Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Zero Access? Can't connect in safe mode with networking


  • This topic is locked This topic is locked
7 replies to this topic

#1 EspressoLab2015

EspressoLab2015

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:41 AM

Posted 26 April 2015 - 01:21 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2015
Ran by andrew (administrator) on ANDREW-VAIO on 26-04-2015 13:17:41
Running from C:\Users\andrew\Downloads
Loaded Profiles: andrew (Available profiles: andrew)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel® Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\btplayerctrl.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Google Inc.) C:\Users\andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\andrew\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Users\andrew\AppData\Local\Google\Chrome\Application\42.0.2311.90\nacl64.exe
(Google Inc.) C:\Users\andrew\AppData\Local\Google\Chrome\Application\42.0.2311.90\nacl64.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [vncutil] => C:\Program Files\Realtek\Audio\HDA\vncutil64.exe [562792 2011-11-08] (Realtek Semiconductor Crop.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11817576 2011-11-08] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2209896 2011-11-08] (Realtek Semiconductor)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-05-02] (Intel® Corporation)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2772264 2011-08-17] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [apmwinapp] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows  10.0\apmwinsrv.exe [66768 2013-01-16] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-09-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-06-28] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [60552 2011-09-20] (Sony Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [HFS Activator] => C:\Program Files (x86)\Paragon Software\HFS+ for Windows  10.0\activation\hfsactivator.exe [245456 2013-01-16] ()
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-07-08] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [726320 2015-04-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126712 2015-01-19] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\Run: [Google Update] => C:\Users\andrew\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-07-27] (Google Inc.)
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\Run: [Mobile Partner] => C:\Program Files (x86)\My Broadband\My Broadband
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\MountPoints2: {bef90582-ea1e-11e3-ad99-88532ec75a78} - D:\AutoRun.exe
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\MountPoints2: {bef90595-ea1e-11e3-ad99-88532ec75a78} - D:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2012-07-30]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk [2015-02-24]
ShortcutTarget: Sony MSS.lnk -> C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe (McAfee, Inc.)
BootExecute: autocheck autochk * bootdelete
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/#
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://vaioportal.sony.eu
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://sony.msn.com
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&form=SNYEDF&pc=MASE&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001 -> DefaultScope {EB757CE4-F688-4CED-90F4-60C76C49947E} URL = https://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001 -> {AA02EDF9-3BFB-4766-A9D2-982CEC5F6973} URL = http://rover.ebay.com/rover/1/710-42480-16445-33/4?mpre=http://shop.ebay.co.uk/?oemInLn=ieSrch-Q112&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001 -> {EB757CE4-F688-4CED-90F4-60C76C49947E} URL = https://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-03-29] (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2012-11-30] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29] (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2012-11-30] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius.com/download/software/win/ActiveXPlugin.cab
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-15] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-15] (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nKYbnvt3.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_0_1.dll [2012-03-29] ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2012-03-29] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll [2012-03-29] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-08] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-11-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2012-11-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-07-19] (VideoLAN)
FF Plugin HKU\S-1-5-21-1187585986-1436017002-3332587608-1001: @tools.google.com/Google Update;version=3 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-1187585986-1436017002-3332587608-1001: @tools.google.com/Google Update;version=9 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-07] (Google Inc.)
FF Extension: Avira Browser Safety - C:\Users\andrew\AppData\Roaming\Mozilla\Firefox\Profiles\nKYbnvt3.default\Extensions\abs@avira.com [2015-01-06]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - c:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-03-29]
 
