Cavollin

Members
  • Content Count

    1
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Cavollin

  • Rank
    Newbie
  1. I have the adware virus on my PC and can't get rid of it. I am using Bullguard Antivirus Software and it keeps notifying me that it's blocked a file but when I do a scan there's nothing there. I followed the advice about using Adaware and FRST and have the following logs: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-10-2014 01 Ran by Peter (administrator) on PETELAPTOP on 29-10-2014 21:34:40 Running from C:\Users\Peter\Downloads Loaded Profile: Peter (Available profiles: Peter) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe (McAfee, Inc.) C:\Windows\System32\mfevtps.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe (Interesting Solutions) C:\ProgramData\ikywDunA\TcfDqlLSP.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe (Smartbar) C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktop.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe () C:\Users\Peter\AppData\Local\Smartbar\Application\Lrcnta.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor) HKLM\...\Run: [bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.) HKLM\...\Run: [bullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [1327440 2014-09-17] (BullGuard Ltd.) HKLM\...\Run: [bullGuardUpdate2] => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2934096 2014-09-17] (BullGuard Ltd.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated) HKLM\...\Run: [] => [X] HKLM\...\Run: [AdAwareTray] => C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] () HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation) HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKU\S-1-5-21-6291103-1562209069-332868272-1001\...\Run: [browser Infrastructure Helper] => C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar) HKU\S-1-5-21-6291103-1562209069-332868272-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-09] (Adobe Systems Incorporated) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.) ShellIconOverlayIdentifiers: [backupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.) ShellIconOverlayIdentifiers: [backupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.) ShellIconOverlayIdentifiers: [backupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hEiOCFCQr1iY4IG2RmHx21LR-p7pgNrH3PItSYcsP3XaK0SJ_Ncmg5Hhb1wkff6Q1Ysc6o8rIGFFExe2j50LQzEj3O6bcWeKc, HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms} SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms} SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms} SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms} BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254 FireFox: ======== FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default FF Homepage: https://msds.open.ac.uk/signon/SAMSDefault/SAMS001_Default.aspx?nsh=2&URL=hxxp://www.open.ac.uk/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel) FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel) FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\searchplugins\.xml FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\searchplugins\Web Search.xml FF Extension: Astromenda New Tab - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\Extensions\{849ded12-59e9-4dae-8f86-918b70d213dc} [2014-07-24] FF Extension: Yahoo Community Smartbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\Extensions\{ee7dfc84-90db-55e1-38c7-80c2c257a0a1} [2014-09-10] FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-18] FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\[email protected] FF Extension: BullGuard Safe Browsing - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\[email protected] [2014-07-23] FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.) R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [744784 2014-09-17] (BullGuard Ltd.) R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [556880 2014-09-17] (BullGuard Ltd.) R2 BsCache; C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll [157520 2014-09-17] (BullGuard Ltd.) R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [421200 2014-09-17] (BullGuard Ltd.) R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [777040 2014-09-17] (BullGuard Ltd.) R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [750416 2014-09-17] (BullGuard Ltd.) R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [524112 2014-09-17] (BullGuard Ltd.) R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [281424 2014-09-17] (BullGuard Ltd.) R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [384848 2014-10-29] (BullGuard Ltd.) R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation) R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation) R2 LavasoftAdAwareService11; C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] () S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-05] (Microsoft Corporation) S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] () <==== ATTENTION S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.) R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-15] (McAfee, Inc.) S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.) R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-15] (McAfee, Inc.) S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-05] (Microsoft Corporation) S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation) R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-10-01] (IBM Corp.) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation) S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation) R2 TcfDqlLSP; C:\ProgramData\ikywDunA\TcfDqlLSP.exe [2321776 2014-10-08] (Interesting Solutions) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-05] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-05] (Microsoft Corporation) R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 AFW; C:\Windows\system32\DRIVERS\afw.sys [41680 2014-09-08] (Agnitum Ltd.) R3 afwcore; C:\Windows\system32\DRIVERS\afwcore.sys [469712 2014-09-08] (Agnitum Ltd.) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation) R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [117184 2014-05-15] (BullGuard Ltd.) R3 BdNet; C:\Windows\system32\DRIVERS\BdNet.sys [34384 2014-03-19] (BullGuard Ltd.) R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [67680 2014-02-26] (BullGuard Ltd.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-15] (McAfee, Inc.) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-15] (McAfee, Inc.) R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-15] (McAfee, Inc.) R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-15] (McAfee, Inc.) R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-15] (McAfee, Inc.) R1 NovaShieldFilterDriver; C:\Windows\System32\DRIVERS\NSKernel.sys [259312 2014-09-17] (BullGuard Ltd.) R4 RapportCerberus_80049; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80049.sys [768184 2014-09-01] () R1 RapportCerberus_80055; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80055.sys [761720 2014-10-29] () R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445880 2014-10-01] (IBM Corp.) R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [289656 2014-10-01] (IBM Corp.) R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [534104 2014-10-01] (IBM Corp.) R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557656 2014-10-01] (IBM Corp.) R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-07-23] () R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated) R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-05] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-29 21:34 - 2014-10-29 21:35 - 00024022 _____ () C:\Users\Peter\Downloads\FRST.txt 2014-10-29 20:10 - 2014-10-29 21:34 - 00000000 ____D () C:\FRST 2014-10-29 20:09 - 2014-10-29 20:09 - 02113536 _____ (Farbar) C:\Users\Peter\Downloads\FRST64.exe 2014-10-29 19:06 - 2014-10-29 19:06 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Lavasoft 2014-10-29 19:04 - 2014-10-29 19:04 - 00002227 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk 2014-10-29 19:04 - 2014-10-29 19:04 - 00000000 ____D () C:\Users\Peter\Desktop\Antimalware Engine 2014-10-29 19:04 - 2014-10-29 19:04 - 00000000 ____D () C:\Users\Peter\Desktop\Ad-Aware Antivirus 2014-10-29 19:04 - 2014-10-29 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft 2014-10-29 19:02 - 2014-10-29 19:02 - 01754248 _____ () C:\Users\Peter\Downloads\Adaware_Installer(1).exe 2014-10-29 19:01 - 2014-10-29 19:01 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\LavasoftStatistics 2014-10-29 19:00 - 2014-10-29 19:00 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft 2014-10-29 18:59 - 2014-10-29 18:59 - 01754248 _____ () C:\Users\Peter\Downloads\Adaware_Installer.exe 2014-10-29 18:59 - 2014-10-29 18:59 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-10-29 18:46 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll 2014-10-29 18:46 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll 2014-10-29 18:46 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2014-10-29 18:46 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2014-10-29 18:43 - 2014-10-29 18:43 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-10-29 18:43 - 2014-10-29 18:43 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-10-29 18:43 - 2014-10-29 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-10-29 18:43 - 2014-10-29 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-10-29 18:33 - 2014-10-29 18:33 - 00153712 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BgGamingMonitor.dll.PendingBullGuardUpdate 2014-10-29 18:33 - 2014-10-29 18:33 - 00140280 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BgGamingMonitor.dll.PendingBullGuardUpdate 2014-10-29 18:33 - 2014-10-29 18:33 - 00076624 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BGLsp.dll.PendingBullGuardUpdate 2014-10-29 18:33 - 2014-10-29 18:33 - 00064336 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BGLsp.dll.PendingBullGuardUpdate 2014-10-29 17:23 - 2014-10-29 17:23 - 00000480 _____ () C:\WINDOWS\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD 2014-10-29 16:45 - 2014-10-29 16:45 - 00000000 ____D () C:\Users\Cav\AppData\Local\InstaShare 2014-10-29 15:52 - 2014-10-29 15:52 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Macromedia 2014-10-29 15:52 - 2014-10-29 15:52 - 00000000 ____D () C:\Users\Cav\AppData\Local\Macromedia 2014-10-29 15:51 - 2014-10-29 15:51 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Mozilla 2014-10-29 15:51 - 2014-10-29 15:51 - 00000000 ____D () C:\Users\Cav\AppData\Local\Sony Corporation 2014-10-29 15:51 - 2014-10-29 15:51 - 00000000 ____D () C:\Users\Cav\AppData\Local\Mozilla 2014-10-29 15:47 - 2014-10-29 16:47 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\BullGuard 2014-10-29 15:47 - 2014-10-29 15:47 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Apple Computer 2014-10-29 15:47 - 2014-10-29 15:47 - 00000000 ____D () C:\Users\Cav\AppData\Local\Broadcom 2014-10-29 15:46 - 2014-10-29 17:19 - 00000000 ____D () C:\Users\Cav 2014-10-29 15:46 - 2014-10-29 15:49 - 00000000 ____D () C:\Users\Cav\AppData\Local\Packages 2014-10-29 15:46 - 2014-10-29 15:46 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Adobe 2014-10-29 15:46 - 2014-10-29 15:46 - 00000000 ____D () C:\Users\Cav\AppData\Local\VirtualStore 2014-10-29 15:46 - 2014-09-01 10:41 - 00000000 ____D () C:\Users\Cav\AppData\Local\Trusteer 2014-10-29 15:46 - 2014-08-04 17:43 - 00000000 ____D () C:\Users\Cav\AppData\Local\Microsoft Help 2014-10-20 23:01 - 2014-10-20 23:01 