module Path: C:\Windows\System32\IWMSSvc.dll

Log: 'System' Date/Time: 09/03/2017 21:40:29
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 04/03/2017 22:25:55
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 04/03/2017 19:24:58
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name wpad.default timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 02/03/2017 19:57:27
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 28/02/2017 21:21:28
Type: Warning Category: 0
Event: 1014 Source: Microsoft-Windows-DNS-Client
Name resolution for the name rtd.tubemogul.com timed out after none of the configured DNS servers responded.

Log: 'System' Date/Time: 27/02/2017 19:34:12
Type: Warning Category: 0
Event: 4001 Source: Microsoft-Windows-WLAN-AutoConfig
WLAN AutoConfig service has successfully stopped.
 

---------------------------------------------------------------------------------------------

 

VEW Application Log:

 

Vino's Event Viewer v01c run on Windows 2008 in English
Report run at 24/03/2017 20:27:06

Note: All dates below are in the format dd/mm/yyyy

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Critical Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Error Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 19/03/2017 14:47:39
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 16/03/2017 20:04:23
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: CompatTelRunner.exe, version: 10.0.14913.1002, time stamp: 0x57d1070d Faulting module name: devinv.dll, version: 10.0.14913.1002, time stamp: 0x57d10950 Exception code: 0xc0000005 Fault offset: 0x0000000000023c00 Faulting process id: 0xc84 Faulting application start time: 0x01d29e8ccf11eef0 Faulting application path: C:\Windows\system32\CompatTelRunner.exe Faulting module path: C:\Windows\system32\devinv.dll Report Id: bf6ff339-0a83-11e7-943c-78843cce4804

Log: 'Application' Date/Time: 12/03/2017 11:55:17
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 09/03/2017 21:28:56
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 03/03/2017 21:43:32
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x000007fe8dc59db0 Faulting process id: 0xcf0 Faulting application start time: 0x01d29464bc3332d6 Faulting application path: C:\Program Files\Sony\VAIO Care\VCAgent.exe Faulting module path: unknown Report Id: 719768a0-005a-11e7-b773-78843cce4804

Log: 'Application' Date/Time: 03/03/2017 21:43:30
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at VCAgent.SnyUtilsBatteryCareWrapper.UnRegWnd(IntPtr)
   at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)



Log: 'Application' Date/Time: 21/02/2017 20:47:46
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 19/02/2017 08:20:37
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 18/02/2017 21:09:17
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: flashplayer24ppau_ha_install.exe, version: 2.0.0.137, time stamp: 0x5899b2e7 Faulting module name: flashplayer24ppau_ha_install.exe, version: 2.0.0.137, time stamp: 0x5899b2e7 Exception code: 0xc0000005 Fault offset: 0x00005087 Faulting process id: 0xfc0 Faulting application start time: 0x01d28a2b3cf6a7e1 Faulting application path: C:\Users\Steven\Downloads\flashplayer24ppau_ha_install.exe Faulting module path: C:\Users\Steven\Downloads\flashplayer24ppau_ha_install.exe Report Id: 8178a088-f61e-11e6-9612-78843cce4804

Log: 'Application' Date/Time: 17/02/2017 19:24:04
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 16/02/2017 22:58:01
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 15/02/2017 18:34:05
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 13/02/2017 22:10:16
Type: Error Category: 100
Event: 1000 Source: Application Error
Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x000007fe914025e0 Faulting process id: 0x478 Faulting application start time: 0x01d2862ae48d6e7d Faulting application path: C:\Program Files\Sony\VAIO Care\VCAgent.exe Faulting module path: unknown Report Id: 324a5669-f239-11e6-9302-78843cce4804

Log: 'Application' Date/Time: 13/02/2017 22:10:15
Type: Error Category: 0
Event: 1026 Source: .NET Runtime
Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
   at VCAgent.SnyUtilsBatteryCareWrapper.UnRegWnd(IntPtr)
   at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)



Log: 'Application' Date/Time: 12/02/2017 14:40:54
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 11/02/2017 13:03:37
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 10/02/2017 17:54:02
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 06/02/2017 19:11:39
Type: Error Category: 1
Event: 100 Source: CVHSVC
Information only. (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:

Log: 'Application' Date/Time: 05/02/2017 18:53:49
Type: Error Category: 3
Event: 7042 Source: Microsoft-Windows-Search
The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


Log: 'Application' Date/Time: 05/02/2017 18:53:49
Type: Error Category: 3
Event: 7010 Source: Microsoft-Windows-Search
The index cannot be initialized.