Chrome: 
=======
CHR Profile: C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Bookmark Manager) - C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-16]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Skype Click to Call) - C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-01-20]
CHR Extension: (Google Wallet) - C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-06]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\andrew\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2015-01-08]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-15]
StartMenuInternet: Google Chrome - C:\Users\andrew\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 ActiveDelayDeviceService; C:\Program Files (x86)\Sony\VAIO Boot Manager\ActiveDelayDeviceService.exe [78472 2011-09-20] (Sony Corporation)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [815920 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-04-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1004280 2015-04-01] (Avira Operations GmbH & Co. KG)
S2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [182520 2015-01-19] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-15] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-15] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-05-02] ()
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2932224 2011-07-09] (PACE Anti-Piracy, Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [199272 2011-11-08] (Realtek Semiconductor)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-03-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 uCamMonitor; c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 apmwin; C:\Windows\System32\DRIVERS\apmwin.sys [50896 2013-01-16] (Paragon Software Group)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-11] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-11] (Avira Operations GmbH & Co. KG)
R0 gpt_loader; C:\Windows\System32\DRIVERS\gpt_loader.sys [60624 2013-01-16] (Paragon Software Group)
S3 Hfsplus; C:\Windows\System32\DRIVERS\hfsplus.sys [202960 2013-01-16] (Paragon Software Group)
R2 HfsplusRec; C:\Windows\System32\DRIVERS\hfsplusrec.sys [15568 2013-01-16] (Paragon Software Group)
R0 mounthlp; C:\Windows\System32\DRIVERS\mounthlp.sys [42704 2013-01-16] (Paragon Software Group)
R0 mv61xx; C:\Windows\System32\drivers\mv61xx.sys [182576 2011-04-26] (Marvell Semiconductor, Inc.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [142120 2007-04-27] (SafeNet, Inc.)
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-26 13:17 - 2015-04-26 13:17 - 00024545 _____ () C:\Users\andrew\Downloads\FRST.txt
2015-04-26 11:32 - 2015-04-26 13:17 - 00000000 ____D () C:\FRST
2015-04-26 11:31 - 2015-04-26 11:32 - 02099712 _____ (Farbar) C:\Users\andrew\Downloads\FRST64.exe
2015-04-23 12:13 - 2015-04-23 12:22 - 00017408 _____ () C:\Users\andrew\Documents\refurb_costs.xls
2015-04-22 21:54 - 2015-04-22 21:55 - 00000000 ____D () C:\Windows\rescache
2015-04-22 12:51 - 2015-01-31 11:48 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-04-22 12:51 - 2015-01-31 11:48 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-04-22 12:51 - 2015-01-31 07:56 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2015-04-22 12:50 - 2014-12-12 01:47 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-04-21 13:20 - 2015-04-21 13:20 - 00027256 _____ (Symantec Corporation) C:\Windows\system32\Drivers\FixZeroAccess.sys
2015-04-21 13:17 - 2015-04-21 13:15 - 01805736 _____ (Symantec Corporation) C:\FixZeroAccess.exe
2015-04-21 11:54 - 2014-09-05 10:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-04-21 11:54 - 2014-09-05 09:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-04-20 17:59 - 2015-04-20 17:59 - 00077924 _____ () C:\Windows\system32\bootdelete.lst
2015-04-20 17:59 - 2015-04-20 17:59 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-04-20 17:28 - 2015-04-20 17:31 - 11028616 _____ (SurfRight B.V.) C:\Users\andrew\Desktop\HitmanPro_x64 (1).exe
2015-04-20 17:17 - 2013-10-02 10:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2015-04-20 17:17 - 2013-10-02 10:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2015-04-20 17:17 - 2013-10-02 10:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2015-04-20 17:17 - 2013-10-02 09:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2015-04-20 17:17 - 2013-10-02 09:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2015-04-20 17:17 - 2013-10-02 09:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-04-20 17:17 - 2013-10-02 09:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2015-04-20 17:17 - 2013-10-02 08:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-04-20 17:17 - 2013-10-02 08:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2015-04-20 17:17 - 2013-10-02 08:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2015-04-20 17:17 - 2013-10-02 08:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-04-20 17:17 - 2013-10-02 07:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-04-20 17:17 - 2013-10-02 07:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2015-04-20 17:17 - 2013-10-02 07:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-04-20 17:17 - 2013-10-02 06:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2015-04-20 17:16 - 2012-08-23 22:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2015-04-20 17:16 - 2012-08-23 22:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2015-04-20 17:16 - 2012-08-23 19:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2015-04-20 17:16 - 2012-08-23 18:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2015-04-20 10:00 - 2015-04-20 10:00 - 00071004 _____ () C:\Users\andrew\Desktop\AVSCAN-20150420-094029-BD6D27E8.LOG
2015-04-19 21:35 - 2015-04-20 17:59 - 00000000 ____D () C:\ProgramData\HitmanPro
2015-04-19 21:07 - 2015-04-19 20:46 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\andrew\Desktop\tdsskiller.exe
2015-04-19 20:43 - 2015-04-22 13:05 - 00001064 _____ () C:\Windows\setupact.log
2015-04-19 20:43 - 2015-04-19 20:43 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-15 09:27 - 2015-04-02 08:17 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-04-15 09:27 - 2015-04-02 07:49 - 00342704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 03298816 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 02553856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 09:27 - 2015-03-25 11:24 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 09:27 - 2015-03-25 11:23 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 09:27 - 2015-03-25 11:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 09:27 - 2015-03-25 11:23 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 09:27 - 2015-03-25 11:00 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 09:27 - 2015-03-25 11:00 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 09:27 - 2015-03-25 11:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 09:27 - 2015-03-25 11:00 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 09:27 - 2015-03-25 11:00 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 09:27 - 2015-03-23 11:25 - 00769536 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 09:27 - 2015-03-23 11:25 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 09:27 - 2015-03-23 11:24 - 00957952 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 09:27 - 2015-03-23 11:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 09:27 - 2015-03-23 11:24 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 09:27 - 2015-03-23 11:24 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-04-15 09:27 - 2015-03-23 11:24 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 09:27 - 2015-03-23 11:17 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 09:27 - 2015-03-17 13:22 - 05557696 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 09:27 - 2015-03-17 13:22 - 00155576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-04-15 09:27 - 2015-03-17 13:22 - 00095672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-04-15 09:27 - 2015-03-17 13:19 - 01727904 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 09:27 - 2015-03-17 13:17 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-04-15 09:27 - 2015-03-17 13:17 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 09:27 - 2015-03-17 13:17 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-04-15 09:27 - 2015-03-17 13:16 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-04-15 09:27 - 2015-03-17 13:16 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-04-15 09:27 - 2015-03-17 13:16 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-04-15 09:27 - 2015-03-17 13:15 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-04-15 09:27 - 2015-03-17 13:15 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-04-15 09:27 - 2015-03-17 13:15 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-04-15 09:27 - 2015-03-17 13:13 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-04-15 09:27 - 2015-03-17 13:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 13:01 - 03976632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-04-15 09:27 - 2015-03-17 13:01 - 03920824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-04-15 09:27 - 2015-03-17 12:59 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-04-15 09:27 - 2015-03-17 12:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-04-15 09:27 - 2015-03-17 12:56 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-04-15 09:27 - 2015-03-17 12:56 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-04-15 09:27 - 2015-03-17 12:56 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-04-15 09:27 - 2015-03-17 12:56 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-04-15 09:27 - 2015-03-17 12:56 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-04-15 09:27 - 2015-03-17 12:56 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-04-15 09:27 - 2015-03-17 12:56 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-04-15 09:27 - 2015-03-17 12:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-04-15 09:27 - 2015-03-17 12:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 12:50 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 11:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-04-15 09:27 - 2015-03-17 11:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-04-15 09:27 - 2015-03-17 11:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 11:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 11:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-04-15 09:27 - 2015-03-17 11:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-04-15 09:27 - 2015-03-13 12:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 09:27 - 2015-03-13 12:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-04-15 09:27 - 2015-03-13 12:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-04-15 09:27 - 2015-03-13 12:09 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-04-15 09:27 - 2015-03-13 12:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 09:27 - 2015-03-13 12:08 - 00417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-04-15 09:27 - 2015-03-13 12:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-04-15 09:27 - 2015-03-13 12:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 09:27 - 2015-03-13 12:06 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-04-15 09:27 - 2015-03-13 12:00 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-04-15 09:27 - 2015-03-13 11:59 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-04-15 09:27 - 2015-03-13 11:55 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-04-15 09:27 - 2015-03-13 11:54 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-04-15 09:27 - 2015-03-13 11:54 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-04-15 09:27 - 2015-03-13 11:53 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-04-15 09:27 - 2015-03-13 11:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 09:27 - 2015-03-13 11:44 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-04-15 09:27 - 2015-03-13 11:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 09:27 - 2015-03-13 11:42 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-04-15 09:27 - 2015-03-13 11:40 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-04-15 09:27 - 2015-03-13 11:32 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-04-15 09:27 - 2015-03-13 11:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 09:27 - 2015-03-13 11:28 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-04-15 09:27 - 2015-03-13 11:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-04-15 09:27 - 2015-03-13 11:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-04-15 09:27 - 2015-03-13 11:27 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-04-15 09:27 - 2015-03-13 11:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 09:27 - 2015-03-13 11:26 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-04-15 09:27 - 2015-03-13 11:23 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-04-15 09:27 - 2015-03-13 11:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 09:27 - 2015-03-13 11:20 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-04-15 09:27 - 2015-03-13 11:20 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-04-15 09:27 - 2015-03-13 11:17 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-04-15 09:27 - 2015-03-13 11:16 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-04-15 09:27 - 2015-03-13 11:15 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-04-15 09:27 - 2015-03-13 11:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 09:27 - 2015-03-13 11:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 09:27 - 2015-03-13 11:06 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-04-15 09:27 - 2015-03-13 11:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-04-15 09:27 - 2015-03-13 11:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-04-15 09:27 - 2015-03-13 11:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-04-15 09:27 - 2015-03-13 11:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 09:27 - 2015-03-13 10:57 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-04-15 09:27 - 2015-03-13 10:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-04-15 09:27 - 2015-03-13 10:54 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-04-15 09:27 - 2015-03-13 10:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 09:27 - 2015-03-13 10:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 09:27 - 2015-03-13 10:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 09:27 - 2015-03-13 10:43 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-04-15 09:27 - 2015-03-13 10:42 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-04-15 09:27 - 2015-03-13 10:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 09:27 - 2015-03-13 10:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 09:27 - 2015-03-13 10:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 09:27 - 2015-03-13 10:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 09:27 - 2015-03-13 10:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 09:27 - 2015-03-13 10:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 09:27 - 2015-03-10 11:25 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-04-15 09:27 - 2015-03-10 11:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-04-15 09:27 - 2015-03-10 11:08 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-04-15 09:27 - 2015-03-10 11:05 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-04-15 09:27 - 2015-03-05 13:12 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-04-15 09:27 - 2015-03-05 12:05 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-04-15 09:27 - 2015-02-25 11:18 - 00754688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 09:25 - 2015-03-04 12:55 - 00367552 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2015-04-15 09:25 - 2015-03-04 12:41 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 09:25 - 2015-03-04 12:10 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-05 19:32 - 2015-04-05 19:32 - 00000000 ____D () C:\Program Files\TAP-Windows
2015-04-05 17:22 - 2015-04-05 17:22 - 00000000 ____D () C:\Users\andrew\Tracing
2015-04-04 09:33 - 2015-04-04 09:33 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 09:33 - 2015-04-04 09:33 - 00000000 ___SD () C:\Windows\system32\GWX
2015-03-27 14:35 - 2015-03-27 14:35 - 00018108 _____ () C:\Users\andrew\Desktop\Hackney Council - Processed2.html
2015-03-27 14:35 - 2015-03-27 14:35 - 00000000 ____D () C:\Users\andrew\Desktop\Hackney Council - Processed2_files
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-04-26 13:13 - 2012-03-29 16:43 - 01751588 _____ () C:\Windows\WindowsUpdate.log
2015-04-26 13:07 - 2012-07-28 19:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-26 13:07 - 2012-07-27 21:13 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187585986-1436017002-3332587608-1001UA.job
2015-04-26 11:41 - 2012-07-28 19:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-26 11:38 - 2012-07-27 21:13 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187585986-1436017002-3332587608-1001Core.job
2015-04-26 11:32 - 2009-07-14 12:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-04-26 11:32 - 2009-07-14 12:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-04-23 13:17 - 2009-07-14 13:13 - 00791562 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-23 12:33 - 2012-07-28 20:11 - 00010496 _____ () C:\Users\andrew\Desktop\todo.txt
2015-04-22 13:05 - 2009-07-14 13:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-22 12:52 - 2012-07-27 20:56 - 00000000 ____D () C:\Users\andrew\AppData\Local\Adobe
2015-04-21 13:22 - 2014-09-25 22:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-21 12:40 - 2015-03-14 04:46 - 00023040 _____ () C:\Users\andrew\Documents\kl_stuff.xls
2015-04-21 12:29 - 2012-07-30 20:58 - 00000000 ____D () C:\Users\andrew\Documents\hills
2015-04-20 17:18 - 2009-07-14 11:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-20 17:18 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2015-04-20 17:03 - 2012-03-29 17:13 - 00002201 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Smart Network.lnk
2015-04-20 16:56 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-20 16:54 - 2009-07-14 13:08 - 00032608 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-04-20 13:57 - 2012-07-28 20:11 - 00652800 _____ () C:\Users\andrew\Documents\my_rota.xls
2015-04-19 21:35 - 2010-11-21 11:47 - 00740998 _____ () C:\Windows\PFRO.log
2015-04-19 21:17 - 2014-09-25 22:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-04-19 13:29 - 2013-12-16 04:51 - 00000000 ____D () C:\Program Files (x86)\Foxtab
2015-04-19 13:21 - 2014-09-25 22:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-19 13:21 - 2012-07-30 19:10 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-19 13:03 - 2012-07-30 20:58 - 00000000 ____D () C:\Users\andrew\Documents\first post
2015-04-19 11:47 - 2012-07-31 01:21 - 00000000 ____D () C:\Users\andrew\AppData\Roaming\Skype
2015-04-17 22:44 - 2012-07-30 16:24 - 00000000 ____D () C:\Users\andrew\AppData\Roaming\vlc
2015-04-16 03:54 - 2009-07-14 11:20 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 03:22 - 2014-12-11 11:19 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 03:22 - 2014-05-07 10:00 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-16 03:06 - 2012-01-01 03:04 - 00766780 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2015-04-16 03:05 - 2013-12-19 23:22 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-16 03:02 - 2013-12-19 23:22 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-14 13:20 - 2012-07-31 23:36 - 00000000 ____D () C:\Users\andrew\AppData\Roaming\FileZilla
2015-04-14 13:20 - 2012-07-31 00:26 - 00001456 _____ () C:\Users\andrew\AppData\Local\Adobe Save for Web 13.0 Prefs
2015-04-13 18:02 - 2012-07-30 20:51 - 00000000 ____D () C:\Users\andrew\Documents\films
2015-04-13 17:45 - 2012-03-29 17:25 - 00000000 ____D () C:\ProgramData\Skype
2015-04-12 22:24 - 2012-07-30 20:59 - 00000000 ____D () C:\Users\andrew\Documents\mum
2015-04-07 10:32 - 2015-03-16 16:27 - 00027136 _____ () C:\Users\andrew\Desktop\wedding_guests.xls
2015-04-05 17:22 - 2014-03-25 20:01 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-05 17:22 - 2012-07-27 20:54 - 00000000 ____D () C:\Users\andrew
2015-04-01 16:41 - 2015-01-06 18:10 - 00000000 ____D () C:\Users\andrew\AppData\Roaming\Avira
2015-04-01 16:41 - 2015-01-06 18:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-04-01 16:41 - 2013-09-06 01:35 - 00000000 ____D () C:\ProgramData\Avira
 
