My laptop has slowed down its performance considerably recently. It takes a long time to boot up and programs which used to run easily together now take ages to move from one screen to the next. Streaming video and music is often very slow or not working at all. It's a big change in general. Here are my Farbar results. Any help would be greatly appreciated. Thanks.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-03-2017
Ran by Steven (administrator) on STEVEN-VAIO (14-03-2017 19:23:08)
Running from C:\Users\Steven\Downloads
Loaded Profiles: Steven (Available Profiles: Steven)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
() C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
() C:\Program Files (x86)\PURE Flow Server\twonkymediaserver.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
(RemoteMouse.net) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Trend Micro Inc.) C:\Users\Steven\Downloads\HijackThis.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_186_Plugin.exe [1269336 2016-12-28] (Adobe Systems Incorporated)
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {1ea397d7-76bc-11e1-a95c-78843cce4804} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {1ea39865-76bc-11e1-a95c-78843cce4804} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {1eeed60e-949b-11e1-a668-889ffadde1ab} - E:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {39929d4e-249e-11e1-bc8a-889ffadde1ab} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {39929d5b-249e-11e1-bc8a-889ffadde1ab} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {3f67d399-2580-11e1-a468-889ffadde1ab} - G:\LaunchU3.exe -a
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {557b76fa-9836-11e1-9053-78843cce4804} - F:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {a2070423-9518-11e1-8104-78843cce4804} - E:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {aefd8ef9-8090-11e1-acde-001e101f1ed9} - E:\AutoRun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {dd19bad6-f62d-11e2-a44b-889ffadde1ab} - E:\Autorun.exe
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\MountPoints2: {e6e3aa3b-24c3-11e1-a30a-889ffadde1ab} - F:\AutoRun.exe
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-09] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-09] (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
CHR HKU\S-1-5-21-2040362551-1992677624-864970315-1000\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{21F82B78-34F0-447E-AF1C-1E62054430EA}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131090029093873987&GUID=00000000-0000-0000-0000-000000000000
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131090029093873987&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131090029093973988&GUID=00000000-0000-0000-0000-000000000000
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
SearchScopes: HKLM -> DefaultScope {3737072F-5A8F-2EE6-8712-044DB87DB92A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {3737072F-5A8F-2EE6-8712-044DB87DB92A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> DefaultScope {3624F650-B084-AC23-231E-7A9E580E85EE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {3624F650-B084-AC23-231E-7A9E580E85EE} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {2DF17E1C-60E0-4309-8FAA-5276BBF0F59D} URL = hxxps://uk.search.yahoo.com/search?p={searchTerms}&intl=uk&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {54891980-DFFF-4A9B-A4DE-89364EC77B87} URL = hxxp://uk.shopping.com/?linkin_id=8056359
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {86D3D0F1-70CC-407B-8A29-F6C3243609ED} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> {CD33A181-6D1A-4985-9933-1810166F1C4C} URL = hxxp://rover.ebay.com/rover/1/710-42480-16445-15/4?satitle={searchTerms}
BHO: No Name -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-03-09] (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll [2014-01-16] (McAfee, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-02-18] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-03-09] (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-02-18] (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-2040362551-1992677624-864970315-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-22] (Google Inc.)
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
FireFox:
========
FF DefaultProfile: 7cqt8q83.default
FF ProfilePath: C:\Users\Steven\AppData\Roaming\mozilla\firefox\Profiles\7cqt8q83.default [2017-03-14]
FF user.js: detected! => C:\Users\Steven\AppData\Roaming\mozilla\firefox\Profiles\7cqt8q83.default\user.js [2015-06-13]
FF Homepage: mozilla\firefox\Profiles\7cqt8q83.default -> hxxps://www.google.co.uk
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF48 [2017-03-09]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF48 [2017-03-09]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF48
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\SafePrice\FF48
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-28] ()
