Sign in to follow this  
Cavollin

Adware Linkury M

Recommended Posts

I have the adware virus on my PC and can't get rid of it.

 

I am using Bullguard Antivirus Software and it keeps notifying me that it's blocked a file but when I do a scan there's nothing there.

 

I followed the advice about using Adaware and FRST and have the following logs:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-10-2014 01
Ran by Peter (administrator) on PETELAPTOP on 29-10-2014 21:34:40
Running from C:\Users\Peter\Downloads
Loaded Profile: Peter (Available profiles: Peter)
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\WLTRYSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Broadcom Corporation) C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\BCMWLTRY.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
(Interesting Solutions) C:\ProgramData\ikywDunA\TcfDqlLSP.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Smartbar) C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\Files32\Spamfilter\LittleHook.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(BullGuard Ltd.) C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
() C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
() C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktop.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
() C:\Users\Peter\AppData\Local\Smartbar\Application\Lrcnta.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1381744 2014-02-11] (Realtek Semiconductor)
HKLM\...\Run: [bluetooth] => C:\Program Files\WIDCOMM\Bluetooth Software\bttray.exe [526704 2012-12-14] (Broadcom Corporation.)
HKLM\...\Run: [bullGuard] => C:\Program Files\BullGuard Ltd\BullGuard\BullGuard.exe [1327440 2014-09-17] (BullGuard Ltd.)
HKLM\...\Run: [bullGuardUpdate2] => c:\program files\bullguard ltd\bullguard\BullGuardUpdate2.exe [2934096 2014-09-17] (BullGuard Ltd.)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3039984 2013-03-14] (Synaptics Incorporated)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe [8925504 2014-10-15] ()
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [740376 2013-02-06] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [intel AppUp® center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-02-19] (Intel Corporation)
HKLM-x32\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [644656 2013-08-17] (McAfee, Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKU\S-1-5-21-6291103-1562209069-332868272-1001\...\Run: [browser Infrastructure Helper] => C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.exe [29696 2014-08-27] (Smartbar)
HKU\S-1-5-21-6291103-1562209069-332868272-1001\...\RunOnce: [FlashPlayerUpdate] => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_152_Plugin.exe [854192 2014-09-09] (Adobe Systems Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Parental Controls.lnk
ShortcutTarget: McAfee Parental Controls.lnk -> C:\Program Files\McAfeeEx\MOCP\core\OcpTray.exe (McAfee, Inc.)
ShellIconOverlayIdentifiers: [backupOverlayErr] -> {8749448C-D907-45BF-A842-4D3898894AC8} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [backupOverlayInProgress] -> {3FFBF330-7839-476B-BE14-2C8597CE11B6} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.)
ShellIconOverlayIdentifiers: [backupOverlaySynced] -> {C62CF4DB-48CB-4B03-BFD0-30A29125FA49} => C:\Program Files\BullGuard Ltd\BullGuard\BackupShellHook.dll (BullGuard Ltd.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hEiOCFCQr1iY4IG2RmHx21LR-p7pgNrH3PItSYcsP3XaK0SJ_Ncmg5Hhb1wkff6Q1Ysc6o8rIGFFExe2j50LQzEj3O6bcWeKc,
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM - {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL =
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRbkHo3StK2q0U14moCf-ET1EM4uwmcoMATQkmlVwBWWdVGryqIMc6si1nzHfDqCF8PyjIaEhvSO-ShVsAdbRug9J49PRNNQk-of5xlpkw6BUX8hIolNQybQarHa66w7fQFHGAqyhNpjZszQzfUIZL20w81tjmg9Ry3xcsXynntMTK3pBIasYd1synn8l0F7MwVcqmFzp5w5RJjA,&q={searchTerms}
BHO: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\Sony\MSS\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Yahoo Community Smartbar (by Linkury)Engine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Yahoo Community Smartbar (by Linkury) - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default

FF Homepage: https://msds.open.ac.uk/signon/SAMSDefault/SAMS001_Default.aspx?nsh=2&URL=hxxp://www.open.ac.uk/