==================== Files in the root of some directories =======
 
2013-03-02 01:58 - 2014-02-23 19:11 - 0000132 _____ () C:\Users\andrew\AppData\Roaming\Adobe GIF Format CS6 Prefs
2012-08-07 02:44 - 2012-08-07 02:44 - 0100436 _____ () C:\Users\andrew\AppData\Roaming\AvidLicenseControl_Install.log
2012-08-12 22:38 - 2012-08-12 22:52 - 0184438 _____ () C:\Users\andrew\AppData\Roaming\DXDriver_Install.log
2012-08-12 22:38 - 2012-08-12 22:52 - 0187786 _____ () C:\Users\andrew\AppData\Roaming\FlamethrowerDriver_Install.log
2012-08-12 22:38 - 2012-08-12 23:42 - 9701094 _____ () C:\Users\andrew\AppData\Roaming\MediaComposer_Install.log
2012-08-12 22:37 - 2012-08-12 22:51 - 0070444 _____ () C:\Users\andrew\AppData\Roaming\PACEDrivers_Install.log
2012-07-31 00:26 - 2015-04-14 13:20 - 0001456 _____ () C:\Users\andrew\AppData\Local\Adobe Save for Web 13.0 Prefs
2013-12-16 04:51 - 2013-12-16 04:51 - 0364318 _____ () C:\Users\andrew\AppData\Local\foxtab_speeddial.crx
2013-12-28 22:08 - 2013-12-28 22:08 - 0000060 _____ () C:\Users\andrew\AppData\Local\mm-device-08.ini
ZeroAccess:
C:\Users\andrew\AppData\Local\Google\Desktop\Install
 
Some content of TEMP:
====================
C:\Users\andrew\AppData\Local\Temp\avgnt.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-04-16 03:52
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2015
Ran by andrew at 2015-04-26 13:18:03
Running from C:\Users\andrew\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

617BE3497AAE458EA746 (S-1-5-21-1187585986-1436017002-3332587608-1008 - Limited - Enabled)
953559BD0A094300B1EC (S-1-5-21-1187585986-1436017002-3332587608-1006 - Limited - Enabled)
Administrator (S-1-5-21-1187585986-1436017002-3332587608-500 - Administrator - Disabled)
Guest (S-1-5-21-1187585986-1436017002-3332587608-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1187585986-1436017002-3332587608-1002 - Limited - Enabled)
andrew (S-1-5-21-1187585986-1436017002-3332587608-1001 - Administrator - Enabled) => C:\Users\andrew