FF Plugin: @java.com/DTPlugin,version=1.6.0_39 -> C:\Windows\system32\npdeployJava1.dll [2013-03-05] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-28] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1224194.dll [2016-02-19] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-02-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-02-18] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll [2014-01-16] (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-01-17] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2040362551-1992677624-864970315-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Steven\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxp://www.google.co.uk/
CHR DefaultSearchURL: Profile 1 -> hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Profile 1 -> Yahoo
CHR DefaultSuggestURL: Profile 1 -> hxxps://search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default [2016-10-25]
CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28]
CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (avast! Ad Blocker) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-11-18] [UpdateUrl: hxxps://update.adblockplus.org/avast-adblocker.xml] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-23]
CHR Extension: (Avast Online Security) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-10-12]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-23]
CHR Extension: (Yahoo Web) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-11-19]
CHR Extension: (Twitch Styler) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\odhlabjijhhjhgmfpbajmhkepfpmaogh [2015-11-29]
CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-10-12]
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-06-11]
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-03-04]
CHR Extension: (Google Docs) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-13]
CHR Extension: (Google Drive) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-02]
CHR Extension: (YouTube) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-13]
CHR Extension: (Google Search) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02]
CHR Extension: (avast! Ad Blocker) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fplhdcjmbpfkejbhngmlngaecbjmoimd [2013-11-18] [UpdateUrl: hxxps://update.adblockplus.org/avast-adblocker.xml] <==== ATTENTION
CHR Extension: (Google Docs Offline) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-05]
CHR Extension: (Avast Online Security) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-04]
CHR Extension: (Wappalyzer) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gppongmhjkpfnbhagpmjfkannfbllamg [2017-01-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-22]
CHR Extension: (Gmail) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-13]
CHR Extension: (Chrome Media Router) - C:\Users\Steven\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-11]
CHR Profile: C:\Users\Steven\AppData\Local\Google\Chrome\User Data\System Profile [2016-10-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fplhdcjmbpfkejbhngmlngaecbjmoimd] - C:\Program Files\AVAST Software\Avast\AdBlocker\Chrome\avast-adblocker-chrome.crx [2013-03-01]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-09] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-09] (AVAST Software)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-29] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NIHardwareService; C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [5352960 2011-03-09] (Native Instruments GmbH) [File not signed]
R2 PURE Flow Server; C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe [153176 2010-12-20] ()
R2 RemoteMouseService; C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe [18432 2016-06-25] () [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-01] (Intel Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-01] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [836608 2010-06-08] (Sony Corporation) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1653272 2015-07-31] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 WsDrvInst; "C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
S3 a4djavs; C:\Windows\System32\Drivers\a4djavs.sys [358480 2012-02-22] (Native Instruments GmbH)
S3 a4djavs_x64; C:\Windows\System32\Drivers\a4djavs_x64.sys [44560 2009-03-26] (Native Instruments GmbH)
S3 a4djusb_svc; C:\Windows\System32\Drivers\a4djusb.sys [97360 2012-02-22] (Native Instruments GmbH)
S3 a4djusb_x64; C:\Windows\System32\Drivers\a4djusb_x64.sys [249872 2009-03-26] (Native Instruments GmbH)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-09] (AVAST Software s.r.o.)
R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-09] (AVAST Software s.r.o.)
R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-09] (AVAST Software s.r.o.)
R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-09] (AVAST Software s.r.o.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-09] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-09] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-09] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-09] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-09] (AVAST Software)
R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 fs2_1394; C:\Windows\System32\Drivers\fs2_1394_x64.sys [183344 2007-10-09] (BridgeCo AG)
S3 fs2_avs; C:\Windows\System32\Drivers\fs2_avs_x64.sys [69168 2007-10-09] (BridgeCo AG)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-08-01] (REALiX)
R3 LoopBeMidi1; C:\Windows\System32\drivers\loopbe1.sys [13824 2011-04-09] (nerds.de)