Details:
    The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
'Application' Log - Warning Type
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Log: 'Application' Date/Time: 24/03/2017 20:23:41
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 6148 did not respond and is being forcibly terminated {filter host process 6812}.


Log: 'Application' Date/Time: 24/03/2017 20:16:40
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 5168 did not respond and is being forcibly terminated {filter host process 4184}.


Log: 'Application' Date/Time: 24/03/2017 20:09:22
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 24/03/2017 20:09:22
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. CurrentSoftGridPrereq: Click2Run installation (version = 14.0.4763.1000) is found on the machine; skipping installation...

Log: 'Application' Date/Time: 24/03/2017 20:09:21
Type: Warning Category: 1
Event: 100 Source: CVHSVC
Information only. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE is trusted.

Log: 'Application' Date/Time: 24/03/2017 20:02:09
Type: Warning Category: 1
Event: 258 Source: SampleCollector
Expand Counter: PdhExpandWildCardPath call site 1: Failed with error 0xc0000bb9: The specified counter could not be found.

Log: 'Application' Date/Time: 24/03/2017 19:59:21
Type: Warning Category: 11
Event: 3211 Source: Application Virtualization Client
{tid=10A8}
Attempting Transport Connection URL: http://c2r.microsoft...0.7145.5001.sftError: 24600F0A-10000001

Log: 'Application' Date/Time: 24/03/2017 19:59:13
Type: Warning Category: 6
Event: 3057 Source: Application Virtualization Client
{tid=F90}
The Application Virtualization Client Core initialized correctly.  Installed Product:  Version: 4.6.3.24650 Install Path: C:\Program Files (x86)\Microsoft Application Virtualization Client Global Data Directory: C:\ProgramData\Microsoft\Application Virtualization Client\ Machine Name: STEVEN-VAIO Operating System: Windows 7 64-bit Service Pack 1.0 Build 7601 OSD Command:

Log: 'Application' Date/Time: 24/03/2017 19:59:09
Type: Warning Category: 3
Event: 3191 Source: Application Virtualization Client
{tid=F90}
-------------------------------------------------------- Initialized client log (C:\ProgramData\Microsoft\Application Virtualization Client\sftlog.txt)

Log: 'Application' Date/Time: 24/03/2017 19:57:59
Type: Warning Category: 0
Event: 1 Source: LMS
LMS Service cannot connect to Intel® MEI driver

Log: 'Application' Date/Time: 23/03/2017 00:57:04
Type: Warning Category: 0
Event: 1530 Source: Microsoft-Windows-User Profiles Service
Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.     DETAIL -   1 user registry handles leaked from \Registry\User\S-1-5-21-2040362551-1992677624-864970315-1000:
Process 1404 (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) has opened key \REGISTRY\USER\S-1-5-21-2040362551-1992677624-864970315-1000


Log: 'Application' Date/Time: 23/03/2017 00:53:54
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 4524 did not respond and is being forcibly terminated {filter host process 6776}.


Log: 'Application' Date/Time: 23/03/2017 00:46:54
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 6696 did not respond and is being forcibly terminated {filter host process 5788}.


Log: 'Application' Date/Time: 23/03/2017 00:39:54
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 6320 did not respond and is being forcibly terminated {filter host process 6872}.


Log: 'Application' Date/Time: 23/03/2017 00:32:54
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 3180 did not respond and is being forcibly terminated {filter host process 6180}.


Log: 'Application' Date/Time: 23/03/2017 00:25:53
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 6380 did not respond and is being forcibly terminated {filter host process 5648}.


Log: 'Application' Date/Time: 23/03/2017 00:18:53
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 5668 did not respond and is being forcibly terminated {filter host process 5560}.


Log: 'Application' Date/Time: 23/03/2017 00:11:53
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 6992 did not respond and is being forcibly terminated {filter host process 4948}.