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Out of date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Out of date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh (HKLM-x32\...\{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Acrobat X Standard - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-BA7E-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Audition CS5.5 (HKLM-x32\...\{D5B1535A-FDFC-4B40-B2E2-21DA83D9CB57}) (Version: 4.0 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x64) (HKLM\...\{CA6DA0CF-2852-4407-ADE2-CA6281C8CE9D}) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.21.457 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{11B4CDF3-0121-86EC-90E6-5475251BD748}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}) (Version: 2.3.0.0 - ATI Technologies Inc.)
AVCCAM Viewer 1.1E (HKLM-x32\...\{FA98716E-7E0E-493A-AF4C-CB17B324E331}) (Version: 1.1.017.1033 - Panasonic Corporation)
Avira (HKLM-x32\...\{bd538030-07d4-4999-a525-7fafa2483f56}) (Version: 1.1.30.21727 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.30.21727 - Avira Operations & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.9.504 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
Canon MP Navigator EX 4.0 (HKLM-x32\...\MP Navigator EX 4.0) (Version: - )
Canon XF MPEG2 Decoder (HKLM-x32\...\Canon XF MPEG2 Decoder) (Version: 1.0.0.7 - Canon Inc.)
Canon XF Plugin 64 for Avid Media Access (HKLM-x32\...\Canon XF Plugin 64 for Avid Media Access) (Version: 2.0.1.3 - Canon Inc.)
Canon XF Plugin 64 for Avid Media Access Instruction Manual (HKLM-x32\...\Canon XF Plugin 64 for Avid Media Access Instruction Manual) (Version: 2.0.0.2 - Canon Inc.)
Canon XF Utility (HKLM-x32\...\Canon XF Utility) (Version: 1.0.0.16 - Canon Inc.)
CanoScan LiDE 210 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq4809) (Version: - Canon Inc.)
Control ActiveX Windows Live Mesh pentru conexiuni la distanță (HKLM-x32\...\{260E3D78-94E6-47EC-8E29-46301572BB1E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Crossword Compiler 9 Demo (HKLM-x32\...\Crossword Compiler 9 Demo) (Version: - WordWeb Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
FBReader for Windows (HKLM-x32\...\FBReader for Windows) (Version: - )
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Gmail Backup (HKLM-x32\...\gmailbackup) (Version: - )
Google Chrome (HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\Google Chrome) (Version: 42.0.2311.90 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Intel PROSet Wireless (x32 Version: - ) Hidden
Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® 3.0 + High Speed (HKLM\...\{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}) (Version: 1.1.0.0157 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology (HKLM\...\{0EF86E06-C755-4C6F-8E47-2528D0546C0A}) (Version: 1.1.1.0581 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.7.0.1001 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version: - )
Intel® Wireless Display (HKLM-x32\...\{025055FC-779B-42F3-95A5-F6926B2964EF}) (Version: 2.0.31.0 - Intel Corporation)
iTunes (HKLM\...\{33E28B58-7BA0-47B7-AA01-9225ABA2B8A9}) (Version: 11.3.0.54 - Apple Inc.)
Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
Java™ 6 Update 27 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416027FF}) (Version: 6.0.270 - Oracle)
Java™ 6 Update 27 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216027FF}) (Version: 6.0.270 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
License Support (HKLM-x32\...\InstallShield_{3165EA9B-36CC-499B-96FF-36FC30E10EF4}) (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.)
License Support (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office XP Professional with FrontPage (HKLM-x32\...\{90280409-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Broadband (HKLM-x32\...\My Broadband) (Version: 1.11.01.1055 - Huawei Technologies Co.,Ltd)
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Paragon HFS+ for Windows™ 10.0 (HKLM-x32\...\{456534C0-51E7-11DF-B336-005056C00008}) (Version: 1.00 - Paragon Software)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PYV_x86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6353 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Sentinel Protection Installer 7.4.0 (HKLM-x32\...\{5A180ED5-0AC1-410A-B790-5E0319CD0A93}) (Version: 7.4.0 - SafeNet, Inc.)
Sibelius Scorch (ActiveX Only) (HKLM-x32\...\{868291A4-229E-4795-B0B0-E60E87AF53CD}) (Version: 6.2.0 - Sibelius Software)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.2.5 - Synaptics Incorporated)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TrackID™ with BRAVIA (x32 Version: 1.2.0.09270 - Sony Corportaion) Hidden
TriDef 3D (Sony) 2.0.5 (HKLM-x32\...\experience-sony-bundle) (Version: 2.0.5 - Dynamic Digital Depth Australia Pty Ltd)
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi (HKLM-x32\...\{241E7104-937A-4366-AD57-8FDDDB003939}) (Version: 15.4.5722.2 - Microsoft Corporation)
V3DPx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - TrackID™ with BRAVIA (HKLM-x32\...\{2F41EF61-A066-4EBF-84F8-21C1B317A780}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO 3D Portal (HKLM-x32\...\{C14EAE86-C526-4E00-B245-CFF86233C3D2}) (Version: 1.2.0.10131 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 5.1.0.09300 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.8.0.09210 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.8.0.09210 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 2.4.1.09230 - Sony Corporation)
VAIO Gate (x32 Version: 2.4.1.09230 - Sony Corporation) Hidden
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 2.5.1.09230 - Sony Corporation)
VAIO Hero Screensaver - Fall 2011 Screensaver (HKLM-x32\...\VAIO Hero Screensaver - Fall 2011 Screensaver) (Version: - )
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO Improvement Validation (HKLM\...\{75C95C84-264F-4CC7-8A7E-346444E6C7C1}) (Version: 1.0.4.01190 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.5.0.09200 - Sony Corporation)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.10.2.08270 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.6.0.09220 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VBMx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Microsoft) Hidden
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{5B0E60DB-7741-412F-88B3-E6975D30D019}) (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{C2AF7B2D-7018-414B-9B8B-D3C9F3BED04F}) (Version: 1.1.0.0929 - PACE Anti-Piracy, Inc.)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Windows Driver Package - Marvell Inc. (mv61xx) SCSIAdapter (04/14/2011 1.2.0.8200) (HKLM\...\C1D2FA6BB8577E6F8207F5B2119EB95ABEB25681) (Version: 04/14/2011 1.2.0.8200 - Marvell Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger (HKLM-x32\...\{09B7C7EB-3140-4B5E-842F-9C79A7137139}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Meshin etäyhteyksien ActiveX-komponentti (HKLM-x32\...\{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις (HKLM-x32\...\{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Елемент керування Windows Live Mesh ActiveX для віддалених підключень (HKLM-x32\...\{6756D5CA-3E31-4308-9BF0-79DFD1AF196E}) (Version: 15.4.5722.2 - Microsoft Corporation)
Основи Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотоколекція Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Элемент управления Windows Live Mesh ActiveX для удаленных подключений (HKLM-x32\...\{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}) (Version: 15.4.5722.2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