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.13.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\Sony\MSS\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\searchplugins\.xml
FF SearchPlugin: C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\searchplugins\Web Search.xml
FF Extension: Astromenda New Tab - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\Extensions\{849ded12-59e9-4dae-8f86-918b70d213dc} [2014-07-24]
FF Extension: Yahoo Community Smartbar - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\Extensions\{ee7dfc84-90db-55e1-38c7-80c2c257a0a1} [2014-09-10]
FF Extension: Adblock Plus - C:\Users\Peter\AppData\Roaming\Mozilla\Firefox\Profiles\imzox43u.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-18]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\[email protected]
FF Extension: BullGuard Safe Browsing - C:\Program Files\BullGuard Ltd\BullGuard\Files32\Antiphishing\FF\[email protected] [2014-07-23]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 BsBackup; C:\Program Files\BullGuard Ltd\BullGuard\BsBackup.dll [744784 2014-09-17] (BullGuard Ltd.)
R2 BsBhvScan; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardBhvScanner.exe [556880 2014-09-17] (BullGuard Ltd.)
R2 BsCache; C:\Program Files\BullGuard Ltd\BullGuard\BsCache.dll [157520 2014-09-17] (BullGuard Ltd.)
R2 BsFileScan; c:\program files\bullguard ltd\bullguard\BsFileScan.dll [421200 2014-09-17] (BullGuard Ltd.)
R2 BsFire; c:\program files\bullguard ltd\bullguard\BsFire.dll [777040 2014-09-17] (BullGuard Ltd.)
R2 BsMailProxy; c:\program files\bullguard ltd\bullguard\BsMailProxy\BsMailProxy.dll [750416 2014-09-17] (BullGuard Ltd.)
R2 BsMain; C:\Program Files\BullGuard Ltd\BullGuard\BsMain.dll [524112 2014-09-17] (BullGuard Ltd.)
R2 BsScanner; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardScanner.exe [281424 2014-09-17] (BullGuard Ltd.)
R2 BsUpdate; C:\Program Files\BullGuard Ltd\BullGuard\BullGuardUpdate.exe [384848 2014-10-29] (BullGuard Ltd.)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129824 2013-01-23] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166688 2013-01-23] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
R2 LavasoftAdAwareService11; C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe [707888 2014-10-15] ()
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-08-05] (Microsoft Corporation)
S2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34304 2014-08-27] () <==== ATTENTION
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 McOobeSv2; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 McSchedulerSvc; C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe [328928 2013-07-30] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [219272 2013-11-15] (McAfee, Inc.)
S3 mfeicfcoreocp; C:\Program Files\McAfeeEx\MOCP\core\mfeicfcore.exe [2782392 2013-12-31] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [182752 2013-11-15] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-08-05] (Microsoft Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-02-06] (Sony Corporation)
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [1919256 2014-10-01] (IBM Corp.)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R2 TcfDqlLSP; C:\ProgramData\ikywDunA\TcfDqlLSP.exe [2321776 2014-10-08] (Interesting Solutions)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-08-05] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-08-05] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwltry.exe [6070272 2013-03-14] (Broadcom Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AFW; C:\Windows\system32\DRIVERS\afw.sys [41680 2014-09-08] (Agnitum Ltd.)
R3 afwcore; C:\Windows\system32\DRIVERS\afwcore.sys [469712 2014-09-08] (Agnitum Ltd.)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [6971056 2013-03-14] (Broadcom Corporation)
R1 BdAgent; C:\Windows\System32\DRIVERS\BdAgent.sys [117184 2014-05-15] (BullGuard Ltd.)
R3 BdNet; C:\Windows\system32\DRIVERS\BdNet.sys [34384 2014-03-19] (BullGuard Ltd.)
R1 BdSpy; C:\Windows\System32\drivers\BdSpy.sys [67680 2014-02-26] (BullGuard Ltd.)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179792 2013-11-15] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [311120 2013-11-15] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [519576 2013-11-15] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [782360 2013-11-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [343696 2013-11-15] (McAfee, Inc.)
R1 NovaShieldFilterDriver; C:\Windows\System32\DRIVERS\NSKernel.sys [259312 2014-09-17] (BullGuard Ltd.)
R4 RapportCerberus_80049; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80049.sys [768184 2014-09-01] ()
R1 RapportCerberus_80055; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_80055.sys [761720 2014-10-29] ()
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [445880 2014-10-01] (IBM Corp.)
R0 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [289656 2014-10-01] (IBM Corp.)
R0 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [534104 2014-10-01] (IBM Corp.)
R1 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [557656 2014-10-01] (IBM Corp.)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2014-07-23] ()
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33008 2013-03-14] (Synaptics Incorporated)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-07-10] (BitDefender S.R.L.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-08-05] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 21:34 - 2014-10-29 21:35 - 00024022 _____ () C:\Users\Peter\Downloads\FRST.txt
2014-10-29 20:10 - 2014-10-29 21:34 - 00000000 ____D () C:\FRST
2014-10-29 20:09 - 2014-10-29 20:09 - 02113536 _____ (Farbar) C:\Users\Peter\Downloads\FRST64.exe
2014-10-29 19:06 - 2014-10-29 19:06 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Lavasoft
2014-10-29 19:04 - 2014-10-29 19:04 - 00002227 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-10-29 19:04 - 2014-10-29 19:04 - 00000000 ____D () C:\Users\Peter\Desktop\Antimalware Engine
2014-10-29 19:04 - 2014-10-29 19:04 - 00000000 ____D () C:\Users\Peter\Desktop\Ad-Aware Antivirus
2014-10-29 19:04 - 2014-10-29 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-10-29 19:02 - 2014-10-29 19:02 - 01754248 _____ () C:\Users\Peter\Downloads\Adaware_Installer(1).exe
2014-10-29 19:01 - 2014-10-29 19:01 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\LavasoftStatistics
2014-10-29 19:00 - 2014-10-29 19:00 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-10-29 18:59 - 2014-10-29 18:59 - 01754248 _____ () C:\Users\Peter\Downloads\Adaware_Installer.exe
2014-10-29 18:59 - 2014-10-29 18:59 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-10-29 18:46 - 2014-09-13 06:29 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-29 18:46 - 2014-09-13 05:49 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-29 18:46 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-29 18:46 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-29 18:43 - 2014-10-29 18:43 - 00001167 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-10-29 18:43 - 2014-10-29 18:43 - 00001155 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-29 18:43 - 2014-10-29 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-29 18:43 - 2014-10-29 18:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-29 18:33 - 2014-10-29 18:33 - 00153712 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BgGamingMonitor.dll.PendingBullGuardUpdate
2014-10-29 18:33 - 2014-10-29 18:33 - 00140280 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BgGamingMonitor.dll.PendingBullGuardUpdate
2014-10-29 18:33 - 2014-10-29 18:33 - 00076624 _____ (BullGuard Ltd.) C:\WINDOWS\system32\BGLsp.dll.PendingBullGuardUpdate
2014-10-29 18:33 - 2014-10-29 18:33 - 00064336 _____ (BullGuard Ltd.) C:\WINDOWS\SysWOW64\BGLsp.dll.PendingBullGuardUpdate
2014-10-29 17:23 - 2014-10-29 17:23 - 00000480 _____ () C:\WINDOWS\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-10-29 16:45 - 2014-10-29 16:45 - 00000000 ____D () C:\Users\Cav\AppData\Local\InstaShare
2014-10-29 15:52 - 2014-10-29 15:52 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Macromedia
2014-10-29 15:52 - 2014-10-29 15:52 - 00000000 ____D () C:\Users\Cav\AppData\Local\Macromedia
2014-10-29 15:51 - 2014-10-29 15:51 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Mozilla
2014-10-29 15:51 - 2014-10-29 15:51 - 00000000 ____D () C:\Users\Cav\AppData\Local\Sony Corporation
2014-10-29 15:51 - 2014-10-29 15:51 - 00000000 ____D () C:\Users\Cav\AppData\Local\Mozilla
2014-10-29 15:47 - 2014-10-29 16:47 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\BullGuard
2014-10-29 15:47 - 2014-10-29 15:47 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Apple Computer
2014-10-29 15:47 - 2014-10-29 15:47 - 00000000 ____D () C:\Users\Cav\AppData\Local\Broadcom
2014-10-29 15:46 - 2014-10-29 17:19 - 00000000 ____D () C:\Users\Cav
2014-10-29 15:46 - 2014-10-29 15:49 - 00000000 ____D () C:\Users\Cav\AppData\Local\Packages
2014-10-29 15:46 - 2014-10-29 15:46 - 00000000 ____D () C:\Users\Cav\AppData\Roaming\Adobe
2014-10-29 15:46 - 2014-10-29 15:46 - 00000000 ____D () C:\Users\Cav\AppData\Local\VirtualStore
2014-10-29 15:46 - 2014-09-01 10:41 - 00000000 ____D () C:\Users\Cav\AppData\Local\Trusteer
2014-10-29 15:46 - 2014-08-04 17:43 - 00000000 ____D () C:\Users\Cav\AppData\Local\Microsoft Help
2014-10-20 23:01 - 2014-10-20 23:01 - 00000000 ____D () C:\Users\Peter\AppData\Roaming\Oracle
2014-10-20 22:44 - 2014-10-29 18:16 - 00000000 ____D () C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2014-10-16 14:42 - 2014-10-22 14:27 - 00000000 ____D () C:\WINDOWS\Minidump