R2 MBAMChameleon; C:\Windows\system32\drivers\MBAMChameleon.sys [176584 2017-02-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-14] (Malwarebytes)
S3 NvnUsbAudio; C:\Windows\System32\DRIVERS\nvnusbaudio.sys [54000 2014-10-17] (Novation DMS Ltd.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-04-12] ()
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33448 2015-08-01] (Synaptics Incorporated)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 ta6avs; C:\Windows\System32\Drivers\ta6avs.sys [359784 2012-12-18] (Native Instruments GmbH)
S3 ta6usb_svc; C:\Windows\System32\Drivers\ta6usb.sys [78696 2012-12-18] (Native Instruments GmbH)
S3 cpuz137; \??\C:\Users\Steven\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X] <==== ATTENTION
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-14 19:23 - 2017-03-14 19:25 - 00028088 _____ C:\Users\Steven\Downloads\FRST.txt
2017-03-14 19:22 - 2017-03-14 19:23 - 00000000 ____D C:\FRST
2017-03-14 19:22 - 2017-03-14 19:22 - 02424832 _____ (Farbar) C:\Users\Steven\Downloads\FRST64.exe
2017-03-14 19:14 - 2017-03-14 19:14 - 00000828 _____ C:\Users\Steven\Documents\'hosts'.txt
2017-03-14 19:10 - 2017-03-14 19:11 - 00388608 _____ (Trend Micro Inc.) C:\Users\Steven\Downloads\HijackThis.exe
2017-03-14 19:06 - 2017-03-14 19:06 - 00000000 ____D C:\ProgramData\SWCUTemp
2017-03-09 21:47 - 2017-03-14 19:16 - 00004172 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2017-03-09 21:47 - 2017-03-09 21:43 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys
2017-03-09 21:47 - 2017-03-09 21:43 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys
2017-03-09 21:47 - 2017-03-09 21:43 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys
2017-03-09 21:47 - 2017-03-09 21:43 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys
2017-03-09 21:46 - 2017-03-09 21:45 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2017-03-03 21:43 - 2017-03-03 21:43 - 00000000 _____ C:\Windows\SysWOW64\shoFB8F.tmp
2017-02-28 21:49 - 2017-02-28 21:55 - 95692262 _____ C:\Users\Steven\Downloads\jon_kennedy_ha_ep_jkf037_mp3.zip
2017-02-28 21:21 - 2017-02-28 21:54 - 101029136 _____ C:\Users\Steven\Downloads\Redeyes - Hey Lover [Link 2017 Re Hussle].wav
2017-02-27 19:35 - 2017-02-27 19:36 - 00221520 _____ C:\Windows\ntbtlog.txt
2017-02-23 19:51 - 2017-02-21 19:15 - 00085040 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2017-02-18 20:59 - 2017-02-18 20:59 - 00000000 _____ C:\Windows\SysWOW64\shoA986.tmp
2017-02-18 19:57 - 2017-02-18 19:57 - 00176584 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2017-02-18 19:56 - 2017-03-14 19:04 - 00251840 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-02-18 19:56 - 2017-03-04 22:27 - 00077408 _____ C:\Windows\system32\Drivers\mbae64.sys
2017-02-18 19:56 - 2017-03-04 22:27 - 00043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-02-18 19:56 - 2017-03-04 08:30 - 00110536 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2017-02-18 19:56 - 2017-02-27 19:35 - 00081696 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2017-02-18 19:56 - 2017-02-18 19:56 - 00001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-02-18 19:56 - 2017-02-18 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-02-18 19:56 - 2017-02-18 19:56 - 00000000 ____D C:\Program Files\Malwarebytes
2017-02-18 19:40 - 2017-02-18 19:43 - 55566792 _____ (Malwarebytes ) C:\Users\Steven\Downloads\mb3-setup-consumer-3.0.6.1469.exe
2017-02-13 19:34 - 2017-02-13 22:09 - 00019968 _____ C:\Users\Steven\Documents\FINANCES FEB 17.xls
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-03-14 19:21 - 2013-03-01 17:29 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys
2017-03-14 19:19 - 2016-11-17 20:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-14 19:13 - 2009-07-14 04:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-03-14 19:13 - 2009-07-14 04:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-03-14 19:11 - 2011-05-17 16:32 - 00000000 ____D C:\Users\Steven\AppData\Local\VirtualStore
2017-03-14 19:10 - 2009-07-14 05:13 - 00783464 _____ C:\Windows\system32\PerfStringBackup.INI
2017-03-14 19:10 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\inf
2017-03-14 19:08 - 2015-05-03 08:06 - 00000000 ____D C:\ProgramData\PURE Flow Server
2017-03-14 19:06 - 2016-11-18 17:52 - 00000000 ____D C:\Users\Steven\AppData\LocalLow\Mozilla
2017-03-14 19:05 - 2012-04-27 16:21 - 00000000 ____D C:\Program Files (x86)\PURE Flow Server
2017-03-14 19:03 - 2009-07-14 05:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-03-12 01:48 - 2016-03-01 12:49 - 00003898 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1456836545
2017-03-12 01:38 - 2011-09-06 17:52 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2017-03-12 01:24 - 2010-11-13 04:18 - 00000000 ____D C:\Temp
2017-03-09 22:25 - 2014-10-17 22:24 - 00000000 ____D C:\Users\Steven\AppData\Roaming\vlc
2017-03-09 21:45 - 2014-04-23 21:46 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2017-03-09 21:45 - 2014-01-03 17:40 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2017-03-09 21:45 - 2013-03-01 17:29 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148951928049401