Log: 'Application' Date/Time: 23/03/2017 00:04:53
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 6752 did not respond and is being forcibly terminated {filter host process 6680}.


Log: 'Application' Date/Time: 22/03/2017 23:57:53
Type: Warning Category: 3
Event: 10023 Source: Microsoft-Windows-Search
The protocol host process 1624 did not respond and is being forcibly terminated {filter host process 4948}.


 


  • 0

#9
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

New Process Explorer Log

 

Process    CPU    Private Bytes    Working Set    PID    Description    Company Name    Verified Signer
System Idle Process    69.94    0 K    24 K    0            
SearchFilterHost.exe    11.34    3,784 K    6,384 K    4188            
SearchProtocolHost.exe    11.07    3,604 K    2,412 K    6752            
System    3.09    204 K    3,976 K    4            
procexp64.exe    1.94    24,724 K    43,288 K    3872    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
Interrupts    0.73    0 K    0 K    n/a    Hardware Interrupts and DPCs        
svchost.exe    0.70    135,648 K    144,152 K    384    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
dwm.exe    0.46    118,384 K    63,284 K    2020    Desktop Window Manager    Microsoft Corporation    (Verified) Microsoft Windows
RemoteMouse.exe    0.24    37,280 K    31,164 K    2832            
csrss.exe    0.18    3,312 K    7,640 K    604            
ApntEx.exe    0.12    2,388 K    5,628 K    5592    Alps Pointing-device Driver for Windows NT/2000/XP/Vista    Alps Electric Co., Ltd.    (Verified) Microsoft Windows Hardware Compatibility Publisher
RemoteMouseService.exe    0.05    13,132 K    12,584 K    2228    Remote Mouse Service        (No signature was present in the subject)
ApMsgFwd.exe    0.03    1,988 K    5,100 K    2264            
explorer.exe    0.02    45,364 K    67,900 K    1580    Windows Explorer    Microsoft Corporation    (Verified) Microsoft Windows
mbamtray.exe    0.02    17,552 K    26,004 K    4940    Malwarebytes Tray Application    Malwarebytes    (Verified) Malwarebytes Corporation
LMS.exe    0.01    2,600 K    4,980 K    1996    Local Manageability Service    Intel Corporation    (Verified) Intel Corporation
AvastSvc.exe    0.01    112,964 K    40,964 K    1444    Avast Service    AVAST Software    (Verified) AVAST Software s.r.o.
svchost.exe    0.01    5,120 K    10,280 K    820    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
IAStorDataMgrSvc.exe    0.01    20,028 K    16,816 K    5268    IAStorDataSvc    Intel Corporation    (Verified) Intel Corporation
RemoteMouseCore.exe    0.01    19,872 K    18,728 K    2728            
Apoint.exe    0.01    3,692 K    10,648 K    4400    Alps Pointing-device Driver    Alps Electric Co., Ltd.    (Verified) Microsoft Windows Hardware Compatibility Publisher
avastui.exe    < 0.01    17,500 K    30,160 K    5472    Avast Antivirus    AVAST Software    (Verified) AVAST Software s.r.o.
twonkymediaserver.exe    < 0.01    16,060 K    20,700 K    2324            
SearchIndexer.exe    < 0.01    44,120 K    30,836 K    5016    Microsoft Windows Search Indexer    Microsoft Corporation    (Verified) Microsoft Windows
VESMgrSub.exe    < 0.01    11,144 K    15,536 K    2052            
dllhost.exe    < 0.01    6,828 K    10,148 K    2252    COM Surrogate    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe    < 0.01    30,772 K    44,724 K    420    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
aswidsagenta.exe    < 0.01    19,204 K    31,592 K    4292    Avast Behavior Shield    AVAST Software s.r.o.    (Verified) AVAST Software s.r.o.
svchost.exe    < 0.01    15,100 K    16,780 K    1296    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
IAStorIcon.exe    < 0.01    25,216 K    22,844 K    4772    IAStorIcon    Intel Corporation    (Verified) Intel Corporation
sftlist.exe    < 0.01    8,704 K    18,636 K    3664    Microsoft Application Virtualization Client Service    Microsoft Corporation    (Verified) Microsoft Corporation
svchost.exe    < 0.01    12,400 K    15,836 K    1388    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
twonkymediaserverwatchdog.exe    < 0.01    1,748 K    5,444 K    2120            (Verified) PacketVideo Corporation
UNS.exe    < 0.01    3,932 K    8,968 K    1840    User Notification Service    Intel Corporation    (Verified) Intel Corporation
MBAMService.exe    < 0.01    23,640 K    41,428 K    1020    Malwarebytes Service    Malwarebytes    (Verified) Malwarebytes Corporation
jusched.exe    < 0.01    6,396 K    13,648 K    5384    Java Update Scheduler    Oracle Corporation    (Verified) Oracle America
WmiPrvSE.exe        4,876 K    10,524 K    3356            
WmiPrvSE.exe        9,932 K    14,040 K    2648            