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-29 21:34 - 2014-09-18 14:25 - 00000000 ____D () C:\ProgramData\Browser
2014-10-29 21:34 - 2014-07-23 22:31 - 00000000 ____D () C:\ProgramData\BullGuard
2014-10-29 21:32 - 2014-08-04 17:55 - 01703065 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-29 21:26 - 2014-09-23 11:47 - 00003934 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{25B7D16F-84AD-4412-9E1E-7CA06D213979}
2014-10-29 21:15 - 2014-07-24 22:09 - 00000314 _____ () C:\WINDOWS\Tasks\UpdaterEX.job
2014-10-29 21:09 - 2014-07-24 22:09 - 00000314 _____ () C:\WINDOWS\Tasks\Astromenda.job
2014-10-29 21:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-29 20:57 - 2014-07-23 23:39 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-29 20:32 - 2014-07-23 22:20 - 00003590 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-6291103-1562209069-332868272-1001
2014-10-29 18:59 - 2014-07-24 20:07 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-29 18:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-29 18:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-29 18:59 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-29 18:59 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-29 18:36 - 2014-08-04 18:04 - 00000000 ___DO () C:\Users\Peter\OneDrive
2014-10-29 18:34 - 2014-03-18 10:03 - 00863592 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-29 18:18 - 2014-07-24 23:49 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-29 18:18 - 2013-11-17 01:14 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Sony Corporation
2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-29 18:18 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-29 18:18 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-29 18:17 - 2014-09-10 15:46 - 00000000 ____D () C:\Users\Peter\AppData\Local\LPT
2014-10-29 18:16 - 2014-09-11 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-10-29 18:16 - 2014-09-11 10:25 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-10-29 18:16 - 2014-09-11 10:25 - 00000000 ____D () C:\Program Files\iTunes
2014-10-29 18:16 - 2014-09-11 10:25 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-10-29 18:16 - 2014-08-20 15:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-29 18:16 - 2014-08-03 19:53 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-29 18:16 - 2014-08-03 19:52 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-10-29 18:16 - 2014-07-24 20:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-10-29 18:16 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-29 18:01 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\registration
2014-10-29 17:50 - 2014-09-11 10:25 - 00000000 ____D () C:\Program Files\iPod
2014-10-29 17:50 - 2014-08-03 19:52 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-10-29 17:48 - 2014-08-20 15:58 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-29 17:26 - 2014-08-19 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2014-10-29 17:23 - 2013-11-17 01:29 - 00000000 ____D () C:\ProgramData\MOCP
2014-10-29 17:22 - 2014-08-04 17:38 - 00000000 ____D () C:\Users\Peter
2014-10-29 17:21 - 2014-08-04 17:49 - 00000224 _____ () C:\WINDOWS\system32\config\afw_hm.conf
2014-10-29 17:21 - 2014-08-04 17:49 - 00000004 _____ () C:\WINDOWS\system32\config\afw_db.conf
2014-10-29 17:21 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-20 23:00 - 2014-08-20 15:59 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-16 09:10 - 2014-08-20 09:35 - 00000000 ____D () C:\Users\Peter\AppData\Local\Adobe
2014-10-16 06:56 - 2014-07-24 20:09 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-08 15:00 - 2013-11-17 01:11 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-10-08 15:00 - 2013-11-17 00:15 - 00000000 ____D () C:\Program Files\Sony
2014-10-08 14:53 - 2014-09-10 15:49 - 00000000 ____D () C:\ProgramData\InstaShare
2014-10-01 17:49 - 2014-07-23 22:15 - 00000000 ____D () C:\Update
2014-10-01 12:42 - 2014-08-19 11:20 - 00534104 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportKE64.sys
2014-10-01 12:42 - 2014-08-19 11:20 - 00289656 _____ (IBM Corp.) C:\WINDOWS\system32\Drivers\RapportHades64.sys
2014-09-29 22:45 - 2013-08-22 15:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-29 22:45 - 2013-08-22 15:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-29 18:54

==================== End Of Log ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-10-2014 01
Ran by Peter at 2014-10-29 21:35:48
Running from C:\Users\Peter\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: BullGuard Antivirus (Disabled - Out of date) {C3CCAC61-52F7-A056-1860-6406566E2578}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: BullGuard Antispyware (Disabled - Out of date) {78AD4D85-74CD-AFD8-22D0-5F742DE96FC5}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: BullGuard Firewall (Enabled) {FBF72D44-1898-A10E-333F-CD33A8BD6203}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{6D1428BD-E5F2-4378-B620-E7442E7C2BFB}_AdAwareUpdater) (Version: 11.4.6792.0 - Lavasoft)
AdAwareInstaller (Version: 11.4.6792.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.4.6792.0 - Lavasoft) Hidden
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Behind The Reflection 2: Witch's Revenge (x32 Version: 3.0.2.32 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
BullGuard Internet Security (HKLM\...\BullGuard) (Version: 14.1 - BullGuard Ltd.)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2529 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6201.52 - CyberLink Corp.)
Digital Guitar Tuner 2.3 (HKLM-x32\...\Digital Guitar Tuner 2.3_is1) (Version: - )
Enchanted Cavern 2 (x32 Version: 2.2.0.110 - WildTangent) Hidden
ESDL (x32 Version: 1.0.0 - Sony Corporation) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
InstaShare (HKLM-x32\...\InstaShare) (Version: 3.0.11 - Interesting Solutions)
Intel AppUp® center (HKLM-x32\...\Intel AppUp® center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1281 - Intel Corporation)
Intel® PROSet/Wireless NFC Software (HKLM\...\Intel® PROSet/Wireless NFC Software) (Version: 1.0.1.003 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417013FF}) (Version: 7.0.130 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
McAfee Parental Controls (HKLM-x32\...\MOCP) (Version: 3.2.226.1 - McAfee, Inc.)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
My Kingdom for the Princess 3 (x32 Version: 2.2.0.110 - WildTangent) Hidden
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.02.14060 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Rapport (x32 Version: 3.5.1404.19 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.10.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7177 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{0D61A55C-3ADC-409F-BF5B-A1766D1F5944}) (Version: 6.2.9200.28135 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.4.0.1 - Synaptics Incorporated)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1404.19 - Trusteer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.2.0.02040 - Sony Corporation)
VAIO BIOS Data Transfer Utility (x32 Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{92907606-B2FC-4193-B0CE-A21159DA3ABB}) (Version: 8.4.0.14286 - Sony Corporation)
VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.0.03070 - Sony Corporation)
VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.4900 - Broadcom Corporation)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Yahoo Community Smartbar (HKLM-x32\...\{4E732E5D-E577-451A-9BB1-CBE64A2CBC2F}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
Yahoo Community Smartbar Engine (HKCU\...\{506c9c15-0910-4979-8dbf-3bf8842a3b9c}) (Version: 11.112.66.19229 - Linkury Inc.) <==== ATTENTION
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-6291103-1562209069-332868272-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-6291103-1562209069-332868272-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-6291103-1562209069-332868272-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)