2017-03-09 21:45 - 2013-03-01 17:29 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2017-03-09 21:45 - 2012-02-25 17:33 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2017-03-09 21:45 - 2011-09-06 17:52 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2017-03-09 21:44 - 2016-03-01 12:43 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2017-03-09 21:44 - 2011-09-06 17:52 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2017-03-09 21:35 - 2015-06-13 13:59 - 00000000 ____D C:\ProgramData\ProductData
2017-03-04 23:37 - 2016-12-24 12:06 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-03-02 19:56 - 2011-10-17 16:41 - 00000000 ____D C:\ProgramData\TEMP
2017-02-23 21:24 - 2013-07-15 02:02 - 00000000 ____D C:\Windows\system32\MRT
2017-02-23 21:17 - 2011-05-24 21:20 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-02-21 19:19 - 2015-12-29 16:29 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-02-20 11:57 - 2011-05-25 19:13 - 00000000 ____D C:\Users\Steven\AppData\Roaming\uTorrent
2017-02-18 22:58 - 2009-07-14 03:20 - 00000000 ____D C:\Windows\system32\NDF
2017-02-18 21:20 - 2013-10-03 19:52 - 00000000 ____D C:\ProgramData\Oracle
2017-02-18 21:19 - 2013-10-03 19:51 - 00000000 ____D C:\Program Files (x86)\Java
2017-02-18 21:18 - 2014-04-22 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-02-18 21:17 - 2014-12-23 08:55 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-02-18 21:14 - 2016-12-24 12:06 - 00003894 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-02-18 21:14 - 2013-02-26 17:05 - 00802904 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-02-18 21:14 - 2013-02-26 17:05 - 00144472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-18 21:13 - 2013-02-26 17:05 - 00000000 ____D C:\Windows\system32\Macromed
2017-02-18 21:13 - 2010-11-13 03:54 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-02-18 21:11 - 2011-05-23 20:13 - 00000000 ____D C:\Users\Steven\AppData\Local\Adobe
2017-02-18 21:05 - 2015-06-18 17:27 - 00000000 ____D C:\Program Files (x86)\Wise
2017-02-18 20:58 - 2011-05-17 16:32 - 00000000 ____D C:\Users\Steven
2017-02-18 19:56 - 2013-04-04 22:09 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-02-18 19:39 - 2013-04-04 21:53 - 00000000 ____D C:\Program Files (x86)\MySpace Grab
2017-02-17 19:16 - 2015-09-03 18:32 - 00000000 ____D C:\Users\Steven\AppData\Roaming\dvdcss
2017-02-12 21:31 - 2017-02-10 18:10 - 00000000 ____D C:\Users\Steven\Desktop\New Mix
==================== Files in the root of some directories =======
2013-02-03 16:04 - 2017-01-25 19:49 - 0001127 _____ () C:\Users\Steven\AppData\Roaming\buttrc
2011-06-05 19:42 - 2013-06-04 20:44 - 0007168 _____ () C:\Users\Steven\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-06-13 14:56 - 2015-10-16 19:02 - 0007598 _____ () C:\Users\Steven\AppData\Local\Resmon.ResmonCfg
2016-05-29 09:02 - 2016-05-29 09:02 - 0000000 _____ () C:\Users\Steven\AppData\Local\{B237FDFF-D177-4B91-B22A-0D526D1FB60C}
2013-08-28 17:45 - 2013-08-28 17:45 - 0000000 _____ () C:\ProgramData\3b3d36222a3c543e283a3b_c
2011-10-02 16:31 - 2011-10-02 16:31 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
Some files in TEMP:
====================
2016-11-13 19:17 - 2016-11-13 19:17 - 0737856 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-02-18 21:09 - 2017-02-18 21:09 - 0739904 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u121-windows-au.exe
2015-11-13 21:22 - 2015-11-13 21:23 - 0585824 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u65-windows-au.exe
2015-11-19 14:50 - 2015-11-19 14:50 - 0585824 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u66-windows-au.exe
2016-04-06 18:24 - 2016-04-06 18:24 - 0736320 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u77-windows-au.exe
2016-05-04 18:42 - 2016-05-04 18:42 - 0739904 _____ (Oracle Corporation) C:\Users\Steven\AppData\Local\Temp\jre-8u91-windows-au.exe
2016-04-18 18:58 - 2016-03-17 22:31 - 1114112 _____ (Microsoft Corporation) C:\Users\Steven\AppData\Local\Temp\kernel32.dll
2016-04-15 18:24 - 2016-09-27 14:41 - 0734815 _____ (Remote Mouse ) C:\Users\Steven\AppData\Local\Temp\RemoteMouse.exe
2015-09-29 07:53 - 2010-06-04 20:03 - 21779028 _____ () C:\Users\Steven\AppData\Local\Temp\VAIOScreensaverGeneric.exe
2016-07-16 12:03 - 2016-07-16 12:04 - 30533688 _____ () C:\Users\Steven\AppData\Local\Temp\vlc-2.2.4-win32.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-05-28 08:13
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-03-2017
Ran by Steven (14-03-2017 19:26:23)
Running from C:\Users\Steven\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-05-17 16:32:00)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2040362551-1992677624-864970315-500 - Administrator - Disabled)
Guest (S-1-5-21-2040362551-1992677624-864970315-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2040362551-1992677624-864970315-1002 - Limited - Enabled)
Steven (S-1-5-21-2040362551-1992677624-864970315-1000 - Administrator - Enabled) => C:\Users\Steven
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\uTorrent) (Version: 3.4.9.43295 - BitTorrent Inc.)
Ableton Live v7.0.2 (HKLM-x32\...\Ableton Live_is1) (Version: - Team AiR)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.45.2 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
Adobe PDF iFilter 11 for 64-bit platforms (HKLM\...\{BA5C0CC3-421B-4AE5-9370-1650D1941F30}) (Version: 11.0.00 - Adobe)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.4.194 - Adobe Systems, Inc.)