WLIDSVCM.EXE        1,484 K    3,668 K    3224            
WLIDSVC.EXE        5,656 K    12,212 K    2760            
wlanext.exe        7,276 K    15,152 K    1436            
winlogon.exe        3,312 K    7,692 K    684            
wininit.exe        1,664 K    4,660 K    580            
VESMgr.exe        4,932 K    11,028 K    2816    VAIO Event Service (Service Module)    Sony Corporation    (Verified) Sony Corporation
VCPerfService.exe        12,340 K    10,808 K    3724    Intel® System Behavior Tracker Collector Service    Intel Corporation    (Verified) Intel® Software Products
unsecapp.exe        1,784 K    5,288 K    3288            
uCamMonitor.exe        1,624 K    4,780 K    2764    MgiSvr    ArcSoft, Inc.    (Verified) ArcSoft
svchost.exe        5,588 K    9,316 K    916    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        18,176 K    18,636 K    1008    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        6,616 K    12,120 K    592    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,144 K    5,300 K    5052    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,540 K    5,812 K    1080    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        5,276 K    9,468 K    1932    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        4,208 K    7,464 K    1880    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,692 K    6,364 K    2740    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
svchost.exe        2,536 K    5,932 K    3632    Host Process for Windows Services    Microsoft Corporation    (Verified) Microsoft Windows
spoolsv.exe        7,048 K    12,124 K    1720    Spooler SubSystem App    Microsoft Corporation    (Verified) Microsoft Windows
SPMService.exe        5,004 K    10,844 K    4304    SPM Module    Sony Corporation    (Verified) Sony Corporation
smss.exe        580 K    1,264 K    368            
sftvsa.exe        1,520 K    4,988 K    2696    Microsoft Application Virtualization Virtual Service Agent    Microsoft Corporation    (Verified) Microsoft Corporation
services.exe        4,988 K    8,928 K    640            
RegSrvc.exe        2,320 K    6,468 K    2200    Intel® PROSet/Wireless Registry Service    Intel® Corporation    (Verified) Intel Corporation - Mobile Wireless Group
RAVBg64.exe        10,324 K    10,656 K    2624    HD Audio Background Process    Realtek Semiconductor    (Verified) Realtek Semiconductor Corp
procexp.exe        3,036 K    7,344 K    2572    Sysinternals Process Explorer    Sysinternals - www.sysinternals.com    (Verified) Microsoft Corporation
notepad.exe        1,836 K    6,564 K    6832    Notepad    Microsoft Corporation    (Verified) Microsoft Windows
NIHardwareService.exe        6,576 K    11,472 K    2080    NIHardwareService    Native Instruments GmbH    (No signature was present in the subject) Native Instruments GmbH
lsm.exe        2,820 K    4,492 K    720            
lsass.exe        6,456 K    14,544 K    712    Local Security Authority Process    Microsoft Corporation    (Verified) Microsoft Windows
listener.exe        1,664 K    5,180 K    4048    VaioCare Window Listener Application    Sony of America Corporation    (Verified) Sony Corporation of America
ISBMgr.exe        2,380 K    7,408 K    3112        Sony Corporation    (Verified) Sony Corporation
igfxpers.exe        3,780 K    9,920 K    4904    persistence Module    Intel Corporation    (Verified) Intel Corporation - Software and Firmware Products
hkcmd.exe        2,768 K    7,056 K    4820    hkcmd Module    Intel Corporation    (Verified) Intel Corporation - Software and Firmware Products
EvtEng.exe        10,312 K    17,976 K    2416    Intel® PROSet/Wireless Event Log Service    Intel® Corporation    (Verified) Intel Corporation - Mobile Wireless Group
esrv_svc.exe        8,856 K    12,892 K    5776    Intel® Energy Checker Energy Server Service    Intel Corporation    (Verified) Intel® Energy Checker
dllhost.exe        3,548 K    7,316 K    2272            
CVHSVC.EXE        7,852 K    16,004 K    3520            
csrss.exe        2,900 K    5,260 K    540            
conhost.exe        1,188 K    3,060 K    2332            
conhost.exe        1,076 K    2,888 K    1452            
conhost.exe        1,748 K    4,900 K    5608    Console Window Host    Microsoft Corporation    (Verified) Microsoft Windows
btwdins.exe        2,960 K    9,208 K    1856    Bluetooth Support Server    Broadcom Corporation.    (Verified) Broadcom Corporation
armsvc.exe        1,228 K    4,124 K    1832    Adobe Acrobat Update Service    Adobe Systems Incorporated    (Verified) Adobe Systems
Apvfb.exe        1,604 K    4,200 K    5632    APVFB    ALPS    (Verified) Microsoft Windows Hardware Compatibility Publisher