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Oracle 2014-10-20 22:44 - 2014-10-29 18:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2014-10-16 14:42 - 2014-10-22 14:27 - 00000000 ____D () C:\WINDOWS\Minidump ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-29 21:34 - 2014-09-18 14:25 - 00000000 ____D () C:\ProgramData\Browser 2014-10-29 21:34 - 2014-07-23 22:31 - 00000000 ____D () C:\ProgramData\BullGuard 2014-10-29 21:32 - 2014-08-04 17:55 - 01703065 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-29 21:26 - 2014-09-23 11:47 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{25B7D16F-84AD-4412-9E1E-7CA06D213979} 2014-10-29 21:15 - 2014-07-24 22:09 - 00000314 _____ () C:\WINDOWS\Tasks\UpdaterEX.job 2014-10-29 21:09 - 2014-07-24 22:09 - 00000314 _____ () C:\WINDOWS\Tasks\Astromenda.job 2014-10-29 21:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-10-29 20:57 - 2014-07-23 23:39 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-10-29 20:32 - 2014-07-23 22:20 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-6291103-1562209069-332868272-1001 2014-10-29 18:59 - 2014-07-24 20:07 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-10-29 18:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-10-29 18:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-10-29 18:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-10-29 18:59 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-10-29 18:36 - 2014-08-04 18:04 - 00000000 ___DO () C:\Users\Peter\OneDrive 2014-10-29 18:34 - 2014-03-18 10:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-10-29 18:18 - 2014-07-24 23:49 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-10-29 18:18 - 2013-11-17 01:14 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Sony Corporation 2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 __RSD () C:\WINDOWS\Media 2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries 2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-10-29 18:18 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep 2014-10-29 18:17 - 2014-09-10 15:46 - 00000000 ____D () C:\Users\Peter\AppData\Local\LPT 2014-10-29 18:16 - 2014-09-11 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-10-29 18:16 - 2014-09-11 10:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-10-29 18:16 - 2014-09-11 10:25 - 00000000 ____D () C:\Program Files\iTunes 2014-10-29 18:16 - 2014-09-11 10:25 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-10-29 18:16 - 2014-08-20 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-10-29 18:16 - 2014-08-03 19:53 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-10-29 18:16 - 2014-08-03 19:52 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-10-29 18:16 - 2014-07-24 20:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works 2014-10-29 18:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared 2014-10-29 18:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration 2014-10-29 17:50 - 2014-09-11 10:25 - 00000000 ____D () C:\Program Files\iPod 2014-10-29 17:50 - 2014-08-03 19:52 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-10-29 17:48 - 2014-08-20 15:58 - 00000000 ____D () C:\Program Files (x86)\Java 2014-10-29 17:26 - 2014-08-19 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection 2014-10-29 17:23 - 2013-11-17 01:29 - 00000000 ____D () C:\ProgramData\MOCP 2014-10-29 17:22 - 2014-08-04 17:38 - 00000000 ____D () C:\Users\Peter 2014-10-29 17:21 - 2014-08-04 17:49 - 00000224 _____ () C:\WINDOWS\system32\config\afw_hm.conf 2014-10-29 17:21 - 2014-08-04 17:49 - 00000004 _____ () C:\WINDOWS\system32\config\afw_db.conf 2014-10-29 17:21 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-20 23:00 - 2014-08-20 15:59 - 00000000 ____D () C:\ProgramData\Oracle 2014-10-16 09:10 - 2014-08-20 09:35 - 00000000 ____D () C:\Users\Peter\AppData\Local\Adobe 2014-10-16 06:56 - 2014-07-24 20:09 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-10-08 15:00 - 2013-11-17 01:11 - 00000000 ____D () C:\ProgramData\Sony Corporation 2014-10-08 15:00 - 2013-11-17 00:15 - 00000000 ____D () C:\Program Files\Sony 2014-10-08 14:53 - 2014-09-10 15:49 - 00000000 ____D () C:\ProgramData\InstaShare 2014-10-01 17:49 - 2014-07-23 22:15 - 00000000 ____D () C:\Update 2014-10-01 12:42 - 2014-08-19 11:20 - 00534104 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys 2014-10-01 12:42 - 2014-08-19 11:20 - 00289656 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys 2014-09-29 22:45 - 2013-08-22 15:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-09-29 22:45 - 2013-08-22 15:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-29 18:54 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2014 01 Ran by Peter at 2014-10-29 21:35:48 Running from C:\Users\Peter\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: BullGuard Antivirus (Disabled - Out of date) {C3CCAC61-52F7-A056-1860-6406566E2578} AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B} AS: BullGuard Antispyware (Disabled - Out of date) {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: BullGuard Firewall (Enabled) {FBF72D44-1898-A10E-333F-CD33A8BD6203} FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft) AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden BullGuard Internet Security (HKLM\...\BullGuard) (Version: 14.1 - BullGuard Ltd.) Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.) Digital Guitar Tuner 2.3 (HKLM-x32\...\Digital Guitar Tuner 2.3_is1) (Version: - ) Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden InstaShare (HKLM-x32\...\InstaShare) (Version: 3.0.11 - Interesting Solutions) Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41800) (Version: 3.8.0.41800.66 - Intel) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation) Intel® PROSet/Wireless NFC Software (HKLM\...