AIM 7 (HKLM-x32\...\AIM_7) (Version: - )
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
AnyBurn (HKLM-x32\...\AnyBurn) (Version: 3.3 - Power Software Ltd)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.115 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.368 - ArcSoft)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Audacity®, the Free, Cross-Platform Sound Editor 1.3.13 (HKLM-x32\...\Audacity®, the Free, Cross-Platform Sound Editor 1.3.13) (Version: - )
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software)
butt (HKLM-x32\...\butt) (Version: - )
Classic Menu for Office (HKLM-x32\...\{3ACF7A26-1743-4A84-85F1-2450B35925E4}) (Version: 4.50 - Addintools)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Express Burn Disc Burning Software (HKLM-x32\...\ExpressBurn) (Version: 4.98 - NCH Software)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FL Studio 10 (HKLM-x32\...\FL Studio 10) (Version: - Image-Line)
Free Brochure Maker (HKLM-x32\...\{FB36D4E2-9C07-46F9-85C9-74CBF61358C4}) (Version: 1.0.0 - Media Freeware)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2827 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{D16A2127-B927-4379-B153-3DEC091E4EEB}) (Version: 13.02.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LoopBe1 - Internal MIDI Port (HKLM-x32\...\LoopBe1) (Version: - )
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 en-GB)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1.6234 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Native Instruments Audio 4 DJ Driver (HKLM-x32\...\Native Instruments Audio 4 DJ Driver) (Version: - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Native Instruments Traktor 2 (HKLM-x32\...\Native Instruments Traktor 2) (Version: - Native Instruments)
Native Instruments Traktor Audio 6 Driver (HKLM-x32\...\Native Instruments Traktor Audio 6 Driver) (Version: - Native Instruments)
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 - Microsoft)
Novation USB Audio Driver 2.6 (HKLM\...\Novation USB Audio Driver_is1) (Version: 2.6 - Novation DMS Ltd.)
ODF Add-in for Microsoft Office (HKLM-x32\...\{54178A9B-7B4B-4B24-B863-7B44EBF28318}) (Version: 3.0.5250.0 - OpenXML/ODF Translator Team)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00 - Sony Corporation) Hidden
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180 - Sony Corporation) Hidden
PURE Flow Server (HKLM-x32\...\TwonkyMediaPURE Flow Server) (Version: 5.1.11.0 - PURE Digital)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6098 - Realtek Semiconductor Corp.)
Reason 5.0 (HKLM-x32\...\Reason5_is1) (Version: 5.0 - Propellerhead Software AB)
ReMOTE Editor (HKLM-x32\...\ReMOTE Editor_is1) (Version: - Novation DMS Ltd.)
Remote Mouse version 3.002 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 3.002 - Remote Mouse)
SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (HKLM-x32\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 3.3.00.06180 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (HKLM-x32\...\InstallShield_{1873FFC1-FDCB-47E1-B7C7-F418211E3530}) (Version: 1.3.00.06110 - Sony Corporation)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (HKLM-x32\...\InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 2.3.00.06180 - Sony Corporation)
VAIO Care (HKLM\...\{D9FFE40D-1A85-4541-992C-5EF505F391A4}) (Version: 8.4.2.12041 - Sony Corporation)
VAIO Care (x32 Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Care Recovery (HKLM\...\{6ED1750E-F44F-4635-8F0D-B76B9262B7FB}) (Version: 1.1.1.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.3.0.05310 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.4.0.05240 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.2.00.05120 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.2.1.09131 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.2.0.07020 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230 - Sony Corporation) Hidden
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.1.0.05280 - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.1.0.18210 - Sony Corporation)
VAIO Media plus (Version: 2.1.0 - Sony Corporation) Hidden
VAIO Media plus (x32 Version: 2.1.0.18210 - Sony Corporation) Hidden
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 2.1.0.13220 - Sony Corporation)
VAIO Sample Contents (HKLM-x32\...\{547C9EB4-4CA6-402F-9D1B-8BD30DC71E44}) (Version: 1.3.0.06041 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.0.06080 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.2.0.06230 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.1.0.08060 - Sony Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.5600 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 5.31 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\ChromeHTML: -> <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {04949907-1854-4F16-81DE-B286B4B2950E} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {08F5AD28-E126-4359-BEA6-6589138AA4A3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
Task: {09A3822E-974F-451A-A438-7F8CE43418F6} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {0BC76242-2760-4B35-BF0C-4A394BB615AF} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {0FA5F9AB-DA94-4E21-B33C-631BDBC7238A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000UA => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {1298FDB0-1064-4C7E-9304-FD7632CC6FE6} - System32\Tasks\GoogleUpdateTaskMachineCore1d1ea569ef24dc7 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {1D0033DD-DA78-4C5C-AC74-E7CE09F80B54} - System32\Tasks\{A9E3793D-51BF-452E-B998-A9F73ECB88A3} => pcalua.exe -a C:\PROGRA~2\NATIVE~1\TRAKTO~1\UNWISE.EXE -c C:\PROGRA~2\NATIVE~1\TRAKTO~1\INSTALL.LOG