 


  • 0

#10
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Command Prompt Junk.txt

 

Image Name                     PID Services                                    
========================= ======== ============================================
System Idle Process              0 N/A                                         
System                           4 N/A                                         
smss.exe                       368 N/A                                         
csrss.exe                      540 N/A                                         
wininit.exe                    580 N/A                                         
csrss.exe                      604 N/A                                         
services.exe                   640 N/A                                         
winlogon.exe                   684 N/A                                         
lsass.exe                      712 KeyIso, SamSs, VaultSvc                     
lsm.exe                        720 N/A                                         
svchost.exe                    820 DcomLaunch, PlugPlay, Power                 
svchost.exe                    916 RpcEptMapper, RpcSs                         
svchost.exe                   1008 AudioSrv, Dhcp, eventlog, lmhosts, wscsvc   
svchost.exe                    384 AudioEndpointBuilder, Netman, PcaSvc,       
                                   SysMain, TrkWks, UxSms, Wlansvc, wudfsvc    
svchost.exe                    592 EventSystem, FontCache, netprofm, nsi,      
                                   WdiServiceHost                              
svchost.exe                    420 Appinfo, BITS, EapHost, IKEEXT,             
                                   LanmanServer, MMCSS, ProfSvc, Schedule,     
                                   SENS, ShellHWDetection, Themes, Winmgmt,    
                                   wuauserv                                    
svchost.exe                   1080 gpsvc                                       
svchost.exe                   1296 CryptSvc, Dnscache, LanmanWorkstation,      
                                   NlaSvc                                      
svchost.exe                   1388 BFE, DPS, MpsSvc, WwanSvc                   
wlanext.exe                   1436 N/A                                         
AvastSvc.exe                  1444 avast! Antivirus                            
conhost.exe                   1452 N/A                                         
spoolsv.exe                   1720 Spooler                                     
armsvc.exe                    1832 AdobeARMservice                             
btwdins.exe                   1856 btwdins                                     
svchost.exe                   1880 DiagTrack                                   
svchost.exe                   1932 FDResPub, SSDPSRV                           
dwm.exe                       2020 N/A                                         
explorer.exe                  1580 N/A                                         
LMS.exe                       1996 LMS                                         
NIHardwareService.exe         2080 NIHardwareService                           
twonkymediaserverwatchdog     2120 PURE Flow Server                            
RegSrvc.exe                   2200 RegSrvc                                     
RemoteMouseService.exe        2228 RemoteMouseService                          
twonkymediaserver.exe         2324 N/A                                         
conhost.exe                   2332 N/A                                         
sftvsa.exe                    2696 sftvsa                                      
RemoteMouseCore.exe           2728 N/A                                         
svchost.exe                   2740 stisvc                                      
uCamMonitor.exe               2764 uCamMonitor                                 
VESMgr.exe                    2816 VAIO Event Service                          
RemoteMouse.exe               2832 N/A                                         
dllhost.exe                   2272 N/A                                         
WLIDSVC.EXE                   2760 wlidsvc                                     
EvtEng.exe                    2416 EvtEng                                      
MBAMService.exe               1020 MBAMService                                 
VESMgrSub.exe                 2052 N/A                                         
WLIDSVCM.EXE                  3224 N/A                                         
unsecapp.exe                  3288 N/A                                         
WmiPrvSE.exe                  3356 N/A                                         
sftlist.exe                   3664 sftlist                                     
CVHSVC.EXE                    3520 cvhsvc                                      
RAVBg64.exe                   2624 N/A                                         
aswidsagenta.exe              4292 aswbIDSAgent                                
Apoint.exe                    4400 N/A                                         
hkcmd.exe                     4820 N/A                                         
igfxpers.exe                  4904 N/A                                         
mbamtray.exe                  4940 N/A                                         
SearchIndexer.exe             5016 WSearch                                     
svchost.exe                   5052 bthserv                                     
IAStorIcon.exe                4772 N/A                                         
ISBMgr.exe                    3112 N/A                                         
ApMsgFwd.exe                  2264 N/A                                         
jusched.exe                   5384 N/A                                         
avastui.exe                   5472 N/A                                         
ApntEx.exe                    5592 N/A                                         
conhost.exe                   5608 N/A                                         
Apvfb.exe                     5632 N/A                                         
esrv_svc.exe                  5776 ESRV_SVC                                    
IAStorDataMgrSvc.exe          5268 IAStorDataMgrSvc                            
VCPerfService.exe             3724 SampleCollector                             
listener.exe                  4048 N/A                                         
svchost.exe                   3632 PolicyAgent                                 
dllhost.exe                   2252 N/A                                         
UNS.exe                       1840 UNS                                         
SPMService.exe                4304 VAIO Power Management                       
WmiPrvSE.exe                  2648 N/A                                         
notepad.exe                   6832 N/A                                         
firefox.exe                   6300 N/A                                         
firefox.exe                   6088 N/A                                         
SearchProtocolHost.exe        5072 N/A                                         
SearchFilterHost.exe          6272 N/A                                         
audiodg.exe                   3876 N/A                                         
cmd.exe                       5988 N/A                                         
conhost.exe                   4784 N/A                                         
tasklist.exe                  3544 N/A                                         
 


