Go Back   Cyber Tech Help Support Forums > Software > Malware Removal

Notices

Reply
 
Topic Tools
  #136  
Old August 28th, 2017, 12:28 AM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Hi olgun,

Quote:
MBAM v.3 is now a full-fledged, real-time antivirus. Do not use this version. Please uninstall. But, you can download an earlier version.
Example:Mbam 1.7 or 2 version.
No problem I understand, I have now uninstalled and installed version 2.

-----------------------------------------------------------

Quote:
This can be. (This maybe)
Must be Windows defender always closed
So;
Uninstall:Microsoft security essentials + Mbam 3 + Zemana software (if you want)
I have uninstalled zemana (done before), malwarebytes and microsoft security essentials. And now installed AVG paid subscription via zen network.

Windows defender is off, this is okay?
Also now with AVG, defender is off, and firewall is off as managed by AVG I assume.

-------------------------------------------

Quote:
1. I have just checked this upon restarting the laptop, in services.msc. It has gone back to "manual" start, and it is stopped again.... I updated the reg key in regedit to start automatically as it was set to manual, also changed in services.msc to auto start, and started the service, which it did fine. I then restarted the laptop and rechecked this, in regedit the start reg key is back to 3 (manual), and in services.msc the "status" says it has started, but the "startup type" is manual. I'm not sure what is going on here with this but it looks like there is a problem here, or is this how it should be?
Quote:
Do not wear your head here. No problem.
Earlier you say that windows modules installer must be automatic? It isn't automatic, only manual. Is this okay?

---------------------------------------------------

Quote:
I suggest, you uninstall with RevoUninstaller free
Trendmicro housecall does not show on revouninstaller. I'm unable to see it here so can't uninstall.

I do not know how to remove this?

--------------------------------------------------------------

I will try to run windows repair tomorrow if I have chance.

Quote:
I need to sleep now. Goodnight. I'll get up early in the morning. I'll be out of city
No problem. Thankyou for all of your help olgun, have a good sleep.

We have ran out of time. Can we continue to finish this off nicely when I'm back of holidays olgun?

Last edited by JIO22; August 28th, 2017 at 12:30 AM.
Reply With Quote


  #137  
Old August 28th, 2017, 08:43 AM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 7 32-bit
Location: İstanbul
Posts: 1,742
Quote:
Windows defender is off, this is okay?
ok.
---------------
Quote:
Earlier you say that windows modules installer must be automatic? It isn't automatic, only manual. Is this okay?
Windows repair can bring it to default settings. Run and see the end result.

------------------------------
Quote:
Trendmicro housecall does not show on revouninstaller. I'm unable to see it here so can't uninstall.

I do not know how to remove this?
Double click on the RevoUninstaller and your open.

Press Tools button.
Click on the Tracks cleaner
Click twice an small arrow
Click ''unrecoverable delete'' the folder.
Now you can select files and folders.
Select the files or folder and press on the ''DELETE FOREVER'' button.

Also,this can help you
Revo Uninstaller-user's guide
https://www.revouninstaller.com/manu...are%20Help.pdf

---------------------------------------------------------------

Quote:
We have ran out of time. Can we continue to finish this off nicely when I'm back of holidays olgun?
Gladly. Happy holidays
Reply With Quote
  #138  
Old August 28th, 2017, 09:53 AM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Hi Olgun,

I have just deleted the the Windows Repair log as it was done by Ben's wife. Think the antivirus was still running.
The results will be posted later by Ben.

Last edited by JIO22; August 28th, 2017 at 07:13 PM.
Reply With Quote
  #139  
Old August 28th, 2017, 04:49 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Hi Olgun,

It's Jemma here Ben's wife, sorry about my earlier attempt.

I have had another try and after disabling AVG, Windows Fire Wall and Windows Defender I was able to follow your steps through again for the Windows repair. When I came to the checklist of what needed to be checked the following items were not on the list:

Unhide non system files
Repair WMI
Repair Winsock & DNS Cache
Unhide Non system files

But all the others that were on your list were checked, after the computer restarted the following log was created:

Tweaking.com - Windows Repair 2018 (v4.0.3)
--------------------------------------------------------------------------------

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Ultimate
OS Architecture: 32-bit
OS Version: 6.1.7601.23881
OS Service Pack: Service Pack 1
Computer Name: BEN-PC
Windows Drive: C:\
Windows Path: C:\Windows
Program Files: C:\Program Files
Current Profile: C:\Users\Ben
Current Profile SID: S-1-5-21-1289019028-3489076271-160467946-1003
Current Profile Classes: S-1-5-21-1289019028-3489076271-160467946-1003_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Ben\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:32:08

Process Count: 84
Commit Total: 1.42 GB
Commit Limit: 5.74 GB
Commit Peak: 1.48 GB
Handle Count: 26298
Kernel Total: 350.18 MB
Kernel Paged: 293.64 MB
Kernel Non Paged: 56.54 MB
System Cache: 1.54 GB
Thread Count: 1048
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.87 GB
Memory Used: 1.38 GB(48.0326%)
Memory Avail.: 1.49 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 2.87 GB
Memory Used: 1.09 GB(38.1236%)
Memory Avail.: 1.78 GB
--------------------------------------------------------------------------------

Starting Repairs...
Started at (28/08/2017 15:58:49)

Setting Any Missing 'InstallDate' From Uninstall Sections Before Running Repair...
Total Missing 'InstallDate' Fixed: 0

01 - Reset Registry Permissions
Restore Windows 7/8/10 Default Registry Permissions
Start (28/08/2017 15:58:53)


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hku.7z
Done, 0.31 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\hklm.7z
Done, 7.94 seconds.

Running Repair Under System Account
Done (28/08/2017 16:03:30)

02 - Reset File Permissions
Restore Windows 7/8/10 Default File Permissions
Start (28/08/2017 16:03:30)


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\default.7z
Done, 0.2 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\profile.7z
Done, 0.2 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\program_files.7z
Done, 0.29 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\program_files_x86.7z
Done, 0.23 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\programdata.7z
Done, 0.22 seconds.


Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\windows.7z
Done, 6.77 seconds.

Running Repair Under System Account
Done (28/08/2017 16:13:51)

03 - Reset Service Permissions
Start (28/08/2017 16:13:51)

Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:14:22)

04 - Register System Files
Start (28/08/2017 16:14:22)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:15:38)

05 - Repair WMI
Start (28/08/2017 16:15:38)

Starting Security Center So We Can Export The Security Info.

Exporting Antivirus Info...
No Antivirus Products Reported.

Exporting AntiSpyware Info...
No AntiSpyware Products Reported.

Exporting 3rd Party Firewall Info...
No Firewall Products Reported.

Running Repair Under Current User Account
Done (28/08/2017 16:18:23)

06 - Repair Windows Firewall
Start (28/08/2017 16:18:23)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.18 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:19:25)

07 - Repair Internet Explorer
Start (28/08/2017 16:19:25)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:20:17)

08 - Repair MDAC/MS Jet
Start (28/08/2017 16:20:17)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:20:49)

09 - Repair Hosts File
Start (28/08/2017 16:20:49)
Running Repair Under System Account
Done (28/08/2017 16:20:53)

10 - Remove Policies Set By Infections
Start (28/08/2017 16:20:53)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:25:28)

12 - Repair Icons
Start (28/08/2017 16:25:28)
Running Repair Under Current User Account
Done (28/08/2017 16:25:54)

15 - Repair Proxy Settings
Start (28/08/2017 16:25:55)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:25:59)

16 - Repair Windows Updates
Start (28/08/2017 16:25:59)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.2 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Setting Windows Updates Files That Are In Use To Be Removed At Next Boot.
Done (28/08/2017 16:26:43)

17 - Repair CD/DVD Missing/Not Working
Start (28/08/2017 16:26:43)
iTunes or GEARAspiWDM.sys not found, not applying UpperFilters iTunes Reg Key
Done (28/08/2017 16:26:43)

22.01 - Repair bat Association
Start (28/08/2017 16:26:43)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:26:45)

22.02 - Repair cmd Association
Start (28/08/2017 16:26:46)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:26:48)

22.03 - Repair com Association
Start (28/08/2017 16:26:48)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:26:50)

22.04 - Repair Directory Association
Start (28/08/2017 16:26:50)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:26:52)

22.05 - Repair Drive Association
Start (28/08/2017 16:26:52)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:26:55)

22.06 - Repair exe Association
Start (28/08/2017 16:26:55)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:26:57)

22.07 - Repair Folder Association
Start (28/08/2017 16:26:57)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:26:59)

22.08 - Repair inf Association
Start (28/08/2017 16:26:59)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:27:02)

22.09 - Repair lnk (Shortcuts) Association
Start (28/08/2017 16:27:02)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:27:04)

22.10 - Repair msc Association
Start (28/08/2017 16:27:04)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:27:06)

22.11 - Repair reg Association
Start (28/08/2017 16:27:06)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:27:10)

22.12 - Repair scr Association
Start (28/08/2017 16:27:10)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:27:12)

25 - Restore Important Windows Services
Start (28/08/2017 16:27:12)

Decompressing & Updating Windows Permission File C:\Program Files\Tweaking.com\Windows Repair (All in One)\files\permissions\7\services.7z
Done, 0.21 seconds.

Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:27:36)

26 - Set Windows Services To Default Startup
Start (28/08/2017 16:27:36)
Running Repair Under Current User Account
Running Repair Under System Account
Done (28/08/2017 16:27:50)

Cleaning up empty logs...

All Selected Repairs Done.
Done at (28/08/2017 16:27:50)
Total Repair Time: 00:29:03


...YOU MUST RESTART YOUR SYSTEM...
Reply With Quote
  #140  
Old August 28th, 2017, 04:52 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
With regards to Revounistaller I followed your steps

Quote:
Double click on the RevoUninstaller and your open.

Press Tools button.
Click on the Tracks cleaner
Click twice an small arrow
Click ''unrecoverable delete'' the folder.
Now you can select files and folders.
Select the files or folder and press on the ''DELETE FOREVER'' button.

Also,this can help you
Revo Uninstaller-user's guide
https://www.revouninstaller.com/manu...are%20Help.pdf
I clicked on the tools button and all ok, the next step "click on the tracks cleaner" - I can not see this in there? Is it called something else?

Many thanks,

Jemma

Last edited by JIO22; August 28th, 2017 at 08:47 PM. Reason: adjusted
Reply With Quote
  #141  
Old August 28th, 2017, 04:55 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
After doing these steps with Window's repair I have just gone into Windows Firewall to turn it back on as I turned it off for the Windows Repair.
But it gives me no option to turn it back on. It is saying that: These settings are being managed by Vendor application AVG Internet Security.

Thanks, Jemma

Last edited by JIO22; August 28th, 2017 at 07:14 PM.
Reply With Quote
  #142  
Old August 28th, 2017, 09:26 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Hi olgun,

My last post for 2 weeks.

Think we need to continue our good work here as still some issues and things that have not worked also, still some problems here.
I'm not sure how successful the windows repair was today but I wasn't here, and as my wife said above, some of those tick box selections were not listed in the windows repair, so some things would not have got done even if it did work.
The revo uninstaller as my wife comments - the tracks cleaner I can not see it to click it.

To refresh:

1. Security center is now stopped again in services.msc. Also red cross on action center flag, security center is turned off in action center and won't turn on.
2. Virus protection is now NOT listed in the security section of action center.
4. Windows defender is off.
5. Windows firewall is off.
6. Windows modules Installer is still in manual and stopped.
7. Trendmicro housecall launcher still on desktop.
8. Any other fixes, virus clean ups.


Please have a think about things if you do not mind, for our next steps when I am back as I'm determined to get this solved with your help and all back good again.

Thank you for all of your help, I'm really grateful for this.

I won't be able to post back or do anything with my laptop until I am back in 2 weeks time (the laptop will stay at home).

I'll post back here when I'm back.

Cheers olgun .

Last edited by JIO22; August 28th, 2017 at 09:57 PM. Reason: Added content.
Reply With Quote
  #143  
Old August 28th, 2017, 10:22 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 7 32-bit
Location: İstanbul
Posts: 1,742
Quote:
It's Jemma here Ben's wife, sorry about my earlier attempt.
Hi Jemma, you're welcome. Glad to meet you.
-----------------------------------------------------
Quote:
I clicked on the tools button and all ok, the next step "click on the tracks cleaner" - I can not see this in there? Is it called something else?
You can clean it manually. The file does not appear in the reports.
------------------------------------------------
Quote:
After doing these steps with Window's repair I have just gone into Windows Firewall to turn it back on as I turned it off for the Windows Repair.
But it gives me no option to turn it back on. It is saying that: These settings are being managed by Vendor application AVG Internet Security.
It is true. Ben, already wanted it . There is no problem.

----------------------------------------------------------------------

Please do this ;

SecurityCheck
Please download SecurityCheck: LINK1.LINK2
  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Have a nice day.
Reply With Quote
  #144  
Old September 13th, 2017, 07:45 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Hi olgun,

I'm back now from my holidays, I hope you have been well?

I've kinda forgotten where we got to with all of this, and what to do next.

I turned my laptop on today for the first time in 2 weeks or so, and the mousepad didn't work again!! This was the very first initial problem weeks back, but worked before my holiday.

I couldn't do anything, so got a plug in mouse via usb to get control again. Once I done this I noticed the keyboard stopped working (was working earlier today), so couldn't type or do anything again.

Eventually after fiddling around and restarting the laptop I got the keyboard back working. The mouse pad was not listed in device manager, found it by selecting to show hidden devices, but there was a problem with it. Uninstalled drivers for mousepad and restarted 1 or 2 times. Now the mousepad is working, and keyboard.

Forgot to mention on first startup today there were a number of windows updates that came up to do, so I have done them.

What would be good for me to do to get this going again?

Thank you.
Reply With Quote
  #145  
Old September 13th, 2017, 08:41 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Also I would like to add to the above post, that the laptop feels slower on start up before it tends to respond, compared to a couple of weeks back.
Reply With Quote
  #146  
Old September 13th, 2017, 09:56 PM
olgun52's Avatar
olgun52 olgun52 is offline
Malware Removal Team
 
Join Date: Feb 2014
O/S: Windows 7 32-bit
Location: İstanbul
Posts: 1,742
Quote:
I'm back now from my holidays, I hope you have been well?
Thank you, I'm fine also.

Go back to all settings in the process center. Check for updates again. If they are missing, do them. Is the security center working now?
===============================

Quote:
Also I would like to add to the above post, that the laptop feels slower on start up before it tends to respond, compared to a couple of weeks back.
I understand.

==================================

Please post a fresh FRST logfile for my check. (Frst.txt and Additional.txt)

And;

SecurityCheck
Please download SecurityCheck: LINK1.LINK2
  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.

Good day.
Reply With Quote
  #147  
Old September 13th, 2017, 10:27 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Okay,

I have rechecked on windows update and the laptop finished "checking for updates" and none were found, it says "Windows is up to date".

Upon restarting the laptop just now, the mousepad has stopped again and won't work, it says there is a problem again with the driver in device manager, I've got the usb mouse plugged in now whilst I do this.

Running FRST now, when I clicked run as administrator to start it, a box popped up saying "failed to update".

I'll post results below once done.

Last edited by JIO22; September 13th, 2017 at 10:28 PM. Reason: typo errors corrected
Reply With Quote
  #148  
Old September 13th, 2017, 10:32 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 20-08-2017
Ran by Ben (administrator) on BEN-PC (13-09-2017 22:26:58)
Running from C:\Users\Ben\Desktop
Loaded Profiles: Ben (Available Profiles: Ben)
Platform: Windows 7 Ultimate Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.33.5\GoogleCrashHandler.ex e
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Teruten) C:\Windows\System32\FsUsbExService.Exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(Tweaking.com) C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Sony Corporation) C:\Program Files\sony\Network Utility\NSUService.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe
(ArcSoft, Inc.) C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesApp32.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files\sony\VAIO Power Management\SPMgr.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(Sony Corporation) C:\Program Files\sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Monitor] => C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe [124544 2016-02-11] (LeapFrog Enterprises, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [835584 2008-01-30] (Synaptics, Inc.)
HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-08-24] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [289248 2017-09-13] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\VESWinlogon: C:\Windows\system32\VESWinlogon.dll [2008-12-09] (Sony Corporation)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [65024 2009-07-14] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL => No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{9D6DADE0-10C1-4706-85D6-CAB0F4FDDDAB}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{DFB36763-18C1-4E9D-9E2C-1DE555C9C05C}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bbc.co.uk/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1289019028-3489076271-160467946-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}&rlz=1I7SNYK_en
SearchScopes: HKU\S-1-5-21-1289019028-3489076271-160467946-1003 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1289019028-3489076271-160467946-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}&rlz=1I7SNYK_en
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-08-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-08-14] (Oracle Corporation)
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