Task: {2113F758-F147-4D29-A7FC-3FB40A1C9A38} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2015-07-31] (Sony Corporation)
Task: {2827C3FF-766F-4013-96B0-E5FCF6BC55C2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe [2017-02-18] (Adobe Systems Incorporated)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3224F72F-C488-4109-A0CA-8F3F079E31E2} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {338EF30C-8E2A-4A75-8E0F-CC4F7AE99AC2} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {36FBA130-B638-4146-9B3C-089F835C4FF5} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {41247BD9-5C79-41D8-91D4-253FB107C9A1} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {43A5BCF5-4440-4AFE-8677-9F4E1C6D0D9B} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {530FCC00-D0F5-4850-9337-CE555A24E33F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2015-08-06] (Sony Corporation)
Task: {57721B6B-97C6-4D61-B968-6CEEE9088312} - System32\Tasks\WiseCleaner\WDRSkipUAC => C:\Program Files (x86)\Wise\Wise Data Recovery\WiseDataRecovery.exe
Task: {584BE112-1E6B-4B63-B57C-C01C90D493A7} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {5A1B6DDF-07C4-4966-B4AE-E9A21AA800B7} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {5D6DF6D3-150F-4160-9AA6-5D23512BF240} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-10-25] (Sony Corporation)
Task: {604EA8FB-11EE-4944-8907-E5BFE5183995} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {655AA076-ADE3-4EBA-BB2E-6C2F6A0E02DB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {6AE83B38-EAFE-43C2-8142-7C3AD33E5ECD} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-09] (AVAST Software)
Task: {7F90AF34-AC12-4BF4-A20C-4E63D0985DDA} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {869721E4-335B-4CC5-8514-872131EEF773} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {8C64B10B-E037-4E74-9BD1-EB871462C1DA} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {8CCFE848-9615-4E6C-A99D-BE522DC8C6D8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000Core => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => %windir%\system32\srtasks.exe
Task: {A68B0481-125E-447D-9CB4-051F8267DEE8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {AD94C473-B9C3-4060-98E5-91B9391959F4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B568354C-44BC-4EBB-9C47-9D65F707043D} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {BE056B16-AADA-4FB9-BE6A-7463463087F1} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {BFE760D4-B295-4742-B7EC-13681933D127} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {E389831D-F867-457F-8B42-40E93500B2B9} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E3AD4AD9-0B15-4789-A81F-5510FA797378} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {E491A2E7-8057-494C-AEE6-B63BA932D39B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {EA9726FB-A93D-4B8A-B0EB-4B51003DB6A5} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {ED9C6BED-ED90-4393-B198-7F77D1E5B550} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-18] (Adobe Systems Incorporated)
Task: {EFE70292-57F1-45CD-88C8-BFBFF160E9DA} - System32\Tasks\SafeZone scheduled Autoupdate 1456836545 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software)
Task: {F4FBB5DF-8D56-41BA-9D1B-52B6D316FEB0} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-10-25] (Sony Corporation)
Task: {F88D6372-CD5A-4FDE-81E4-1AA138257A50} - System32\Tasks\Driver Booster SkipUAC (Steven) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FB0C07C8-3EEC-4137-9F56-305AD9A2D949} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FB6F9E83-E3DB-4FED-9867-87EBD7DA1334} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)
Task: {FD51B6C3-CC03-40FF-9DFE-2C4E7DB377DD} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ea569fb7dffe => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {FF5A47BF-A650-4DB7-A20D-05B216AD478E} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_24_0_0_221_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000Core.job => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2040362551-1992677624-864970315-1000UA.job => C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\Steven\Favorites\NCH Software Download Site.lnk -> hxxp://www.nch.com.au/index.htm
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Image-Line website.lnk -> hxxp://www.image-line.com
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Advanced\Diagnostic.lnk -> hxxp://www.image-line.com/diagnosti
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\Download Deckadance.lnk -> hxxp://www.deckadance.com
Shortcut: C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line\FL Studio 10\Additional\SynthMaker website.lnk -> hxxp://www.synthmaker.co.uk
ShortcutWithArgument: C:\Users\Steven\Desktop\Roca - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
==================== Loaded Modules (Whitelisted) ==============
2010-03-05 09:21 - 2010-03-05 09:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-12-20 18:30 - 2010-12-20 18:30 - 00153176 _____ () C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