  • 0

Advertisements


#11
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,052 posts
  • MVP

VAIO Care is not happy.  I would uninstall it.  If this is something you really use then get a new copy from Sony and reinstall it.

 

Windows Search is not happy.  I would rebuild the index:

 

https://www.sevenfor...ex-rebuild.html

 

Did you install Speedfan?  What temps are you getting?


  • 0

#12
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

System 58C is the highest

 

Vaio Care uninstalled

 

Running SeaTools

 

Rebuilding Windows now


Edited by steerock, 24 March 2017 - 03:12 PM.

  • 0

#13
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,052 posts
  • MVP

Watch speedfan's temp while running a an anti-virus scan or watching a video.  Does it go up above 65?


  • 0

#14
steerock

steerock

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

I have watched a video on YouTube and played music using VLC at the same time and it was at 58C.

 

Quick Seagate scan showed errors with the hard disk. Don't want to risk a full one. What do you recommend?


  • 0

#15
RKinner

RKinner

    Malware Expert

  • Expert
  • 19,052 posts
  • MVP

If the quick test fails you can be sure the extended test would fail too tho sometimes when it finishes the test it will say it found problems and offer to fix them.  Sometimes it actually helps.  The extended test is not distructive just takes a long time.

 

 I think it's time for a new hard drive.

 

Let's see if removing Vaio Care has helped any:

 

 

 
Right click on Computer and select Manage. Then click on the arrow in front of Event Viewer. Next Click on the arrow in front of Windows Logs Right click on System and Clear Log, Clear. Repeat for Application.
 
Reboot. 
 
2. Right-click VEW.exe and Run AS Administrator
3. Under 'Select log to query', select:
 
* System
4. Under 'Select type to list', select:
* Error
* Warning
 
 
Then use the 'Number of events' as follows:
 
 
1. Click the radio button for 'Number of events'
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.
 
 
Please post the Output log in your next reply then repeat but select Application.  (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)
 

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP