Threads, slow computer, error in updates

DR M · February 17, 2017, 07:34:22 PM

Hello, Corrine and LzD Friends.

I would like to have a check on a friends' computer. I asked you for help with this computer in the past and Corrine said that it was the most clean computer she had seen (OK, or something similar!).

Last days, my friend complained about several issues: some pop ups, error in printing, display errors in Office, slow computer...

I visited them today, and, because of the pop ups (I didn't see myself any) I decided to run Adware Cleaner and JRT. The first found 28 threads and the latter one more. I selected to clean the computer and restarted.

The display errors in Office disappeared, and I managed to add the printer again, and print again.

Then I realized that the aniversary edition of Windows 10 was not installed. I tried to run updates, but with no result. Error 0x80070020.

Due to the malware found, I would like you to look at it and help me help it. :)

FRST LOGS:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-02-2017 02
Ran by Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î® (administrator) on IRAPOSTOLI-VAIO (17-02-2017 21:27:36)
Running from C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop
Loaded Profiles: Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î® (Available Profiles: Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î® & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Language: Î•Î»Î»Î·Î½Î¹ÎºÎ¬ (Î•Î»Î»Î¬Î´Î±Ï,)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\WINDOWS\System32\atiesrxx.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AMD) C:\WINDOWS\System32\atieclxx.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\rundll32.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\dllhost.exe
(MyCity) C:\Program Files (x86)\MCShield\MCShieldRTM.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Moonchild Productions) C:\Program Files (x86)\palemoon\palemoon.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\VESWinlogon: C:\Windows\SysWOW64\VESWinlogon.dll [2009-12-02] (Sony Corporation)
HKU\S-1-5-21-639655970-855019576-677582472-1000\...\Run: [MCShield Monitor] => C:\Program Files (x86)\MCShield\mcshieldrtm.exe [650816 2014-04-11] (MyCity)
HKU\S-1-5-21-639655970-855019576-677582472-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-06] (Ruiware)
HKU\S-1-5-21-639655970-855019576-677582472-1000\...\Policies\system: [EnableLUA] 1
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2016-01-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2016-01-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2016-01-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-09] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2016-01-09] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{36601cee-d5d8-49cc-9878-7011dd745294}: [DhcpNameServer] 192.168.10.254
Tcpip\..\Interfaces\{6d7bd819-48f2-4e64-8cdb-988bad52df69}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-639655970-855019576-677582472-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-639655970-855019576-677582472-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\S-1-5-21-639655970-855019576-677582472-1000 -> {9FE733B4-3C48-44C1-B2E5-6018D50DB588} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-04-06] (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Co.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-04-06] (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Co.)
Toolbar: HKU\S-1-5-21-639655970-855019576-677582472-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