2016-09-27 14:41 - 2016-06-25 07:52 - 00018432 _____ () C:\Program Files (x86)\Remote Mouse\RemoteMouseService.exe
2010-12-20 18:30 - 2010-12-20 18:30 - 01173080 _____ () C:\Program Files (x86)\PURE Flow Server\TwonkyMediaServer.exe
2017-02-18 19:56 - 2017-03-04 22:27 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-09 21:44 - 2017-03-09 21:44 - 00162600 _____ () c:\Program Files\AVAST Software\Avast\x64\vaarclient.dll
2017-03-09 21:45 - 2017-03-09 21:45 - 00792656 _____ () C:\Program Files\AVAST Software\Avast\x64\ffl2.dll
2012-12-27 06:17 - 2012-12-27 06:17 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2017-03-09 21:44 - 2017-03-09 21:44 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-03-09 21:45 - 2017-03-09 21:45 - 00655056 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-03-14 19:18 - 2017-03-14 19:18 - 05883392 _____ () C:\Program Files\AVAST Software\Avast\defs\17031402\algo.dll
2010-11-13 03:48 - 2010-05-31 19:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-11-13 03:48 - 2010-05-31 19:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2016-04-15 18:25 - 2015-05-26 18:54 - 00152576 _____ () C:\Program Files (x86)\Remote Mouse\FileS.dll
2016-05-11 18:29 - 2016-05-11 18:29 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\5d3fdf7962e3a154830b603096be4216\IsdiInterop.ni.dll
2010-10-12 17:14 - 2010-03-04 03:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]
AlternateDataStreams: C:\ProgramData\TEMP:D282699C [244]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2040362551-1992677624-864970315-1000\...\100sexlinks.com -> 100sexlinks.com
There are 4788 more sites.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 02:34 - 2017-01-07 11:58 - 00000828 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2040362551-1992677624-864970315-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Steven\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LoopBe1 Monitor.lnk => C:\Windows\pss\LoopBe1 Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^PURE FlowServer Tray Control.lnk => C:\Windows\pss\PURE FlowServer Tray Control.lnk.CommonStartup
MSCONFIG\startupreg: Facebook Update => "C:\Users\Steven\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: Remote Mouse => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C0FCA942-6EC2-4507-A7A4-086FD102FAEB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{C44E6472-1926-4519-AD5B-BFB1CE5C9689}] => (Allow) svchost.exe
FirewallRules: [{C161E1FB-5B7A-4738-8CA3-E79F3EF4C51E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{93939600-CBAE-4733-8F08-66A561F3A11C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{F63E3097-5455-4E95-B6FE-918D63A6505C}] => (Allow) LPort=2869
FirewallRules: [{BB9A2087-8453-4DA3-9C72-54FBF0F6389D}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{D9C3AF3C-2C8C-48A3-A684-34A5DDB514BB}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{D4EAB824-147A-4522-800A-625E2412CEC6}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{45393287-9BA8-4415-9270-EBA3E27C165D}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{6727C768-0888-4406-B695-7D5EAAE6E098}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{02D7BB25-0203-45EE-816E-AFCACF2B3899}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{88F31ED7-B9BC-48F9-8580-F529EEE8FE34}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{60884864-C56B-44A8-89DF-09FCD3257499}C:\users\steven\downloads\avionics200903-win32.exe] => (Allow) C:\users\steven\downloads\avionics200903-win32.exe
FirewallRules: [UDP Query User{7F95AB57-91B4-4B52-9776-57F64F0B90CD}C:\users\steven\downloads\avionics200903-win32.exe] => (Allow) C:\users\steven\downloads\avionics200903-win32.exe
FirewallRules: [TCP Query User{53B87689-73C4-42DA-A3ED-193B7E034297}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{6CF10685-E81E-47BE-BA44-9ED2B9CD461F}C:\program files (x86)\sopcast\sopcast.exe] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [TCP Query User{415A80FD-01E3-4EC5-99DD-95DCDEFCAE82}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{74B2B1BE-2FDF-41A7-AE37-9C5A6E1B87DD}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [{E13E6BD6-4155-42D5-A268-74ACF54BCC53}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{36557C62-E13F-4303-97C9-5C7D19BC9A6D}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserverwatchdog.exe
FirewallRules: [{A3DA8133-2876-46B4-A1E8-B2464E8166D3}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{17D6AC49-5B82-4A1F-9B22-187C6B5CE3E1}] => (Allow) C:\Program Files (x86)\PURE Flow Server\twonkymediaserver.exe
FirewallRules: [{64E4F0E0-F223-4E11-AEAA-E29252EF8C64}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
FirewallRules: [{6D71E15A-412A-417E-BC10-6939D90DE7D5}] => (Allow) C:\Program Files (x86)\AIM\aim.exe
FirewallRules: [{565C61B8-1232-45FB-AC6B-52D7E3037D8F}] => (Allow) C:\Users\Steven\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B55A8ECA-D0F0-493F-8EE5-AF4FB20C0837}] => (Allow) C:\Users\Steven\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{9084A3AB-ACBA-4A24-8F6C-1D24E1B3F9C5}] => (Allow) C:\Users\Steven\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{A51CA167-0DAE-4F90-87B6-2E3C5D9C9175}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{94C05DC7-2C6C-4549-AC9C-4AC7AF5DC079}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B01CB381-35B8-49D0-AFAE-A206ACFE1230}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{4C66CDB8-1637-4C75-9F0C-1B0167E15E5E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{6A464F57-2609-4959-99A5-2855A7A3E365}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{0FF4F580-0213-4562-90AE-EB6505819D3D}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{E5F9C38B-5173-4B1C-9EFC-30A5342D3620}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{A21AE13D-6EB4-4B0C-B7CD-8E6E95DE1F76}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{8BBFEC3A-5392-4651-B04F-BFA325AA08BA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AE28E065-0883-4AA5-96B4-49939A419EFD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C8B92B56-3EEF-42BA-983D-A09714496088}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{B6332C5C-376A-48A0-9BAE-92DA054A0057}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{0CDD1C91-33A4-478E-897F-DAD0F54A9061}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{265A19EA-D9F7-4E61-8EAF-1F85204A1E5E}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouseCore.exe
FirewallRules: [{3BC586F5-EB23-421A-A360-4856C1D0FF0F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{723323CC-9FCD-4B64-AF60-B9CE6B895EEC}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561\SZBrowser.exe
FirewallRules: [{C1B3420E-2E61-445D-838D-77887272648A}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe
==================== Restore Points =========================
23-02-2017 21:16:38 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/12/2017 11:55:17 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (03/09/2017 09:28:56 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (03/03/2017 09:43:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x000007fe8dc59db0
Faulting process id: 0xcf0
Faulting application start time: 0x01d29464bc3332d6
Faulting application path: C:\Program Files\Sony\VAIO Care\VCAgent.exe
Faulting module path: unknown
Report Id: 719768a0-005a-11e7-b773-78843cce4804
Error: (03/03/2017 09:43:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: VCAgent.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.NullReferenceException
at VCAgent.SnyUtilsBatteryCareWrapper.UnRegWnd(IntPtr)
at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
at System.Windows.Threading.ExceptionWrapper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
Error: (02/21/2017 08:47:46 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (02/19/2017 08:20:37 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (02/18/2017 09:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: flashplayer24ppau_ha_install.exe, version: 2.0.0.137, time stamp: 0x5899b2e7
Faulting module name: flashplayer24ppau_ha_install.exe, version: 2.0.0.137, time stamp: 0x5899b2e7
Exception code: 0xc0000005
Fault offset: 0x00005087
Faulting process id: 0xfc0
Faulting application start time: 0x01d28a2b3cf6a7e1
Faulting application path: C:\Users\Steven\Downloads\flashplayer24ppau_ha_install.exe
Faulting module path: C:\Users\Steven\Downloads\flashplayer24ppau_ha_install.exe
Report Id: 8178a088-f61e-11e6-9612-78843cce4804
Error: (02/17/2017 07:24:04 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (02/16/2017 10:58:01 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
Error: (02/15/2017 06:34:05 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed:
System errors:
=============
Error: (03/14/2017 07:05:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
Error: (03/12/2017 01:35:35 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The VAIO Care Performance Service service hung on starting.
Error: (03/03/2017 09:43:22 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.
Error: (03/03/2017 09:42:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C} did not register with DCOM within the required timeout.
Error: (03/03/2017 07:59:12 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The VAIO Care Performance Service service hung on starting.
Error: (02/27/2017 08:20:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 20:19:22 on 27/02/2017 was unexpected.
Error: (02/27/2017 07:58:08 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The NIHardwareService service did not shut down properly after receiving a preshutdown control.
Error: (02/27/2017 07:57:35 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Diagnostics Tracking Service service did not shut down properly after receiving a preshutdown control.
Error: (02/27/2017 07:57:02 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Group Policy Client service did not shut down properly after receiving a preshutdown control.
Error: (02/27/2017 07:35:28 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFD
aswRdr
aswRvrt
aswSnx
aswSP
aswVmm
DfsC
discache
ESProtectionDriver
HWiNFO32
NetBIOS
NetBT
nsiproxy
Psched
rdbss
spldr
tdx
vwififlt
Wanarpv6
WfpLwf
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 380 @ 2.53GHz
Percentage of memory in use: 50%
Total physical RAM: 3758.1 MB
Available physical RAM: 1875.05 MB
Total Virtual: 7514.38 MB
Available Virtual: 4990.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:452.51 GB) (Free:196.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 1B42C395)
Partition 1: (Not Active) - (Size=13.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================