==================== Restore Points =========================

11-10-2014 04:11:38 Scheduled Checkpoint
16-10-2014 06:44:18 Windows Update
20-10-2014 22:47:13 Installed Java 7 Update 71
28-10-2014 19:42:38 Scheduled Checkpoint
29-10-2014 17:43:22 Restore Operation

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 13:25 - 2013-08-22 13:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {093506AE-52BE-4ED8-954A-86C3E547F60F} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {0A29134F-3F25-4757-AD18-BD43CDFCE317} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {0A89B474-1848-4188-BDF6-14883073D489} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-03-14] (Synaptics Incorporated)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F9D6E18-ECDA-45AA-94AC-746B5198F35F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-02-27] (Sony Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2360FD85-B12E-44B1-9EB7-0D9F2CB134D2} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {2B14FD53-2670-4E7C-91E7-3D27C52F2C7B} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {34725EC3-7AB1-4531-A133-B253814BE070} - System32\Tasks\UpdaterEX => C:\Users\Peter\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37609AE9-0464-4718-A654-EBF7FBF268AD} - System32\Tasks\ASP => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {37BA836C-D977-4F87-9E5A-B894B959960A} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe <==== ATTENTION
Task: {38A9AA1E-2C90-4ACD-A3BC-78A3CF8F33DB} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3E77146C-A8D5-4790-BD1F-A55A222B9D59} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-12] (Microsoft Corporation)
Task: {3E85AB91-DFD8-4342-B69F-615FA0622250} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2013-02-04] (Sony Corporation)
Task: {478ABF89-822D-455D-A96E-39D19088AAD9} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2013-03-08] (Sony Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D716CD3-1DA8-4816-8ABB-9BFE4D99723E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {535A6A0F-E161-45F5-BBD1-4A5A096EBC1B} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {6164A5EF-B73C-4FDE-9C63-99B9FE89736F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateContacts => %ProgramData%\Sony Corporation\VAIO Care\UpdateContacts.exe
Task: {62E13480-4010-46F3-8898-E4F9C6D3EE93} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DE7A30C-0EA8-4857-9361-EF8E315FFE8B} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {79186A4D-22F2-4547-A669-18FFC8544145} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {79C6C90C-44D6-4DEF-8D7C-CA4757645F59} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {7E6B6ECF-1283-40D4-A510-60EBC5A0F85A} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {859A034D-216A-441F-B154-5E77F8258757} - System32\Tasks\Astromenda => C:\Users\Peter\AppData\Roaming\ASTROM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8ACF677D-85CC-48CB-A790-A9FDA1B81F0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9280E404-1A56-4A71-92A7-26B6E0DC8402} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {9B2E93C0-755F-4EF8-8256-C65123F9135D} - System32\Tasks\Sony Corporation\VAIO Update Self Repair\VAIO Update Self Repair Guard => C:\ProgramData\Sony Corporation\VAIO Update Self Repair\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B089EDF0-26F8-4CC7-B037-FA65C211AC3E} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {B5E93F74-9440-4CAC-9677-A2B100D70CFE} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {BBCDFA76-675B-4190-B2FF-E2DD64F6AB2E} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {BD10E4E4-E94C-48D2-80DC-153AB3C90067} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {CB75BB73-FFEF-4102-B1AB-073892DE1167} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D6320FE1-4D4D-489D-957D-52621ECE1769} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E1812EFD-0539-4B99-BA1C-5942ACF11084} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F513633E-9775-4BFF-86CD-D9EB9F77C1FD} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-02-20] (Sony Corporation)
Task: {FA9D916C-B822-41A6-94F2-1DF50C684E02} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {FFBC1265-7F97-401C-8A3B-C7C461A9E984} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-02-02] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Astromenda.job => C:\Users\Peter\AppData\Roaming\ASTROM~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\UpdaterEX.job => C:\Users\Peter\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-10-20 22:15 - 2014-09-17 12:30 - 00613200 _____ () c:\program files\bullguard ltd\bullguard\SQLite.dll
2014-10-20 22:15 - 2014-09-17 12:30 - 00084304 _____ () c:\program files\bullguard ltd\bullguard\zlib1.dll
2014-10-20 22:15 - 2014-09-17 12:30 - 00653136 _____ () c:\program files\bullguard ltd\bullguard\LibXml2.dll
2014-10-20 22:15 - 2014-09-17 12:30 - 00653136 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LibXml2.dll
2014-09-17 12:30 - 2014-09-17 12:30 - 00021832 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BullGuardBhvScannerRes.dll
2012-12-14 14:27 - 2012-12-14 14:27 - 00049520 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btwleapi.dll
2014-10-20 22:15 - 2014-09-17 12:30 - 00084304 _____ () C:\Program Files\BullGuard Ltd\BullGuard\zlib1.dll
2014-09-17 12:31 - 2014-09-17 12:30 - 00028488 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BackupShellNamespaceRes.dll
2014-10-20 22:15 - 2014-09-17 12:30 - 00613200 _____ () C:\Program Files\BullGuard Ltd\BullGuard\SQLite.dll
2014-09-17 12:31 - 2014-09-17 12:30 - 00275784 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpBackupRes.dll
2014-09-17 12:31 - 2014-09-17 12:30 - 00013128 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpInspectorRes.dll
2014-09-17 12:30 - 2014-09-17 12:30 - 00033096 _____ () C:\Program Files\BullGuard Ltd\BullGuard\res\en\BpMainRes.dll
2014-09-17 12:30 - 2014-09-17 12:30 - 00064848 _____ () C:\Program Files\BullGuard Ltd\BullGuard\LIBBZ2.dll
2013-11-19 09:21 - 2013-11-19 09:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 08925504 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTray.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 03396400 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\RCF.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00123744 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_filesystem-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00024408 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_system-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00055648 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_date_time-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00103768 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_thread-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00500056 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_locale-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00033624 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_chrono-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02132800 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\HtmlFramework.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00066872 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\DllStorage.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869712 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTrayDefaultSkin.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00811328 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\Localization.dll