22-04-2015 21:55:00 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 10:34 - 2014-08-21 10:16 - 00000759 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {07CE62C2-DC58-48DC-A041-035D51F2952A} - System32\Tasks\Sony Corporation\VAIO Improvement Validation\VAIO Improvement Validation => C:\Program Files\Sony\VAIO Improvement Validation\viv.exe [2011-01-20] (Sony Corporation)
Task: {188738FE-BC9F-49CA-AAEE-C6CF885FF3D5} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {1D6FBB30-2770-4249-A778-D9ED48AB4E60} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-28] (Google Inc.)
Task: {2B460647-AE4B-4A1E-949B-2D2B49A7FE1A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-02] (Apple Inc.)
Task: {2C2C5276-81CC-4688-9007-5ACB00C202AA} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {2EB0E9A5-9AF4-4781-8FCA-20F0AC7E3271} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {2FA9F803-914A-4887-A16F-A8DBC8679B12} - System32\Tasks\AdobeAAMUpdater-1.0-andrew-vaio-andrew => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {3620308B-28CF-4370-836E-1B5F82381EFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187585986-1436017002-3332587608-1001Core => C:\Users\andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {36F7D2E1-84D3-41D2-AD60-23E0FE40FA79} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {41947A1D-B5DA-4CBA-8BCC-0EB918BC3436} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-07-28] (Google Inc.)
Task: {4DA5DB48-B86A-4E80-8343-23B9B631A5AD} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => net
Task: {4E091C91-68A1-4A00-83CC-81F3E253D00A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-09-30] (Sony Corporation)
Task: {50287C67-EEE2-4068-B522-5E4B1C8E5ED3} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-09-20] (Sony Corporation)
Task: {503F62E7-BFD8-4C10-80D4-CC91E91809A8} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {56E5F8B5-D54E-4F63-9C18-9FE24AFEDBBD} - System32\Tasks\Sony Corporation\VAIO Update\VUSU Trigger Task => C:\Program Files\Sony\VAIO Update\VUSUTrigger.exe [2014-03-01] (Sony Corporation)
Task: {5CC2F868-DDF3-4D28-9345-1E39467DB9A3} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {680FFFE1-27C4-4402-BC44-D3878BA97F46} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {7D7BD0A6-8BEF-4606-861B-CD442EF06ECE} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-09-30] (Sony Corporation)
Task: {91175AB7-73FF-44F8-A6FA-F95EC8DDFC1C} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {95DDE268-9C8C-42E2-BA3E-7356B7768876} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-25] (Microsoft Corporation)
Task: {9862A891-82C9-41A4-8993-FBC3AB050710} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {9AB2DC9E-5916-429E-9133-783DB748487D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {A83273B9-1673-4431-A170-E48A1CF4DA05} - System32\Tasks\{8044D216-04F7-4B6B-AC4B-F0AF549AE14A} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{7C7BC722-BB95-4A6E-9373-DA706D83430B}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {B48C910B-EB60-4D7F-9C38-540B358695D5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1187585986-1436017002-3332587608-1001UA => C:\Users\andrew\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-27] (Google Inc.)
Task: {B6C364B7-0B0E-4C3E-B46C-775D543FFE00} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-25] (Microsoft Corporation)
Task: {BBC6E017-E0AF-494F-A643-84DB16B87C3C} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-03-01] (Sony Corporation)
Task: {C106EEE2-315F-49FD-BEFD-A7A6288C2953} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-09-20] (Sony Corporation)
Task: {C534CE43-CAB5-44FE-8A1E-914C8D2CB282} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2011-09-21] (Sony Corporation)
Task: {CF53A6D6-A4BD-457A-9210-4D6F9F2B49F0} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {EDA94002-1AF0-4FAC-9B9F-4F98E12235EE} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {F2F52A6D-A34D-4119-A7AA-5DEFFB26D540} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-09-27] (Sony Corporation)
Task: {FA12649D-D7DE-4549-994F-4B372057BE2E} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-09-20] (Sony Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187585986-1436017002-3332587608-1001Core.job => C:\Users\andrew\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1187585986-1436017002-3332587608-1001UA.job => C:\Users\andrew\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2011-05-02 20:41 - 2011-05-02 20:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2011-03-14 23:27 - 2011-03-14 23:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2012-01-01 02:32 - 2011-10-07 11:08 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-05-02 20:41 - 2011-05-02 20:41 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
2011-04-12 08:04 - 2011-04-12 08:04 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-09-02 08:59 - 2011-09-02 08:59 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-08-06 21:27 - 2012-08-06 21:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 21:27 - 2012-08-06 21:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-07-03 20:20 - 2014-07-03 20:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-03 20:19 - 2014-07-03 20:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-03-29 17:12 - 2011-09-30 00:14 - 00021128 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2014-10-20 09:54 - 2014-10-20 09:54 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\26d9cda99453ec65e75f40d20f0ab77c\IsdiInterop.ni.dll
2012-01-01 03:12 - 2011-06-28 05:30 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2015-04-15 14:15 - 2015-04-14 05:55 - 01252680 _____ () C:\Users\andrew\AppData\Local\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-15 14:15 - 2015-04-14 05:55 - 00080712 _____ () C:\Users\andrew\AppData\Local\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-15 14:15 - 2015-04-14 05:55 - 14980424 _____ () C:\Users\andrew\AppData\Local\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:9wR0F85fOsmNu5QYMZu1m69Dd
AlternateDataStreams: C:\ProgramData\Microsoft:mquTcuCdcNjmSp3yZWnE
AlternateDataStreams: C:\Users\andrew\AppData\Local\Temporary Internet Files:yADPhTc39AocPNm6UTiukgUBCS

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\andrew\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/26/2015 00:13:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030

Error: (04/26/2015 00:13:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030

Error: (04/26/2015 00:13:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/22/2015 01:06:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.OE.Systray.exe, version: 1.1.30.21735, time stamp: 0x54bce4be
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18798, time stamp: 0x5507b485
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x106c
Faulting application start time: 0xAvira.OE.Systray.exe0
Faulting application path: Avira.OE.Systray.exe1
Faulting module path: Avira.OE.Systray.exe2
Report Id: Avira.OE.Systray.exe3

Error: (04/22/2015 01:06:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.Systray.Program.Main(System.String[])

Error: (04/22/2015 01:06:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/22/2015 01:06:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/22/2015 01:05:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2015 01:05:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/22/2015 00:52:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.OE.Systray.exe, version: 1.1.30.21735, time stamp: 0x54bce4be
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18798, time stamp: 0x5507b485
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x119c
Faulting application start time: 0xAvira.OE.Systray.exe0
Faulting application path: Avira.OE.Systray.exe1
Faulting module path: Avira.OE.Systray.exe2
Report Id: Avira.OE.Systray.exe3


System errors:
=============
Error: (04/22/2015 10:14:59 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:59 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:59 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:49 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:49 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:49 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:39 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.

Error: (04/22/2015 10:14:29 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk1\DR2, has a bad block.


Microsoft Office Sessions:
=========================
Error: (04/26/2015 00:13:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030

Error: (04/26/2015 00:13:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030

Error: (04/26/2015 00:13:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/22/2015 01:06:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.30.2173554bce4beKERNELBASE.dll6.1.7601.187985507b485e04343520000c42d106c01d07cba15d0016dC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dll5465d328-e8ad-11e4-968d-d8e865d87b3e

Error: (04/22/2015 01:06:27 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.Systray.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.Systray.Program.Main(System.String[])

Error: (04/22/2015 01:06:17 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/22/2015 01:06:06 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/22/2015 01:05:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/22/2015 01:05:49 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.OE.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Xml.XmlException
Stack:
at System.Xml.XmlTextReaderImpl.Throw(System.Exception)
at System.Xml.XmlTextReaderImpl.ParseDocumentContent()
at System.Xml.XmlTextReaderImpl.Read()
at System.Xml.XmlLoader.Load(System.Xml.XmlDocument, System.Xml.XmlReader, Boolean)
at System.Xml.XmlDocument.Load(System.Xml.XmlReader)
at System.Xml.XmlDocument.Load(System.String)
at Avira.OE.WinCore.OeSharedSettingsAccessor.LoadXmlDocumentFromFile()
at Avira.OE.WinCore.OeSharedSettingsAccessor.Get(System.String)
at Avira.OE.WinCore.OeProductInfo.get_Culture()
at Avira.OE.WinCore.Utility.CultureSetter.SetDefaultCultureDefinedInAppsettings()
at Avira.OE.ServiceHost.ServiceHost.SetDefaultCulture()
at Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)
at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
at System.Threading.ThreadPoolWorkQueue.Dispatch()
at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/22/2015 00:52:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Avira.OE.Systray.exe1.1.30.2173554bce4beKERNELBASE.dll6.1.7601.187985507b485e04343520000c42d119c01d07cb82be9079cC:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exeC:\Windows\syswow64\KERNELBASE.dll6aca3285-e8ab-11e4-ba59-5442499ae39a


==================== Memory info ===========================

Processor: Intel® Core™ i7-2640M CPU @ 2.80GHz
Percentage of memory in use: 35%
Total physical RAM: 8107.8 MB
Available physical RAM: 5194 MB
Total Pagefile: 11481.24 MB
Available Pagefile: 7879.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:102.16 GB) (Free:2.39 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 30688D79)
Partition 1: (Not Active) - (Size=17 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=102.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Attached Files


Edited by Oh My!, 03 May 2015 - 08:15 PM.


BC AdBot (Login to Remove)

 


#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,760 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:41 PM

Posted 01 May 2015 - 01:25 AM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/574431 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new FRST log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download FRST by Farbar from the following link if you no longer have it available and save it to your destop.

    FRST Download Link

  • When you go to the above page, there will be 32-bit and 64-bit downloads available. Please click on the appropriate one for your version of Windows. If you are unsure as to whether your Windows is 32-bit or 64-bit, please see this tutorial.
  • Double click on the FRST icon and allow it to run.
  • Agree to the usage agreement and FRST will open. Do not make any changes and click on the Scan button.
  • Notepad will open with the results.
  • Post the new logs as explained in the prep guide.
  • Close the program window, and delete the program from your desktop.


As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,956 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:41 AM

Posted 03 May 2015 - 08:22 PM

Greetings EspressoLab2015 and :welcome: to BleepingComputer's Virus/Trojan/Spyware/Malware Removal forum.

My name is Oh My! and I am here to help you! Now that we are "friends" please call me Gary.

If you would allow me to call you by your first name I would prefer to do that. :thumbup2:

===================================================

Ground Rules:
  • First, I would like to inform you that most of us here at Bleeping Computer offer our expert assistance out of the goodness of our hearts. Please try to match our commitment to you with your patience toward us. If this was easy we would never have met. :)
  • Please do not run any tools or take any steps other than those I will provide for you while we work on your computer together. I need to be certain about the state of your computer in order to provide appropriate and effective steps for you to take. Most often "well intentioned" (and usually panic driven!) independent efforts can make things much worse for both of us. If at any point you would prefer to take your own steps please let me know, I will not be offended. I would be happy to focus on the many others who are waiting in line for assistance.
  • Please perform all steps in the order they are listed in each set of instructions. Some steps may be a bit complicated. If things are not clear, be sure to stop and let me know. We need to work on this together with confidence.
  • Please copy and paste all logs into your post unless directed otherwise. Please do not re-run any programs I suggest. If you encounter problems simply stop and tell me.
  • When you post your reply, use the Replytopic.jpg button instead.
  • In the upper right hand corner of the topic you will see the Followtopic.jpg button. Click on this then choose Immediate E-Mail notification and then Proceed and you will be sent an email once I have posted a response.
  • If you do not reply to your topic after 5 days we assume it has been abandoned and I will close it.
  • When your computer is clean I will alert you of such. I will also provide for you detailed information about how you can combat future infections.
  • I would like to remind you to make no further changes to your computer unless I direct you to do so.
  • Now let's get started :thumbup2:
===================================================

Now that I am assisting you, you can expect that I will be very responsive to your situation. If you are able, I would request you check this thread at least once per day so that we can try to resolve your issues effectively and efficiently. If you are going to be delayed please be considerate and post that information so that I know you are still with me. Unfortunately, there are many people waiting to be assisted and not enough of us at BleepingComputer to go around. I appreciate your understanding and diligence.

Thank you for your patience thus far. You are able to access the Internet in Normal Boot buy not Safe Mode?

Please move FRST.exe from your Downloads folder to the Desktop.

===================================================

Farbar's Recovery Scan Tool - Run Fix in Normal or Safe Mode

--------------------
  • Press the Windows key Windows_Logo_key.gif + r on your keyboard at the same time. Type in notepad and press Enter
  • Please copy and paste the contents of the below code box into the open notepad and save it to your desktop (<<<Important) as fixlist.txt
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\MountPoints2: {bef90582-ea1e-11e3-ad99-88532ec75a78} - D:\AutoRun.exe
HKU\S-1-5-21-1187585986-1436017002-3332587608-1001\...\MountPoints2: {bef90595-ea1e-11e3-ad99-88532ec75a78} - D:\AutoRun.exe
Toolbar: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
S2 uCamMonitor; c:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
C:\Users\andrew\AppData\Local\Google\Desktop\Install
C:\Users\andrew\AppData\Local\Temp\avgnt.exe
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1187585986-1436017002-3332587608-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\andrew\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
AlternateDataStreams: C:\ProgramData\Microsoft:9wR0F85fOsmNu5QYMZu1m69Dd
AlternateDataStreams: C:\ProgramData\Microsoft:mquTcuCdcNjmSp3yZWnE
AlternateDataStreams: C:\Users\andrew\AppData\Local\Temporary Internet Files:yADPhTc39AocPNm6UTiukgUBCS
  • Launch FRST and press the Fix button just once and wait, the program will automatically launch fixlist.txt.
  • The tool will create a log on the desktop called Fixlog.txt. Please copy and paste the contents of the file in your reply.
===================================================

AdwCleaner by Xplode - Delete Adware

-------------------
  • Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browser
  • Double click on AdwCleaner.exe, click Run, then select I agree if it appears
  • Click Scan
  • Once the scan has completed youi will see Pending. Please check elements you don't want to remove above the progress bar
  • Click on Clean
  • Confirm the cleaning and rebooting of your computer by clicking OK
  • Your computer will be rebooted automatically. A text file will open after the restart
  • Copy and paste the contents in your reply
  • You can also find the logfile at C:\AdwCleaner\AdwCleaner.txt
===================================================

Junkware Removal Tool by thisisu

-------------------
  • Please download Junkware Removal Tool and save it to your desktop.
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply
===================================================

System Summary Information

--------------------
  • Press the windows key Windows_Logo_key.gif + r on your keyboard at the same time
  • Type msinfo32 and press Enter
  • Left click on System Summary
  • Click File, Save, and name the file Summary
  • Zip and attach the file to your reply
===================================================

Things I would like to see in your next reply. Please be sure to copy and paste any requested log information unless you are asked to attach it. :thumbsup2:
  • Fixlog
  • AdwCleaner log
  • Junkware log
  • System Summary Information
  • Update on computer performance

Edited by Oh My!, 03 May 2015 - 08:24 PM.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#4 EspressoLab2015

EspressoLab2015
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:01:41 AM

Posted 05 May 2015 - 10:54 AM

Hi Gary

 

Thanks very much for your help, it's really good of you. Please call me David.

 

Working through the steps you advise, there is problem with the third one, Junkware Removal Tool. When I run it, I get an error message which says "Non 7z archive."

 

I disabled my antivirus software first, and ran JRT as administrator.

 

 

David



#5 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,956 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:41 AM

Posted 06 May 2015 - 09:37 AM

Hi David,

I was waiting for you to post the other reports but maybe you were waiting for me. Post what you have so far.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#6 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,956 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:41 AM

Posted 08 May 2015 - 09:26 AM

Hi David,

Might you have some report information for me to review?
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#7 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,956 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:41 AM

Posted 09 May 2015 - 07:16 AM

Greetings,

===================================================

3 Day Bump

It has been more than 3 days since my last post.
  • Do you still need help with this?
  • If after 48hrs you have not replied to this thread then it will have to be closed.

Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."

#8 Oh My!

Oh My!

    Adware and Spyware and Malware.....


  • Malware Response Instructor
  • 37,956 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:California
  • Local time:09:41 AM

Posted 11 May 2015 - 07:35 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
Gary
 
If I do not reply within 24 hours please send me a Personal Message.

"Lord, to whom would we go? You have the words that give eternal life. We believe, and we know you are the Holy One of God."




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users