FireFox:
========
FF ProfilePath: C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profi les\41z0j4bg.default-1465414280271 [2017-08-28]
FF NewTab: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> about:newtab
FF Homepage: Mozilla\Firefox\Profiles\41z0j4bg.default-1465414280271 -> about:home
FF Extension: (Adguard AdBlocker) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profi les\41z0j4bg.default-1465414280271\Extensions\adguardadblocker@adguard. com.xpi [2017-01-14]
FF Extension: (British English Dictionary (Marco Pinto)) - C:\Users\Ben\AppData\Roaming\Mozilla\Firefox\Profi les\41z0j4bg.default-1465414280271\Extensions\marcoagpinto@mail.telepac .pt [2017-05-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2017-01-22] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_26_0_0_ 151.dll [2017-08-08] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1229199 .dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1 .dll [2017-08-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-08-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-30] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-07-31] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR HomePage: Profile 3 -> hxxp://www.bbc.co.uk/
CHR StartupUrls: Profile 3 -> "hxxp://www.bbc.co.uk/"
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-08-28]
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3 [2017-09-13]
CHR Extension: (Google Drive) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-25]
CHR Extension: (Adguard AdBlocker) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-08-25]
CHR Extension: (YouTube) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-25]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-25]
CHR Extension: (Chrome Media Router) - C:\Users\Ben\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-25]
CHR Profile: C:\Users\Ben\AppData\Local\Google\Chrome\User Data\System Profile [2017-08-28]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2008-08-01] (ArcSoft Inc.)
R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [276328 2017-09-13] (AVG Technologies CZ, s.r.o.)
S2 AVG Firewall; C:\Program Files\AVG\Antivirus\afwServ.exe [324096 2017-09-13] (AVG Technologies CZ, s.r.o.)
S3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5881008 2017-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-08-24] (AVG Technologies CZ, s.r.o.)
S2 CodeMeter.exe; C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe [2571704 2012-12-03] (WIBU-SYSTEMS AG)
R2 FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [233472 2013-05-22] (Teruten) [File not signed]
S3 GoogleDesktopManager-092308-165331; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2008-10-22] (Google)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [225280 2007-03-13] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-03-13] (Hewlett-Packard Co.) [File not signed]
S4 MSSQLServerADHelper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 NSUService; C:\Program Files\sony\Network Utility\NSUService.exe [303104 2008-11-06] (Sony Corporation) [File not signed]
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [114688 2009-04-02] (Sony Corporation) [File not signed]
S3 rpcapd; C:\Program Files\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
S3 SOHDBSvr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDBSvr.exe [72856 2012-03-06] (Sony Corporation)
S3 SOHPlMgr; C:\Program Files\Common Files\Sony Shared\SOHLib\SOHPlMgr.exe [93336 2012-03-06] (Sony Corporation)
R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 TuneUp.UtilitiesSvc; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesService32.exe [4677904 2017-02-21] (AVG Technologies CZ, s.r.o.)
R2 uCamMonitor; C:\Program Files\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResou rceManager\VzHardwareResourceManager.exe [69632 2009-03-05] (Sony Corporation) [File not signed]
R2 VAIO Event Service; C:\Program Files\sony\VAIO Event Service\VESMgr.exe [203624 2008-12-09] (Sony Corporation)
R2 VAIO Power Management; C:\Program Files\Sony\VAIO Power Management\SPMService.exe [411488 2008-09-05] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [480624 2009-09-16] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [313264 2009-03-05] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1220376 2016-03-31] (Sony Corporation)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2009-03-05] (Sony Corporation) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17920 2008-04-24] (ArcSoft, Inc.)
R1 avgbdisk; C:\Windows\system32\drivers\avgbdiskx.sys [135872 2017-09-13] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\Windows\system32\drivers\avgbidsdriverx.sys [261128 2017-09-13] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\Windows\system32\drivers\avgbidshx.sys [151024 2017-09-13] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\Windows\system32\drivers\avgblogx.sys [270344 2017-09-13] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\Windows\system32\drivers\avgbunivx.sys [43992 2017-09-13] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\Windows\system32\drivers\avgHwid.sys [35264 2017-09-13] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\Windows\system32\drivers\avgMonFlt.sys [117368 2017-09-13] (AVG Technologies CZ, s.r.o.)
R3 avgNetNd6; C:\Windows\System32\DRIVERS\avgNetNd6.sys [28408 2017-08-27] (AVG Technologies CZ, s.r.o.)
R1 avgNetSec; C:\Windows\system32\drivers\avgNetSec.sys [400488 2017-09-13] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\Windows\system32\drivers\avgRdr2.sys [91976 2017-09-13] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\Windows\system32\drivers\avgRvrt.sys [63280 2017-09-13] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\Windows\system32\drivers\avgSnx.sys [766216 2017-09-13] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\Windows\system32\drivers\avgSP.sys [492552 2017-09-13] (AVG Technologies CZ, s.r.o.)
S2 avgStm; C:\Windows\system32\drivers\avgStm.sys [140136 2017-09-13] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\Windows\system32\drivers\avgVmm.sys [289240 2017-09-13] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-05-22] () [File not signed]
S3 MBAMProtection; C:\Windows\system32\drivers\mbam.sys [24448 2016-03-10] (Malwarebytes)
S3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [53120 2016-03-10] (Malwarebytes Corporation)
R2 NPF; C:\Windows\system32\drivers\npf.sys [35088 2016-11-20] (CACE Technologies, Inc.)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver32.sys [31792 2017-02-21] (AVG Netherlands B.V.)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [128704 2016-08-16] (MBB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-13 22:26 - 2017-09-13 22:27 - 000019865 _____ C:\Users\Ben\Desktop\FRST.txt
2017-09-13 17:12 - 2017-08-19 16:10 - 000180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2017-09-13 17:12 - 2017-08-16 16:10 - 000629760 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-09-13 17:12 - 2017-08-16 15:50 - 002403328 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-09-13 17:12 - 2017-08-16 01:25 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-09-13 17:12 - 2017-08-15 16:10 - 012880896 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-09-13 17:12 - 2017-08-15 16:10 - 001499648 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-09-13 17:12 - 2017-08-15 15:01 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-09-13 17:12 - 2017-08-15 15:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-09-13 17:12 - 2017-08-15 15:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-09-13 17:12 - 2017-08-15 14:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-09-13 17:12 - 2017-08-14 18:35 - 002150912 _____ (Microsoft Corporation) C:\Windows\system32\mmcndmgr.dll
2017-09-13 17:12 - 2017-08-14 18:35 - 000303104 _____ (Microsoft Corporation) C:\Windows\system32\mmcbase.dll
2017-09-13 17:12 - 2017-08-14 18:35 - 000172544 _____ (Microsoft Corporation) C:\Windows\system32\cic.dll
2017-09-13 17:12 - 2017-08-14 18:35 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\mmcshext.dll
2017-09-13 17:12 - 2017-08-13 22:30 - 001401344 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2017-09-13 17:12 - 2017-08-13 17:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-09-13 17:12 - 2017-08-13 17:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-09-13 17:12 - 2017-08-13 17:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-09-13 17:12 - 2017-08-13 17:30 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-09-13 17:12 - 2017-08-13 17:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-09-13 17:12 - 2017-08-13 17:29 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-09-13 17:12 - 2017-08-13 17:29 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-09-13 17:12 - 2017-08-13 17:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-09-13 17:12 - 2017-08-13 17:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-09-13 17:12 - 2017-08-13 17:22 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-09-13 17:12 - 2017-08-13 17:21 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-09-13 17:12 - 2017-08-13 17:19 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-09-13 17:12 - 2017-08-13 17:18 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-09-13 17:12 - 2017-08-13 17:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-09-13 17:12 - 2017-08-13 17:17 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-09-13 17:12 - 2017-08-13 17:17 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-09-13 17:12 - 2017-08-13 17:10 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-09-13 17:12 - 2017-08-13 17:01 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-09-13 17:12 - 2017-08-13 17:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-09-13 17:12 - 2017-08-13 17:00 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-09-13 17:12 - 2017-08-13 16:57 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-09-13 17:12 - 2017-08-13 16:53 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-09-13 17:12 - 2017-08-13 16:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-09-13 17:12 - 2017-08-13 16:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-09-13 17:12 - 2017-08-13 16:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-09-13 17:12 - 2017-08-13 16:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-09-13 17:12 - 2017-08-13 16:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-09-13 17:12 - 2017-08-13 16:43 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-09-13 17:12 - 2017-08-13 16:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-09-13 17:12 - 2017-08-13 16:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-09-13 17:12 - 2017-08-13 16:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-09-13 17:12 - 2017-08-11 07:24 - 004001000 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2017-09-13 17:12 - 2017-08-11 07:24 - 003945704 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-09-13 17:12 - 2017-08-11 07:24 - 000137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-09-13 17:12 - 2017-08-11 07:24 - 000067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-09-13 17:12 - 2017-08-11 07:21 - 001310528 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 001417728 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 001062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000781824 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000644096 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000554496 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000377344 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000299008 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000294400 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000261120 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000171008 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000126464 _____ (Microsoft Corporation) C:\Windows\system32\inetpp.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000082432 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000019968 _____ (Microsoft Corporation) C:\Windows\system32\nsisvc.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\winnsi.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\nsi.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 07:10 - 000066048 _____ C:\Windows\system32\PrintBrmUi.exe
2017-09-13 17:12 - 2017-08-11 07:09 - 000061952 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.exe
2017-09-13 17:12 - 2017-08-11 07:09 - 000039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2017-09-13 17:12 - 2017-08-11 07:09 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\inetppui.dll
2017-09-13 17:12 - 2017-08-11 07:03 - 000026624 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2017-09-13 17:12 - 2017-08-11 07:01 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2017-09-13 17:12 - 2017-08-11 07:00 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-09-13 17:12 - 2017-08-11 07:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-09-13 17:12 - 2017-08-11 07:00 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-09-13 17:12 - 2017-08-11 07:00 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-09-13 17:12 - 2017-08-11 07:00 - 000016896 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-09-13 17:12 - 2017-08-11 06:58 - 000271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-09-13 17:12 - 2017-08-11 06:58 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-09-13 17:12 - 2017-08-11 06:56 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2017-09-13 17:12 - 2017-08-11 06:56 - 000311808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2017-09-13 17:12 - 2017-08-11 06:56 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-09-13 17:12 - 2017-08-11 06:56 - 000124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-09-13 17:12 - 2017-08-11 06:56 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2017-09-13 17:12 - 2017-08-11 06:56 - 000098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-09-13 17:12 - 2017-08-11 06:55 - 000188928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2017-09-13 17:12 - 2017-08-11 06:55 - 000069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-09-13 17:12 - 2017-08-11 06:55 - 000036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-09-13 17:12 - 2017-08-11 06:55 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-09-13 17:12 - 2017-08-11 06:55 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
2017-09-13 17:12 - 2017-08-11 06:55 - 000015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-09-13 17:12 - 2017-08-11 06:55 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 06:55 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 06:55 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-09-13 17:12 - 2017-08-11 06:55 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-09-13 07:37 - 2017-09-13 07:36 - 000305936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\avgBoot.exe
2017-08-28 20:19 - 2017-08-28 20:19 - 000001147 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-08-28 20:19 - 2017-08-28 20:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-08-28 20:19 - 2017-08-28 20:19 - 000000000 ____D C:\Program Files\VS Revo Group
2017-08-28 08:05 - 2017-08-28 08:05 - 000002077 _____ C:\Users\Ben\Desktop\Tweaking.com - Windows Repair.lnk
2017-08-28 08:05 - 2017-08-28 08:05 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Microsoft\Windows\Sta rt Menu\Programs\Tweaking.com
2017-08-28 08:04 - 2017-08-28 08:04 - 000000000 ____D C:\Program Files\Tweaking.com
2017-08-28 00:06 - 2017-08-28 00:06 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp.lnk
2017-08-28 00:06 - 2017-08-28 00:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp
2017-08-28 00:06 - 2017-02-21 09:29 - 000049936 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\TURegOpt.exe
2017-08-28 00:06 - 2017-02-21 09:25 - 000042256 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\authuitu.dll
2017-08-28 00:02 - 2017-08-28 00:02 - 000000000 ____D C:\Users\Ben\AppData\Roaming\AVG
2017-08-27 23:58 - 2017-09-13 07:37 - 000492552 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSP.sys
2017-08-27 23:58 - 2017-09-13 07:37 - 000289240 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgVmm.sys
2017-08-27 23:58 - 2017-09-13 07:37 - 000140136 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgStm.sys
2017-08-27 23:58 - 2017-09-13 07:37 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgMonFlt.sys
2017-08-27 23:58 - 2017-09-13 07:37 - 000091976 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRdr2.sys
2017-08-27 23:58 - 2017-09-13 07:37 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgRvrt.sys
2017-08-27 23:58 - 2017-09-13 07:37 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgHwid.sys
2017-08-27 23:58 - 2017-09-13 07:35 - 000766216 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgSnx.sys
2017-08-27 23:58 - 2017-09-13 07:35 - 000400488 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetSec.sys
2017-08-27 23:58 - 2017-09-13 07:34 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgblogx.sys
2017-08-27 23:58 - 2017-09-13 07:34 - 000261128 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidsdriverx.sys
2017-08-27 23:58 - 2017-09-13 07:34 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbidshx.sys
2017-08-27 23:58 - 2017-09-13 07:34 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbdiskx.sys
2017-08-27 23:58 - 2017-09-13 07:34 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgbunivx.sys
2017-08-27 23:57 - 2017-08-27 23:57 - 000028408 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgNetNd6.sys
2017-08-27 23:55 - 2017-09-13 07:45 - 000000978 _____ C:\Users\Public\Desktop\AVG.lnk
2017-08-27 23:55 - 2017-09-13 07:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2017-08-27 23:54 - 2017-08-28 00:05 - 000000000 ____D C:\Program Files\AVG
2017-08-27 23:52 - 2017-08-28 08:59 - 000000000 ____D C:\ProgramData\Avg
2017-08-27 23:52 - 2017-08-28 00:05 - 000000000 ____D C:\Users\Ben\AppData\Local\Avg
2017-08-27 23:52 - 2017-08-28 00:04 - 000000000 ____D C:\Users\Ben\AppData\Local\AvgSetupLog
2017-08-27 23:41 - 2017-08-27 23:43 - 000170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-08-27 23:40 - 2017-08-27 23:40 - 000001020 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2017-08-27 23:40 - 2017-08-27 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-08-27 23:40 - 2017-08-27 23:40 - 000000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2017-08-27 23:40 - 2016-03-10 14:09 - 000053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2017-08-27 23:40 - 2016-03-10 14:08 - 000126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-08-27 23:40 - 2016-03-10 14:08 - 000024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2017-08-27 22:38 - 2017-08-27 22:38 - 000000092 _____ C:\Users\Ben\Desktop\Add your music with Google Play Music Manager - Google Play Music Help.url
2017-08-26 20:16 - 2017-08-26 20:16 - 000000000 ____D C:\_OTL
2017-08-25 21:59 - 2017-08-25 21:59 - 000602112 _____ (OldTimer Tools) C:\Users\Ben\Desktop\OTL.exe
2017-08-25 21:53 - 2017-08-25 21:53 - 000892416 _____ (Farbar) C:\Users\Ben\Desktop\MiniToolBox.exe
2017-08-25 19:29 - 2017-08-25 19:10 - 000024064 _____ C:\Windows\zoek-delete.exe
2017-08-25 19:06 - 2017-08-25 19:06 - 001792640 _____ (Bleeping Computer, LLC) C:\Users\Ben\Desktop\rkill.exe
2017-08-25 16:19 - 2017-08-25 16:19 - 000139264 _____ C:\Users\Ben\Desktop\SystemLook.exe
2017-08-24 15:20 - 2017-08-24 16:26 - 000000000 ____D C:\Users\Ben\MSYNC
2017-08-23 22:29 - 2017-08-23 22:29 - 000000000 ____D C:\Program Files\Synaptics
2017-08-23 16:35 - 2017-08-23 16:35 - 001309184 _____ C:\Users\Ben\Desktop\zoek.exe
2017-08-23 13:42 - 2017-08-23 13:43 - 031141680 _____ (Trend Micro Inc. ) C:\Users\Ben\Desktop\Ti_110_win_en_Tool_TMRemnantF ileRemoveTool_hfb0001.exe
2017-08-23 13:31 - 2017-08-23 13:31 - 016488408 _____ (Trend Micro Inc. ) C:\Users\Ben\Desktop\Ti_110_win_en_Tool_UninstallT ool_hfb0001.exe
2017-08-22 18:11 - 2017-08-25 19:26 - 000000000 ____D C:\zoek_backup
2017-08-22 17:54 - 2017-08-22 17:54 - 000852798 _____ C:\Users\Ben\Desktop\SecurityCheck.exe
2017-08-22 17:50 - 2017-08-22 17:51 - 000899584 _____ (Farbar) C:\Users\Ben\Desktop\FSS.exe
2017-08-22 15:56 - 2017-08-21 20:14 - 001792512 _____ (Farbar) C:\Users\Ben\Desktop\FRST.exe
2017-08-22 05:48 - 2017-09-13 22:26 - 000000000 ____D C:\FRST
2017-08-21 13:04 - 2017-07-07 16:10 - 000973312 _____ (Microsoft Corporation) C:\Windows\system32\DXPTaskRingtone.dll
2017-08-21 10:26 - 2017-08-21 10:26 - 000000672 _____ C:\DelFix.txt
2017-08-21 10:26 - 2017-08-21 10:26 - 000000000 ____D C:\Windows\ERUNT
2017-08-20 19:43 - 2017-08-20 19:43 - 000000000 ____D C:\Users\Ben\Tracing
2017-08-19 23:53 - 2017-08-21 09:53 - 000046806 _____ C:\Windows\ZAM_Guard.krnl.trace
2017-08-19 23:53 - 2017-08-21 09:34 - 000060989 _____ C:\Windows\ZAM.krnl.trace
2017-08-16 14:10 - 2017-08-27 23:40 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-08-15 21:54 - 2017-08-15 21:54 - 000000000 ____D C:\Users\Ben\AppData\Local\Zemana

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-09-13 22:08 - 2017-01-22 01:47 - 000039408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-09-13 22:08 - 2017-01-22 01:47 - 000039408 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-09-13 21:56 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-09-13 18:02 - 2009-07-14 05:33 - 000433432 _____ C:\Windows\system32\FNTCACHE.DAT
2017-09-13 17:37 - 2010-11-20 22:01 - 000827800 _____ C:\Windows\system32\PerfStringBackup.INI
2017-09-13 17:37 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-09-13 17:29 - 2013-08-14 08:12 - 000000000 ____D C:\Windows\system32\MRT
2017-09-13 17:19 - 2017-01-24 08:29 - 135337392 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-09-13 07:42 - 2017-02-01 15:04 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-28 20:56 - 2017-01-25 20:55 - 000002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 20:05 - 2016-11-19 01:26 - 000000000 ____D C:\Users\Ben\AppData\LocalLow\Mozilla
2017-08-28 19:49 - 2012-06-26 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2017-08-28 19:49 - 2012-04-21 00:27 - 000000000 ____D C:\Users\Ben\AppData\Roaming\HpUpdate
2017-08-28 19:49 - 2011-08-25 20:50 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Skype
2017-08-28 19:49 - 2011-08-25 17:59 - 000000000 ____D C:\Users\Ben\AppData\Local\Microsoft Help
2017-08-28 19:49 - 2011-08-13 15:35 - 000000000 ___RD C:\Users\Ben\Desktop\Shortcuts
2017-08-28 19:49 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\system32\sysprep
2017-08-28 16:34 - 2012-04-07 20:24 - 000116576 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2017-08-28 09:27 - 2006-11-02 11:23 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts_bak_746
2017-08-28 08:05 - 2016-06-29 21:21 - 000722548 _____ C:\Windows\Tweaking.com - Windows Repair Setup Log.txt
2017-08-27 23:51 - 2014-11-22 19:46 - 000001945 _____ C:\Windows\epplauncher.mif
2017-08-27 21:32 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\registration
2017-08-26 20:16 - 2017-02-25 21:36 - 000000000 ____D C:\Users\Ben\AppData\Temp
2017-08-25 19:26 - 2017-01-22 01:49 - 000000000 ____D C:\Users\Ben
2017-08-25 19:12 - 2014-12-02 16:06 - 000000000 ____D C:\Users\Ben\AppData\Local\CrashDumps
2017-08-24 15:00 - 2017-01-22 18:40 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-08-24 15:00 - 2017-01-22 18:40 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-24 13:47 - 2011-08-13 15:44 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Google
2017-08-24 11:34 - 2012-04-05 18:30 - 000000000 ____D C:\Users\Ben\AppData\Local\ElevatedDiagnostics
2017-08-24 11:30 - 2014-11-16 13:54 - 001917632 _____ C:\Windows\ntbtlog.txt
2017-08-21 10:09 - 2012-04-07 19:50 - 000000000 ____D C:\Windows\ERDNT
2017-08-21 09:37 - 2014-08-09 14:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-08-20 20:21 - 2012-05-12 17:06 - 000000000 ____D C:\Users\Ben\Documents\Our Information
2017-08-20 12:54 - 2012-12-25 22:25 - 000000000 ____D C:\Users\Ben\AppData\Roaming\WinRAR
2017-08-19 23:38 - 2008-10-22 19:43 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2017-08-17 17:35 - 2011-08-13 18:34 - 000449704 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-08-17 00:24 - 2011-08-13 15:03 - 000000000 ____D C:\Users\Ben\AppData\Roaming\Sony Corporation
2017-08-14 23:42 - 2008-10-22 22:55 - 000000000 ____D C:\Program Files\Java
2017-08-14 21:25 - 2014-11-19 17:27 - 000024688 _____ C:\Windows\system32\Drivers\TrueSight.sys
2017-08-14 19:30 - 2015-09-04 16:31 - 000000000 ____D C:\Program Files\Recuva
2017-08-14 18:43 - 2014-08-09 14:07 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-08-14 18:29 - 2011-08-25 20:44 - 000000000 ____D C:\Users\Ben\Documents\Jemma
2017-08-14 17:39 - 2006-11-02 11:23 - 000000215 _____ C:\Windows\system.ini
2017-08-14 17:38 - 2006-11-02 11:23 - 000000027 _____ C:\Windows\system32\Drivers\etc\hosts_bak_226
2017-08-14 10:37 - 2009-07-14 05:53 - 000032620 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-08-14 01:30 - 2015-11-23 20:56 - 000000000 ____D C:\Users\Ben\Documents\Kingsland School newsletters
2017-08-14 01:30 - 2012-06-03 13:17 - 000000000 ____D C:\Users\Ben\Documents\WebCam Media
2017-08-14 01:30 - 2012-01-24 17:12 - 000000000 ____D C:\Users\Ben\Documents\Receipts
2017-08-14 01:30 - 2011-08-25 20:44 - 000000000 ____D C:\Users\Ben\Documents\My Scans

==================== Files in the root of some directories =======

2017-05-17 12:20 - 2017-05-17 12:20 - 000003584 _____ () C:\Users\Ben\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-01-22 22:02 - 2017-08-13 23:03 - 000000010 _____ () C:\Users\Ben\AppData\Local\sponge.last.runtime.cac he

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-07-23 12:42

==================== End of FRST.txt ============================
Reply With Quote
  #149  
Old September 13th, 2017, 10:33 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 20-08-2017
Ran by Ben (13-09-2017 22:28:12)
Running from C:\Users\Ben\Desktop
Windows 7 Ultimate Service Pack 1 (X86) (2017-01-22 11:36:51)
Boot Mode: Normal
================================================== ========


==================== Accounts: =============================

Administrator (S-1-5-21-1289019028-3489076271-160467946-500 - Administrator - Disabled)
Ben (S-1-5-21-1289019028-3489076271-160467946-1003 - Administrator - Enabled) => C:\Users\Ben
Guest (S-1-5-21-1289019028-3489076271-160467946-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1289019028-3489076271-160467946-1230 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{77DCDCE3-2DED-62F3-8154-05E745472D07}) (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D 1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 26.0.0.151 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
AIO_CDB_ProductContext (HKLM\...\{E7112940-5F8E-4918-B9FE-251F2F8DC81F}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (HKLM\...\{E09575B2-498D-4C8B-A9D2-623F78574F29}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM\...\{0D2E9DCB-9938-475E-B4DD-8851738852FF}) (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Apple Application Support (32-bit) (HKLM\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2A2C8640-5402-428A-909A-0236CB2B77C7}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.39 - ArcSoft)
ArcSoft WebCam Companion 2 (HKLM\...\{9973498D-EA29-4A68-BE0B-C88D6E03E928}) (Version: - ArcSoft)
AVG (HKLM\...\{1D382E7D-7E8B-4C85-9233-287017A66599}) (Version: 1.211.2 - AVG Technologies) Hidden
AVG Internet Security (HKLM\...\AVG Antivirus) (Version: 17.6.3029 - AVG Technologies)
AVG PC TuneUp (HKLM\...\{D87926DA-D66D-4B80-BB89-019E95477B73}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
Big Fish Games Game Suite (HKLM\...\BFG-Big Fish Games Game Suite) (Version: - )
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BufferChm (HKLM\...\{BE77A81F-B315-4666-9BF3-AE70C0ADB057}) (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Bulk Rename Utility 3.0.0.1 (32-bit) (HKLM\...\Bulk Rename Utility Installation_is1) (Version: - TGRMN Software)
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\{B32C4059-6E7A-41EF-AD20-56DF1872B923}) (Version: 3.0.8619.1 - Microsoft Corporation) Hidden
Business Contact Manager for Outlook 2007 SP2 (HKLM\...\Business Contact Manager) (Version: 3.0.8619.1 - Microsoft Corporation)
Click to Disc (HKLM\...\{68A69CFF-130D-4CDE-AB0E-7374ECB144C8}) (Version: 1.2.73.04270 - Sony Corporation)
Click to Disc (HKLM\...\{CF0F8D1B-5FB9-468D-BD88-E6239906D2B7}) (Version: 1.2.73.04270 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.02 - Sony Corporation) Hidden
Click to Disc Editor (HKLM\...\InstallShield_{4DCEA9C1-4D6E-41BF-A854-28CFA8B56DBF}) (Version: 2.0.03.04150 - Sony Corporation)
Copy (HKLM\...\{A3B7C670-4A1E-4EE2-950E-C875BC1965D0}) (Version: 82.0.188.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (HKLM\...\{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (HKLM\...\{9B1FD9CE-0776-4f0b-A6F5-C6AB7B650CDF}) (Version: 82.0.173.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM\...\{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Easy Phone Sync (HKLM\...\{02007371-F011-4016-A664-ED99890331AB}) (Version: 63 - Media Mushroom Limited)
eSupportQFolder (HKLM\...\{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F300 (HKLM\...\{F1568757-E564-4cb5-8980-9333119A4384}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300_Help (HKLM\...\{5E6D6161-5509-4f55-9372-1E01792F843A}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (HKLM\...\{F6AC5364-2FB7-437a-811A-D645F22AA6AC}) (Version: 82.0.242.000 - Hewlett-Packard) Hidden
Fax (HKLM\...\{7A7DC702-DEDE-42A8-8722-B3BA724D546F}) (Version: 82.0.188.000 - Hewlett-Packard) Hidden
FileASSASSIN (HKLM\...\FileASSASSIN) (Version: 1.06 - Malwarebytes)
FMW 1 (HKLM\...\{BCECF768-7E98-42CB-926C-D940279D4474}) (Version: 1.223.1 - AVG Technologies) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Desktop (HKLM\...\Google Desktop) (Version: 5.8.0809.23506 - Google)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HDAUDIO SoftV92 Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUB SYS_104D0200) (Version: - )
HP Customer Participation Program 8.0 (HKLM\...\HPExtendedCapabilities) (Version: 8.0 - HP)
HP Imaging Device Functions 8.0 (HKLM\...\HP Imaging Device Functions) (Version: 8.0 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 8.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 8.0 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPProductAssistant (HKLM\...\{67D3F1A0-A1F2-49b7-B9EE-011277B170CD}) (Version: 82.0.173.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{B7BC92A8-B3E5-40A6-9B21-B25E4E1D98F1}) (Version: 6.2.2.39 - Apple Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1872 - Intel Corporation)
iTunes (HKLM\...\{BE5DD9B6-9DF7-4163-A39E-E2141C7A7488}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
LeapFrog Connect (HKLM\...\{97CD1D2B-20BD-40E8-825E-B4BDA5071B73}) (Version: 7.0.7.20035 - LeapFrog) Hidden
LeapFrog Connect (HKLM\...\UPCShell) (Version: 7.0.7.20035 - LeapFrog)
LeapFrog LeapPad Explorer Plugin (HKLM\...\{50B93E1B-EBA1-46AE-909F-10F6F97E1505}) (Version: 7.0.6.19846 - LeapFrog) Hidden
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MarketResearch (HKLM\...\{95D08F4E-DFC2-4ce3-ACB7-8C8E206217E9}) (Version: 82.0.174.000 - Hewlett-Packard) Hidden
Me&My VAIO (HKLM\...\{76D7CCD6-8369-405C-B494-5F34FAE67249}) (Version: 1.0.0.11140 - Sony Corporation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{64867E7B-D4D7-422E-883D-55C4BEB0E326}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Expression Web (HKLM\...\WebDesigner) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Expression Web Service Pack 1 (SP1) (HKLM\...\{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{9037FDA8-8383-4B6F-859D-D49C3C625225}) (Version: - Microsoft)
Microsoft Office 2007 Primary Interop Assemblies (HKLM\...\{50120000-1105-0000-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version: - Microsoft)
Microsoft Office Project Professional 2007 (HKLM\...\PRJPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version: - Microsoft)
Microsoft Office Visio Professional 2007 (HKLM\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft RichCopy 4.0 (HKLM\...\{86F4F32B-77C7-4951-B33C-05D41A8190C1}) (Version: 4.0.216 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 (HKLM\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{7670D32F-DAE6-4E49-8C8B-B3F08B5B1686}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{E7084B89-69E0-46B3-A118-8F99D06988CD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM\...\{EB3DF0F0-0525-4C5A-A2F8-DEC868A3075D}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x86 en-GB) (HKLM\...\Mozilla Firefox 54.0.1 (x86 en-GB)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Transfer (HKLM\...\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}) (Version: 1.2.00.17290 - Sony Corporation)
OpenMG Secure Module 5.4.00 (HKLM\...\{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}) (Version: 5.4.00.04020 - Sony Corporation) Hidden
OpenMG Secure Module 5.4.00 (HKLM\...\InstallShield_{AEA6A4C2-7C4E-48F9-A770-879DE2EDEE1B}) (Version: 5.4.00.04020 - Sony Corporation)
PingPlotter 4.12.0 (HKLM\...\{D59AF474-7881-48B7-9120-F23D093BC447}) (Version: 4.12.0.9 - Pingman Tools, LLC)
Primo (HKLM\...\{14291118-0C19-45EA-A4FA-5C1C0F5FDE09}) (Version: 1.00.0000 - Your Company Name) Hidden
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Roxio Easy Media Creator 10 LJ (HKLM\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.1 - Roxio)
Safari (HKLM\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Samsung Kies3 (HKLM\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (HKLM\...\{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Scan (HKLM\...\{1746EA69-DCB6-4408-B5A5-E75F55439CDF}) (Version: 8.1.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Setting Utility Series (HKLM\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 4.2.0.10150 - Sony Corporation)
Skype™ 7.39 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.39.102 - Skype Technologies S.A.)
SMPlayer 0.6.10 (HKLM\...\SMPlayer) (Version: 0.6.10 - Ricardo Villalba)
Software Info for Me&My VAIO (HKLM\...\{69C8B1E3-2665-4A0F-B049-67746E5C4CE3}) (Version: 1.0.0.09110 - Sony Corporation)
SolutionCenter (HKLM\...\{A36CD345-625C-4d6c-B3E2-76E1248CB451}) (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Sony Home Network Library (HKLM\...\{AEF8B78C-4F3E-41F1-9C2D-88150D4BB3AD}) (Version: 1.4.5.15070 - Sony Corporation) Hidden
Sony Home Network Library (HKLM\...\{D03D02D8-AB64-4785-A48E-5AA8B0FB8C14}) (Version: 1.4.5.15070 - Sony Corporation)
Sony Picture Utility (HKLM\...\{D5068583-D569-468B-9755-5FBF5848F46F}) (Version: 3.3.01.09300 - Sony Corporation)
Sony Video Shared Library (HKLM\...\{01FDC9FC-4D4F-4DB0-ACD1-D3E8E1D52902}) (Version: 3.5.00 - Sony Corporation)
Spelling Dictionaries Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (HKLM\...\{978C25EE-5777-46e4-8988-732C297CBDBD}) (Version: 82.0.173.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 9.1.13.0 - Synaptics)
Toolbox (HKLM\...\{C716522C-3731-4667-8579-40B098294500}) (Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{FF075778-6E50-47ed-991D-3B07FD4E3250}) (Version: 82.0.188.000 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 4.0.3 - Tweaking.com)
UnloadSupport (HKLM\...\{E06F04B9-45E6-4AC0-8083-85F7515F40F7}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0026-0000-0000-0000000FF1CE}_WebDesigner_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-003B-0000-0000-0000000FF1CE}_PRJPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Use the entry named LeapFrog Connect to uninstall (LeapFrog LeapPad Explorer Plugin) (HKLM\...\LeapPadExplorerPlugin) (Version: - LeapFrog)
VAIO Content Folder Setting (HKLM\...\{23825B69-36DF-4DAD-9CFD-118D11D80F16}) (Version: 2.1.0.08260 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{327B75F0-92AF-420A-988F-FA596A218E0B}) (Version: 1.0.01.09030 - Sony Corporation)
VAIO Content Folder Watcher (HKLM\...\{91F2D688-B8CB-4461-A92D-6B35279DAE8F}) (Version: 1.0.01.09030 - Sony Corporation) Hidden
VAIO Content Folder Watcher (HKLM\...\{A2052C95-48CC-4AC9-A8D4-FCD89DDD8F2C}) (Version: 1.0.01.09030 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{4882EBF5-CA37-4EF4-BCB8-9B0E78B907D0}) (Version: 3.6.1.12010 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{989ED050-E296-4FDC-9E4E-C48B4AF76E32}) (Version: 3.6.1.12010 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{B1991F22-4F93-4D11-9866-A7DFE551DF9E}) (Version: 3.6.1.12010 - Sony Corporation) Hidden
VAIO Content Metadata Manager Settings (HKLM\...\{12D0BE8D-538C-4AB1-86DE-C540308F50DA}) (Version: 3.6.0.09240 - Sony Corporation)
VAIO Content Metadata Manager Settings (HKLM\...\{18510937-0146-417B-95D8-14706649C384}) (Version: 3.6.0.09240 - Sony Corporation) Hidden
VAIO Content Metadata XML Interface Library (HKLM\...\{291FB4BF-EEC7-4CF9-8469-F39ED1DBC4D8}) (Version: 3.6.0.09080 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM\...\{A3563827-B0DB-44DC-B037-15CC4E5E692F}) (Version: 3.6.0.09080 - Sony Corporation) Hidden
VAIO Control Center (HKLM\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 3.2.0.09120 - Sony Corporation)
VAIO Data Restore Tool (HKLM\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.0.04.01170 - Sony Corporation)
VAIO DVD Menu Data Basic (HKLM\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 1.0.00.08130 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{6B1F20F2-6321-4669-A58C-33DF8E7517FF}) (Version: 3.4.1.15040 - Sony Corporation)
VAIO Entertainment Platform (HKLM\...\{B3668C08-EBB1-40F4-B4F9-4F8E13501A7D}) (Version: 3.4.1.15040 - Sony Corporation) Hidden
VAIO Event Service (HKLM\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 4.2.1.12090 - Sony Corporation)
VAIO Launcher (HKLM\...\{15D5C238-4C2E-4AEA-A66D-D6989A4C586B}) (Version: 2.2.0.09090 - Sony Corporation)
VAIO Marketing Tools (HKLM\...\MarketingTools) (Version: - Sony Corporation)
VAIO Media plus (HKLM\...\{088C7311-A3BB-43C5-B046-C114D2F9728C}) (Version: 1.2.0.10230 - Sony Corporation) Hidden
VAIO Media plus (HKLM\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 1.4.5.15070 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story (HKLM\...\{75F52FAC-16CE-4A2A-B89A-9742F39A1864}) (Version: 1.3.01.08060 - Sony Corporation) Hidden
VAIO Movie Story (HKLM\...\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO Movie Story 1.5 Upgrade (HKLM\...\{C0482AA0-9CDF-49B4-9B39-551FD1A7A7E6}) (Version: 1.5.01.05120 - Sony Corporation) Hidden
VAIO Movie Story Template Data (HKLM\...\{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 1.5.01.05120 - Sony Corporation)
VAIO MusicBox (HKLM\...\{D613E659-6503-42A8-9617-4F599061EAD5}) (Version: 2.3.0.09250 - Sony Corporation)
VAIO MusicBox Sample Music (HKLM\...\{98FC7A64-774B-49B5-B046-4B4EBC053FA9}) (Version: 1.1.00.14140 - Sony Corporation)
VAIO Original Function Settings (HKLM\...\{7C404084-C5A6-42FF-B731-0BAC79A6E134}) (Version: 2.0.2.02240 - Sony Corporation)
VAIO Original Function Settings (HKLM\...\{95229EF6-F4A1-413A-BA50-668311FAFE19}) (Version: 2.0.2.02240 - Sony Corporation) Hidden
VAIO Power Management (HKLM\...\{5F5867F0-2D23-4338-A206-01A76C823924}) (Version: 3.2.0.10060 - Sony Corporation)
VAIO Presentation Support (HKLM\...\{2018C019-30D9-4240-8C01-0865C10DCF5A}) (Version: 1.1.0.08250 - Sony Corporation)
VAIO Smart Network (HKLM\...\{3B659FAD-E772-44A3-B7E7-560FF084669F}) (Version: 2.2.0.11050 - Sony Corporation)
VAIO Update (HKLM\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO Wallpaper Contents (HKLM\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 1.3.0.10310 - Sony Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VUx86 (HKLM\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
WebReg (HKLM\...\{179C56A4-F57F-4561-8BBF-F911D26EB435}) (Version: 82.0.173.000 - Hewlett-Packard) Hidden
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D ) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinDVD for VAIO (HKLM\...\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.602 - InterVideo Inc.) Hidden
WinDVD for VAIO (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B9.602 - InterVideo Inc.)
WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Wireshark 1.8.6 (32-bit) (HKLM\...\Wireshark) (Version: 1.8.6 - The Wireshark developer community, hxxp://www.wireshark.org)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1289019028-3489076271-160467946-1003_Classes\CLSID\{4052D303-74C5-49EA-BC6B-66099C8D4007}\InprocServer32 -> C:\Program Files\Google\Google Desktop Search\GoogleDesktopAPI2.dll (Google)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-13] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [2017-05-09] (Apple Inc.)
ContextMenuHandlers1: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-09-15] (Sonic Solutions)
ContextMenuHandlers2: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-09-15] (Sonic Solutions)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [FAExt] -> {05672D66-9736-42F5-8BEB-FA1DD3CA51C4} => C:\Program Files\FileASSASSIN\FileASSASSINExt.dll [2007-03-30] (Malwarebytes)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files\AVG\AVG PC TuneUp\DseShExt-x86.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files\AVG\AVG PC TuneUp\SDShelEx-win32.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-01-22] (Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVG\Antivirus\ashShell.dll [2017-09-13] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [RXDCExtSvr] -> {70D0238E-E029-4a94-B68D-182018B6C4FF} => C:\Program Files\Roxio\Virtual Drive 10\DC_ShellExt.dll [2008-09-15] (Sonic Solutions)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {038F8A4A-6BD5-4A40-97DF-F48E264BB76B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe [2017-08-08] (Adobe Systems Incorporated)
Task: {0C20BAEC-24CC-4B43-9F7D-3E35D76F9458} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1289019028-3489076271-160467946-1003
Task: {48326310-7190-4D2E-8315-6310C8253BF8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {4B6D079D-EAF7-4C0A-AD4B-830657172F57} - System32\Tasks\Antivirus Emergency Update => C:\Program Files\AVG\Antivirus\AvEmUpdate.exe [2017-09-13] (AVG Technologies CZ, s.r.o.)
Task: {4D00AC4B-2304-478D-A69F-3DF6A643027E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {4E11E4A2-68D8-4885-A4FF-EE704AC8DFB7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {561375CB-FF5A-417B-B297-BA73DE149581} - System32\Tasks\Microsoft\Windows\Wired\GatherWired Info => C:\Windows\system32\gatherWiredInfo.vbs
Task: {7B5E426F-EAB9-4CBB-81EF-F51A16A4B487} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-07-21] (Oracle Corporation)
Task: {8119B6F2-A2CA-41A6-9BF0-21EA4A172ED5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {B9F232F5-63DF-4274-9FD1-19A1B518C029} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {BE290D13-5E66-42E7-885E-E47D088D0D0A} - System32\Tasks\SONY\Me&My VAIO\Me&My VAIO => C:\Program Files\Sony\Me&My VAIO\QLGuide.exe [2008-11-17] (Sony Corporation)
Task: {C27E1097-FE5A-4E80-87DE-0BA063D8A3E1} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {D0A03D19-A98A-454C-BA19-CE6DC8901D86} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWi relessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {F0F43D26-239A-49A8-963B-6CBF2E466A5C} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
Task: {F414C5A5-9967-42F7-AE93-42A8C7F1F91B} - System32\Tasks\Microsoft\Windows\WindowsCalendar\R eminders - Ben => C:\Program Files\Windows Calendar\WinCal.exe
Task: {FC4425D9-C5FC-4BA1-9B92-115DF09B4B6C} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2017-05-02] (Tweaking.com)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-09-13 07:35 - 2017-09-13 07:35 - 000060160 _____ () C:\Program Files\AVG\Antivirus\module_lifetime.dll
2017-09-13 07:35 - 2017-09-13 07:35 - 000168216 _____ () C:\Program Files\AVG\Antivirus\JsonRpcServer.dll
2017-09-13 07:36 - 2017-09-13 07:36 - 000213024 _____ () C:\Program Files\AVG\Antivirus\event_routing_rpc.dll
2017-09-13 07:36 - 2017-09-13 07:36 - 000243080 _____ () C:\Program Files\AVG\Antivirus\tasks_core.dll
2017-09-13 07:36 - 2017-09-13 07:36 - 000150688 _____ () C:\Program Files\AVG\Antivirus\network_notifications.dll
2017-09-13 16:43 - 2017-09-13 16:43 - 005897864 _____ () C:\Program Files\AVG\Antivirus\defs\17091308\algo.dll
2017-09-13 07:36 - 2017-09-13 07:36 - 000686808 _____ () C:\Program Files\AVG\Antivirus\ffl2.dll
2017-09-13 07:35 - 2017-09-13 07:35 - 000242568 _____ () C:\Program Files\AVG\Antivirus\streamback.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:45 - 2010-10-20 16:45 - 008801120 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2014-11-24 09:46 - 2014-11-24 09:46 - 000879104 _____ () C:\Program Files\LeapFrog\LeapFrog Connect\platforms\qwindows.dll
2017-08-27 23:54 - 2017-08-27 23:53 - 048920064 _____ () C:\Program Files\AVG\UiDll\2623\libcef.dll
2017-08-27 23:57 - 2017-08-27 23:57 - 067109376 _____ () C:\Program Files\AVG\Antivirus\libcef.dll
2017-07-13 20:51 - 2017-07-13 20:51 - 001041720 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-01-13 14:56 - 2017-01-13 14:56 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-08-13 22:23 - 2008-12-09 09:27 - 000010752 _____ () C:\Program Files\Sony\VAIO Event Service\VESBasePS.dll
2011-08-13 22:23 - 2008-12-09 09:27 - 000009728 _____ () C:\Program Files\Sony\VAIO Event Service\VESMgrSubPS.dll
2012-04-20 14:59 - 2012-03-06 17:29 - 000376832 _____ () C:\Program Files\Common Files\Sony Shared\SOHLib\sqlite3.dll
2017-08-28 20:56 - 2017-08-23 08:31 - 002881368 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.113\libg lesv2.dll
2017-08-28 20:56 - 2017-08-23 08:31 - 000086360 _____ () C:\Program Files\Google\Chrome\Application\60.0.3112.113\libe gl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\cybertechhelp.com -> hxxp://www.cybertechhelp.com
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\ebay.co.uk -> hxxp://www.ebay.co.uk
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\metcheck.com -> hxxp://www.metcheck.com
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\orange.co.uk -> hxxp://www.orange.co.uk
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\speedtest.net -> hxxp://www.speedtest.net
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\thesun.co.uk -> hxxp://www.thesun.co.uk
IE trusted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\youtube.com -> hxxp://www.youtube.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1289019028-3489076271-160467946-1003\...\1-se.com -> 1-se.com

There are 11597 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 11:23 - 2017-08-28 16:20 - 000000855 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1289019028-3489076271-160467946-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Ben\AppData\Roaming\Microsoft\Windows\The mes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [WMP-In-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-UDP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [WMP-Out-TCP-x86] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{E926E57D-011D-4F63-BCC5-FFCFDC28D091}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{CE504808-152F-4073-8BB9-0F8E7C4D30C6}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{AB3FBA72-52C3-4476-9A38-230DBE05659B}] => (Allow) %ProgramFiles(x86)%\Windows Media Player\wmplayer.exe
FirewallRules: [{DDFC5649-8A9C-43E0-A7DB-981BF4A858E6}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{8F780E2C-C765-46DE-B76E-00CC03894B97}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [UDP Query User{2A7E0DC3-026B-4EA5-B701-CB619D48A69E}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [TCP Query User{3B01EA7E-9890-4658-A8FC-B15CDE6586FE}C:\program files\kodi\kodi.exe] => (Allow) C:\program files\kodi\kodi.exe
FirewallRules: [{D4B0179E-2F00-45F5-BEAB-7024F824366C}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{4A17AA89-2A3C-4CC4-8E04-D02BD26F76A9}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{5617863F-368E-46DE-B8DE-A9F68627DF37}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{04607867-A184-44B8-B509-E66C856FC6AE}] => (Allow) C:\Program Files\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{B0A4D8EF-D68A-4235-8D8A-D9A353D713D6}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{70097CC3-FE4A-4683-9409-37652717E98B}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{1555CFC5-7EB2-4A40-BAE4-CAC3F12E1F9E}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSv cHost.exe
FirewallRules: [{0235CFB2-4BCB-43DC-B9C1-34878231E059}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{16ACD425-2E79-4BB8-ACDF-80F631C4F2BB}] => (Allow) C:\Windows\System32\muzapp.exe
FirewallRules: [{7FBCE151-8AB0-4854-A0BB-43A340CF8D19}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2BC1E23F-9DD9-44F2-BD2F-947EE4525022}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7D84453F-0EA8-4C23-8089-110E1C5570D4}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{BD4C833F-6618-44A2-B377-B5D369F044EC}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1DA32C2E-5B85-435F-90A1-AEA5BB131CB9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{465EA9CF-CAA3-4C75-B5F7-6054B55E5CB5}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D5A9AF1C-927A-476B-B264-DA68AF62BBD3}] => (Allow) LPort=2869
FirewallRules: [{510A0002-A001-49BE-9DBB-8170D071F61E}] => (Allow) LPort=1900
FirewallRules: [{053ABC7A-D15B-403E-89F3-9F3872725CB3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9FA2E034-427E-4734-A5C9-E231EF829908}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{03E3C878-6EB2-48D9-9BDC-E04057E67145}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{9FF76DCD-6788-4270-B2EC-91BD6EBDB8A3}] => (Allow) C:\Program Files\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{EF903E27-7EBC-4AB3-B176-FE14AA4ACA72}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

Could not list restore points
Check "winmgmt" service or repair WMI.


==================== Faulty Device Manager Devices =============

Could not list Devices. Check "winmgmt" service or repair WMI.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/13/2017 10:00:28 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (09/13/2017 08:48:50 PM) (Source: VzCdbSvc) (EventID: 7) (User: )
Description: Failed to load the plug-in module. (GUID = {56F9312C-C989-4E04-8C23-299DEE3A36F5})(Error code = 0x80042019)

Error: (09/13/2017 08:02:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9110

Error: (09/13/2017 08:02:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9110

Error: (09/13/2017 08:02:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2017 08:02:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8112

Error: (09/13/2017 08:02:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8112

Error: (09/13/2017 08:02:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (09/13/2017 08:02:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7114

Error: (09/13/2017 08:02:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7114


System errors:
=============
Error: (09/13/2017 10:25:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

Error: (09/13/2017 10:25:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

Error: (09/13/2017 10:19:11 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1083" attempting to start the service winmgmt with arguments "" in order to run the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (09/13/2017 10:00:37 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1083" attempting to start the service winmgmt with arguments "" in order to run the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (09/13/2017 10:00:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

Error: (09/13/2017 10:00:14 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Security Center service depends on the Windows Management Instrumentation service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.

Error: (09/13/2017 10:00:13 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1083" attempting to start the service winmgmt with arguments "" in order to run the server:
{8BC3F05E-D86B-11D0-A075-00C04FB68820}

Error: (09/13/2017 10:00:13 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (09/13/2017 10:00:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
ESProtectionDriver

Error: (09/13/2017 10:00:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The IP Helper service depends on the Windows Management Instrumentation service which failed to start because of the following error:
The executable program that this service is configured to run in does not implement the service.


CodeIntegrity:
===================================
Date: 2017-01-12 11:54:05.302
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:04.353
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:03.229
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:01.738
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:54:00.730
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:59.743
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:58.556
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:57.462
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:56.427
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 11:53:55.429
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\m wac.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) Dual CPU T3400 @ 2.16GHz
Percentage of memory in use: 57%
Total physical RAM: 2939.04 MB
Available physical RAM: 1262.75 MB
Total Virtual: 5876.39 MB
Available Virtual: 4223.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:288.5 GB) (Free:167.39 GB) NTFS ==>[drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1E87FF0F)
Partition 1: (Not Active) - (Size=9.6 GB) - (Type=27)
Partition 2: (Active) - (Size=288.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
Reply With Quote
  #150  
Old September 13th, 2017, 10:40 PM
JIO22 JIO22 is offline
CTH Subscriber
 
Join Date: Jun 2008
O/S: Windows 7 32-bit
Posts: 609
The security center, it did have a red cross on the "action canter flag" on the taskbar, when I first loaded the laptop this morning. Since the widows updates the red cross appears to of gone....
But, in action center under security it lists nothing for my protections etc.
Reply With Quote
Reply

Bookmarks

Topic Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump




All times are GMT +1. The time now is 04:40 AM.