2014-10-15 13:37 - 2014-10-15 13:37 - 00707888 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareService.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 12459344 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareServiceKernel.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00788824 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_regex-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00734536 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareActivation.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02185560 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareApplicationUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00813896 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareGamingMode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00098624 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareReset.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00120128 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareTime.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00952152 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdater.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00869224 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01108808 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareIgnoreList.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00250696 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareQuarantine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00989016 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiMalwareEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00212824 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiRootkitEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01172816 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01281344 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareScanner.dll
2014-10-15 14:04 - 2014-10-15 14:04 - 00035160 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_timer-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00976728 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareScannerScheduler.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01092440 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00229200 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareIncompatibles.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00893768 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiSpam.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00845136 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAntiPhishing.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 03096912 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareParentalControl.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02887504 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareWebProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01067344 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareEmailProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01290584 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareNetworkProtection.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004352 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwarePromo.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00343880 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareFeedback.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 02787160 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareThreatWorkAlliance.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01264960 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwarePinCode.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01004864 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareNotice.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00957256 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareAvcEngine.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 01179496 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareRealTimeProtectionHistory.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 00154944 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\SecurityCenter.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 16893248 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktop.exe
2014-10-15 14:03 - 2014-10-15 14:03 - 00451440 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\boost_program_options-vc100-mt-1_55.dll
2014-10-15 14:03 - 2014-10-15 14:03 - 09304408 _____ () C:\Users\Peter\Desktop\Ad-Aware Antivirus\11.4.6792.0\AdAwareDesktopDefaultSkin.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00025088 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Lrcnta.exe
2014-07-03 12:20 - 2014-07-03 12:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-07-03 12:19 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00052224 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00087552 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srau.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00167424 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 02426880 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00068608 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\spbl.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00160256 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00015872 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\siem.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00069120 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\sppsm.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00698368 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00016384 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00080384 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00028672 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00071680 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srut.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00031232 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srsbs.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00067072 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00152064 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smti.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00075264 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smsp.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00011776 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\sidc.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00032256 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smtu.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00040448 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\smta.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00032768 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srom.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00049152 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srbu.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00025600 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\sgml.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00063488 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00026624 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srpdm.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00045056 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00036864 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-08-27 15:29 - 2014-08-27 15:29 - 00257024 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\srns.dll
2014-03-23 17:04 - 2014-03-23 17:04 - 00557056 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2013-11-17 00:58 - 2013-01-23 09:26 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-10-29 18:43 - 2014-10-28 02:01 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-10-29 18:37 - 2014-10-29 18:37 - 01187696 _____ () C:\ProgramData\ikywDunA\dat\BShqPuXnSSd.dll
2014-08-27 15:28 - 2014-08-27 15:28 - 00034816 _____ () C:\Users\Peter\AppData\Local\Smartbar\Application\lrcnt.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Peter\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-6291103-1562209069-332868272-500 - Administrator - Disabled)
Guest (S-1-5-21-6291103-1562209069-332868272-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-6291103-1562209069-332868272-1003 - Limited - Enabled)
Peter (S-1-5-21-6291103-1562209069-332868272-1001 - Administrator - Enabled) => C:\Users\Peter

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/29/2014 09:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 09:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 08:53:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 08:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 08:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 08:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 08:21:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 08:15:43 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 07:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (10/29/2014 07:51:21 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETELAPTOP)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2147024894 See the Microsoft-Windows-TWinUI/Operational log for additional information.


System errors:
=============
Error: (10/29/2014 09:30:57 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable

Error: (10/29/2014 09:30:56 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable

Error: (10/29/2014 09:21:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (10/29/2014 09:21:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (10/29/2014 08:53:32 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (10/29/2014 08:51:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (10/29/2014 08:51:16 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (10/29/2014 08:50:26 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable

Error: (10/29/2014 08:50:23 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable

Error: (10/29/2014 08:39:35 PM) (Source: DCOM) (EventID: 10001) (User: PETELAPTOP)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server2Microsoft.WindowsLive.Platform.Service.RemoteProcessUnavailableUnavailable


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel® Core i3-3227U CPU @ 1.90GHz
Percentage of memory in use: 69%
Total physical RAM: 3974.8 MB
Available physical RAM: 1215.18 MB
Total Pagefile: 4870.8 MB
Available Pagefile: 1817.86 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:670.99 GB) (Free:625.11 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 698.6 GB) (Disk ID: 0B9808E3)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

Share this post


Link to post
Share on other sites

Hi Cavolin,

1. Please, move FRST program from "Downloads" folder to the desktop.

2. What is the exact message from your antivirus program?

3. Please, uninstall in Control Panel's list of installed programs:

Yahoo Community Smartbar by Linkury, see http://www.systemlookup.com/Startup/25527-SnapDo_exe_Linkury_exe_QuickShare_exe.html and http://www.systemlookup.com/CLSID/75361-mscoree_dll_MS_file.html
Yahoo Community Smartbar Engine

The following are old versions with known vulnerabilities that can be exploited by a web page to infect the computer. Most people don't need Java, but if you do, it's very important to always have the latest version (Java 8 Update 25).
Java 7 Update 13
Java 7 Update 67

4. Please, save AdwCleaner by Xplode on the desktop: https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Turn off all programs, including browsers.
Double-click on AdwCleaner to start the program.

Click on the Scan button.
Wait until the search has finished.

Click on the Report button.
A report will be displayed, copy its content and paste into your answer.
If the report isn't displayed, it exist as C:\AdwCleaner\AdwCleaner[R0].txt.

Share this post


Link to post
Share on other sites

Due to lack of feedback, this topic has been closed.

 

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

 

Everyone else please begin a New Topic.

 

Thank You !

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this