\Intel® PROSet/Wireless NFC Software) (Version: 1.0.1.003 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation) Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation) iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.) Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla) My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation) Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Rapport (x32 Version: 3.5.1404.19 - Trusteer) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.) Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee) SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.1 - Synaptics Incorporated) Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.19 - Trusteer) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation) VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation) VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation) VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation) VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation) VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation) VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation) VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation) VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation) VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation) VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden VIx64 (Version: 1.0.0 - Sony Corporation) Hidden VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation) WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent) WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Yahoo Community Smartbar (HKLM-x32\...\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION Yahoo Community Smartbar Engine (HKCU\...\{506c9c15-0910-4979-8dbf-3bf8842a3b9c}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-6291103-1562209069-332868272-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-6291103-1562209069-332868272-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel) CustomCLSID: HKU\S-1-5-21-6291103-1562209069-332868272-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel) ==================== Restore Points ========================= 11-10-2014 04:11:38 Scheduled Checkpoint 16-10-2014 06:44:18 Windows Update 20-10-2014 22:47:13 Installed Java 7 Update 71 28-10-2014 19:42:38 Scheduled Checkpoint 29-10-2014 17:43:22 Restore Operation ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {093506AE-52BE-4ED8-954A-86C3E547F60F} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation) Task: {0A29134F-3F25-4757-AD18-BD43CDFCE317} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {0A89B474-1848-4188-BDF6-14883073D489} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-14] (Synaptics Incorporated) Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0F9D6E18-ECDA-45AA-94AC-746B5198F35F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2360FD85-B12E-44B1-9EB7-0D9F2CB134D2} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation) Task: {2B14FD53-2670-4E7C-91E7-3D27C52F2C7B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {34725EC3-7AB1-4531-A133-B253814BE070} - System32\Tasks\UpdaterEX => C:\Users\Peter\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {37609AE9-0464-4718-A654-EBF7FBF268AD} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION Task: {37BA836C-D977-4F87-9E5A-B894B959960A} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION Task: {38A9AA1E-2C90-4ACD-A3BC-78A3CF8F33DB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3E77146C-A8D5-4790-BD1F-A55A222B9D59} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-12] (Microsoft Corporation) Task: {3E85AB91-DFD8-4342-B69F-615FA0622250} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation) Task: {478ABF89-822D-455D-A96E-39D19088AAD9} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {4D716CD3-1DA8-4816-8ABB-9BFE4D99723E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation) Task: {535A6A0F-E161-45F5-BBD1-4A5A096EBC1B} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {6164A5EF-B73C-4FDE-9C63-99B9FE89736F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe Task: {62E13480-4010-46F3-8898-E4F9C6D3EE93} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DE7A30C-0EA8-4857-9361-EF8E315FFE8B} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {79186A4D-22F2-4547-A669-18FFC8544145} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient Task: {79C6C90C-44D6-4DEF-8D7C-CA4757645F59} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.) Task: {7E6B6ECF-1283-40D4-A510-60EBC5A0F85A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {859A034D-216A-441F-B154-5E77F8258757} - System32\Tasks\Astromenda => C:\Users\Peter\AppData\Roaming\ASTROM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8ACF677D-85CC-48CB-A790-A9FDA1B81F0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9280E404-1A56-4A71-92A7-26B6E0DC8402} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation) Task: {9B2E93C0-755F-4EF8-8256-C65123F9135D} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-03-01] (Sony Corporation) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {B089EDF0-26F8-4CC7-B037-FA65C211AC3E} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs" Task: {B5E93F74-9440-4CAC-9677-A2B100D70CFE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {BBCDFA76-675B-4190-B2FF-E2DD64F6AB2E} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {BD10E4E4-E94C-48D2-80DC-153AB3C90067} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {CB75BB73-FFEF-4102-B1AB-073892DE1167} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation) Task: {D6320FE1-4D4D-489D-957D-52621ECE1769} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E1812EFD-0539-4B99-BA1C-5942ACF11084} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation) Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F513633E-9775-4BFF-86CD-D9EB9F77C1FD} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation) Task: {FA9D916C-B822-41A6-94F2-1DF50C684E02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated) Task: {FFBC1265-7F97-401C-8A3B-C7C461A9E984} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\Astromenda.job => C:\Users\Peter\AppData\Roaming\ASTROM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Peter\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION ==================== Loaded Modules (whitelisted) ============= 2014-10-20 22:15 - 2014-09-17 12:30 - 00613200 _____ () c:\program files\bullguard ltd\bullguard\SQLite.dll 2014-10-20 22:15 - 2014-09-17 12:30 - 00084304 _____ () c:\program files\bullguard ltd\bullguard\zlib1.dll 2014-10-20 22:15 - 2014-09-17 12:30 - 00653136 _____ () c:\program files\bullguard ltd\bullguard\LibXml2.dll 2014-10-20 22:15 - 2014-09-17 12:30 - 00653136 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll 2014-09-17 12:30 - 2014-09-17 12:30 - 00021832 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BullGuardBhvScannerRes.dll 2012-12-14 14:27 - 2012-12-14 14:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll 2014-10-20 22:15 - 2014-09-17 12:30 - 00084304 _____ () C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll 2014-09-17 12:31 - 2014-09-17 12:30 - 00028488 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BackupShellNamespaceRes.dll 2014-10-20 22:15 - 2014-09-17 12:30 - 00613200 _____ () C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll 2014-09-17 12:31 - 2014-09-17 12:30 - 00275784 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpBackupRes.dll 2014-09-17 12:31 - 2014-09-17 12:30 - 00013128 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpInspectorRes.dll 2014-09-17 12:30 - 2014-09-17 12:30 - 00033096 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpMainRes.dll 2014-09-17 12:30 - 2014-09-17 12:30 - 00064848 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LIBBZ2.dll 2013-11-19 09:21 - 2013-11-19 09:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe 2014-10-15 14:03 - 2014-10-15 14:03 - 08925504 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe 2014-10-15 14:03 - 2014-10-15 14:03 - 03396400 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\RCF.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00123744 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00024408 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00055648 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00103768 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00500056 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00033624 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02132800 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00066872 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00869712 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00811328 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\Localization.dll 2014-10-15 13:37 - 2014-10-15 13:37 - 00707888 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe 2014-10-15 14:03 - 2014-10-15 14:03 - 12459344 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00788824 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00734536 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02185560 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00813896 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00098624 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00120128 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00952152 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00869224 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01108808 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00250696 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00989016 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00212824 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01172816 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01281344 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll 2014-10-15 14:04 - 2014-10-15 14:04 - 00035160 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00976728 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01092440 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00229200 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00893768 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00845136 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 03096912 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02887504 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01067344 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01290584 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01004352 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00343880 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 02787160 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01264960 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01004864 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00957256 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 01179496 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 00154944 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 16893248 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktop.exe 2014-10-15 14:03 - 2014-10-15 14:03 - 00451440 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_program_options-vc100-mt-1_55.dll 2014-10-15 14:03 - 2014-10-15 14:03 - 09304408 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktopDefaultSkin.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00025088 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Lrcnta.exe 2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll 2014-10-11 12:05 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00052224 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00087552 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srau.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00167424 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 02426880 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00068608 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\spbl.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00160256 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00015872 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\siem.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00069120 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\sppsm.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00698368 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00016384 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00080384 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00028672 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00071680 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srut.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00031232 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srsbs.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00067072 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00152064 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smti.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00075264 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smsp.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00011776 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\sidc.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00032256 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smtu.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00040448 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smta.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00032768 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srom.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00049152 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srbu.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00025600 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\sgml.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00063488 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00026624 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srpdm.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00045056 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\MACTrackBarLib.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00036864 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll 2014-08-27 15:29 - 2014-08-27 15:29 - 00257024 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srns.dll 2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll 2013-11-17 00:58 - 2013-01-23 09:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2014-10-29 18:43 - 2014-10-28 02:01 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-10-29 18:37 - 2014-10-29 18:37 - 01187696 _____ () C:\ProgramData\ikywDunA\dat\BShqPuXnSSd.dll 2014-08-27 15:28 - 2014-08-27 15:28 - 00034816 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\lrcnt.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Peter\OneDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk" HKLM\...\StartupApproved\Run32: => "mcpltui_exe" ========================= Accounts: ========================== Administrator (S-1-5-21-6291103-1562209069-332868272-500 - Administrator - Disabled) Guest (S-1-5-21-6291103-1562209069-332868272-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-6291103-1562209069-332868272-1003 - Limited - Enabled) Peter (S-1-5-21-6291103-1562209069-332868272-1001 - Administrator - Enabled) => C:\Users\Peter ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/29/2014 09:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 09:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 08:53:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 08:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 08:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 08:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 08:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 08:15:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 07:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (10/29/2014 07:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP) Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (10/29/2014 09:30:57 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable Error: (10/29/2014 09:30:56 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable Error: (10/29/2014 09:21:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable Error: (10/29/2014 09:21:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable Error: (10/29/2014 08:53:32 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable Error: (10/29/2014 08:51:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable Error: (10/29/2014 08:51:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable Error: (10/29/2014 08:50:26 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable Error: (10/29/2014 08:50:23 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable Error: (10/29/2014 08:39:35 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable Microsoft Office Sessions: ========================= ==================== Memory info =========================== Processor: Intel® Core i3-3227U CPU @ 1.90GHz Percentage of memory in use: 69% Total physical RAM: 3974.8 MB Available physical RAM: 1215.18 MB Total Pagefile: 4870.8 MB Available Pagefile: 1817.86 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:670.99 GB) (Free:625.11 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (Size: 698.6 GB) (Disk ID: 0B9808E3) Partition: GPT Partition Type. ==================== End Of Log ============================