FireFox:
========
FF ProfilePath: C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\1pyx6lm6.default [2017-02-17]
FF SelectedSearchEngine: Moonchild Productions\Pale Moon\Profiles\1pyx6lm6.default -> Google
FF Homepage: Moonchild Productions\Pale Moon\Profiles\1pyx6lm6.default -> www.google.com
FF Extension: (Adblock Latitude) - C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\1pyx6lm6.default\Extensions\adblocklatitude@addons.palemoon.org.xpi [2017-02-17] [not signed]
FF Extension: (Youtube MP3 Downloader using youtube-mp3.org) - C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\1pyx6lm6.default\Extensions\jid1-xKH0EoS44u1a2w@jetpack.xpi [2016-05-02]
FF Extension: (Flash and Video Download) - C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\Moonchild Productions\Pale Moon\Profiles\1pyx6lm6.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-09-01]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010-06-12] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKU\S-1-5-21-639655970-855019576-677582472-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_221.dll [2017-02-17] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_221.dll [2017-02-17] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-07-17] (DivX, LLC)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @mozilla.zeniko.ch/SumatraPDF_Browser_Plugin -> C:\Program Files (x86)\SumatraPDF\npPdfViewer.dll [2014-05-14] (Simon BÃ¼nzli)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-07-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll [2014-07-01] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [109056 2009-02-06] (ArcSoft Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2770312 2017-02-11] (ESET)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2013-08-22] (HP) [File not signed]
S3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S4 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2011-10-12] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2013-05-16] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2013-05-16] (Hewlett-Packard) [File not signed]
S3 Roxio UPnP Renderer 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [313840 2009-08-31] (Sonic Solutions)
S3 Roxio Upnp Server 10; C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [362992 2009-08-31] (Sonic Solutions)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe [74496 2010-09-27] (Sony Corporation)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [845312 2010-08-11] (Sony Corporation) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2016-10-25] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-10-25] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ArcSoftKsUFilter; C:\WINDOWS\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [262792 2017-02-11] (ESET)
U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [251632 2015-07-13] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15488 2016-06-23] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [197248 2017-02-11] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [153216 2017-02-12] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [208520 2017-02-11] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [61568 2017-02-11] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [84616 2017-02-11] (ESET)
S3 IntcDAud; C:\WINDOWS\System32\DRIVERS\IntcDAud.sys [244736 2009-12-16] (Intel(R) Corporation) [File not signed]
S3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus64.sys [261120 2005-09-23] (Pinnacle Systems GmbH) [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-04] (Malwarebytes Corporation)
S3 TVICHW64; C:\Windows\system32\DRIVERS\TVICHW64.SYS [21200 2015-03-20] (EnTech Taiwan)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
R3 ykinw8; C:\WINDOWS\System32\drivers\ykinx64.sys [288768 2015-10-30] (Marvell)
U3 idsvc; no ImagePath
U3 wpcsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-17 21:25 - 2017-02-17 21:27 - 00058376 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Addition.txt
2017-02-17 21:24 - 2017-02-17 21:27 - 00017184 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\FRST.txt
2017-02-17 21:24 - 2017-02-17 21:27 - 00000000 ____D C:\FRST
2017-02-17 21:23 - 2017-02-17 21:24 - 02422272 _____ (Farbar) C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\FRST64.exe
2017-02-17 21:21 - 2017-02-17 21:21 - 00899072 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\RGSA.exe
2017-02-17 21:21 - 2017-02-17 21:21 - 00000000 ___HD C:\$WINDOWS.~BT
2017-02-17 19:28 - 2017-02-17 19:28 - 00165671 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\latestwu.diagcab
2017-02-17 18:39 - 2017-02-17 18:39 - 00000759 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\JRT.txt
2017-02-17 18:28 - 2017-02-17 18:31 - 00000000 ____D C:\AdwCleaner
2017-02-12 17:29 - 2017-02-12 17:29 - 00153216 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2017-02-09 18:30 - 2017-02-09 18:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2017-02-09 18:30 - 2017-02-09 18:30 - 00000000 ____D C:\ProgramData\ESET
2017-02-01 10:29 - 2017-02-01 10:29 - 01065376 _____ (Google Inc.) C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Downloads\ChromeSetup_exe
2017-01-31 22:35 - 2016-05-31 17:11 - 133488564 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\MVI_0300 - Î'Î½Ï,,Î¹Î³ÏÎ±Ï†Î®.AVI
2017-01-31 22:28 - 2016-12-26 14:33 - 153213582 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î"Î•Î Î•Î™Î£Î'Î™ ÎœÎŸÎÎŸÎ£ ÎœÎµÌÎ³Î±Ï, Î'Î±ÏƒÎ¹ÌÎ»ÎµÎ¹Î¿Ï, Ï,,Î¿ Î›Î¹Î¿Î½Ï,,Î¬ÏÎ¹ Ï,,Î¿Ï... Î§ÏÎ¹ÏƒÏ,,Î¿Ï
2017-01-31 22:28 - 2016-12-26 13:01 - 10796576 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î§ÏÎ¹ÏƒÏ,,Î¿ÏÎ³ÎµÎ½Î½Î± 2014 ÏƒÏ,,Î¿ Î›Î¿Ï...Î³ÎºÎ¿Ï...Î¶Î¯ Ï,,Î·Ï, ÎŸÏ...Î³ÎºÎ¬Î½Ï,,Î±Ï, - YouTube [360p].mp4
2017-01-31 22:28 - 2016-11-23 20:04 - 142852693 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\ÎŸÎ¡Î˜ÎŸÎ"ÎŸÎžÎ™Î' Î£Î¤Î—Î ÎŸÎ"Î"ÎŸÎ— Î—Î Î•Î™Î¡ÎŸ.mp4
2017-01-30 11:19 - 2017-02-07 19:30 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\ÎœÎµÎ³ Î¦Ï‰Ï,,
2017-01-26 19:46 - 2017-01-26 19:54 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Thunderbird
2017-01-26 19:46 - 2017-01-26 19:46 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\Thunderbird
2017-01-26 19:45 - 2017-02-11 23:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-01-26 19:45 - 2017-02-11 23:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-26 19:45 - 2017-01-26 19:45 - 00001274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2017-01-25 10:00 - 2015-08-19 20:00 - 03682703 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î— ÎºÎ»Î®ÏƒÎ· Ï,,Ï‰Î½ Ï€ÏÏŽÏ,,Ï‰Î½ Î¼Î±Î¸Î·Ï,,ÏŽÎ½.pptx
2017-01-24 22:02 - 2017-01-25 09:54 - 12923392 _____ C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\3 Î™Î•Î¡Î'Î¡Î§Î•Î£ - Î'Î½Ï,,Î¹Î³ÏÎ±Ï†Î®.ppt
2017-01-18 21:48 - 2017-02-11 19:15 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î¤Î¿ Î¼Ï...ÏƒÏ,,Î¹ÎºÏŒ Ï,,Î·Ï, ÎµÏ€Î¹Ï,,Ï...Ï‡Î¯Î±Ï,

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-02-17 21:21 - 2016-09-28 11:01 - 00000000 ____D C:\WINDOWS\Panther
2017-02-17 21:05 - 2013-10-19 14:39 - 00000000 ____D C:\ProgramData\MCShield
2017-02-17 21:04 - 2010-01-11 16:37 - 00001194 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-02-17 19:54 - 2010-01-11 16:37 - 00001198 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-02-17 19:37 - 2010-07-17 14:10 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\ElevatedDiagnostics
2017-02-17 19:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-17 19:32 - 2014-07-04 10:53 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-17 19:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-02-17 19:31 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-02-17 19:23 - 2016-11-08 11:00 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î˜ÎÎ¼Î±Ï,,Î± 17-18
2017-02-17 19:21 - 2010-06-11 13:54 - 00004208 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{94432964-B43E-4619-A4EA-65BC7FDC44D9}
2017-02-17 19:19 - 2016-01-06 20:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-02-17 19:18 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2017-02-17 18:25 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-02-17 18:19 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\WindowsApps
2017-02-17 18:12 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2017-02-14 10:12 - 2016-01-06 20:04 - 01802264 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-02-14 10:12 - 2015-10-30 20:30 - 00668652 _____ C:\WINDOWS\system32\perfh008.dat
2017-02-14 10:12 - 2015-10-30 20:30 - 00135634 _____ C:\WINDOWS\system32\perfc008.dat
2017-02-14 03:47 - 2016-08-29 21:03 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î˜ÎÎ¼Î±Ï,,Î± ÎºÏÎºÎ»Ï‰Î½ ÎºÎ±Î¹ ÏˆÎ±Î»Î¼Î¿Î¯
2017-02-11 23:29 - 2016-06-23 14:31 - 00061568 _____ (ESET) C:\WINDOWS\system32\Drivers\EpfwLWF.sys
2017-02-11 23:29 - 2015-07-13 07:14 - 00262792 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2017-02-11 23:29 - 2015-07-13 07:14 - 00208520 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2017-02-11 23:29 - 2015-07-13 07:14 - 00197248 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2017-02-11 23:29 - 2015-07-13 07:14 - 00084616 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2017-02-11 23:17 - 2016-03-06 21:41 - 00000000 ____D C:\Users\DefaultAppPool
2017-02-11 23:17 - 2016-01-12 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2017-02-11 23:17 - 2016-01-06 21:37 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-11 23:17 - 2016-01-06 20:05 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®
2017-02-11 23:17 - 2016-01-06 19:49 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-11 23:17 - 2015-10-30 20:33 - 00000000 ____D C:\WINDOWS\ShellNew
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\IME
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\System
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\schemas
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Resources
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\ModemLogs
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\System
2017-02-11 23:17 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-11 23:17 - 2015-03-20 15:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2017-02-11 23:17 - 2015-03-19 22:35 - 00000000 ____D C:\Program Files\AMD
2017-02-11 23:17 - 2014-08-10 09:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2017-02-11 23:17 - 2014-08-09 16:42 - 00000000 ____D C:\Program Files (x86)\ATI Technologies
2017-02-11 23:17 - 2014-08-09 12:30 - 00000000 ____D C:\ProgramData\Package Cache
2017-02-11 23:17 - 2014-07-04 12:11 - 00000000 ____D C:\WINDOWS\en
2017-02-11 23:17 - 2014-07-04 12:10 - 00000000 ____D C:\WINDOWS\el
2017-02-11 23:17 - 2014-07-04 11:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2017-02-11 23:17 - 2013-10-19 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MCShield
2017-02-11 23:17 - 2013-08-10 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Mouse and Keyboard Center
2017-02-11 23:17 - 2013-03-17 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-11 23:17 - 2012-06-11 11:35 - 00000000 ____D C:\WINDOWS\system32\SPReview
2017-02-11 23:17 - 2011-10-12 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-02-11 23:17 - 2011-10-12 16:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-02-11 23:17 - 2011-09-01 18:55 - 00000000 ____D C:\WINDOWS\system32\EventProviders
2017-02-11 23:17 - 2011-08-10 16:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-11 23:17 - 2011-07-25 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-02-11 23:17 - 2010-06-15 19:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2017-02-11 23:17 - 2010-06-15 18:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGENTA - AUTOMATED ACCENTUATOR Pro version
2017-02-11 23:17 - 2010-06-12 16:13 - 00000000 ____D C:\WINDOWS\SysWOW64\spool
2017-02-11 23:17 - 2010-06-12 16:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2017-02-11 23:17 - 2010-01-11 17:28 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2017-02-11 23:17 - 2010-01-11 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft WebCam Companion 3
2017-02-11 23:17 - 2010-01-11 17:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2017-02-11 23:17 - 2010-01-11 17:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Easy Media Creator 10 LJ
2017-02-11 23:17 - 2010-01-11 17:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PMB
2017-02-11 23:17 - 2010-01-11 16:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ArcSoft Magic-i Visual Effects 2
2017-02-11 23:17 - 2009-12-28 20:06 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-11 23:17 - 2009-12-28 20:05 - 00000000 ____D C:\WINDOWS\SysWOW64\SDA
2017-02-11 23:17 - 2009-12-28 19:29 - 00000000 ____D C:\Program Files (x86)\Intel
2017-02-11 23:17 - 2009-07-14 09:44 - 00000000 ___RD C:\Users\Public\Recorded TV
2017-02-11 23:16 - 2011-08-10 16:52 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-02-11 22:04 - 2014-08-10 07:22 - 00000000 ____D C:\AMD
2017-02-11 19:45 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2017-02-11 19:39 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Registration
2017-02-11 19:38 - 2016-01-06 19:15 - 00018069 _____ C:\WINDOWS\diagerr.xml
2017-02-11 19:38 - 2016-01-06 19:15 - 00017148 _____ C:\WINDOWS\diagwrn.xml
2017-02-11 19:07 - 2016-09-22 18:47 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\ÎšÏÎºÎ»Î¿Ï, ÎµÏÎ³Î±Î¶Î¿Î¼ÎÎ½Ï‰Î½ 16
2017-02-11 19:01 - 2016-10-11 11:46 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î'Î¹Î²Î»Î¯Î¿-ÎµÎ»ÎµÎ³Î¼ÎÎ½Î±
2017-02-11 17:56 - 2016-09-29 11:26 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î"Î¹Î¬Ï†Î¿ÏÎ± Î¸ÎÎ¼Î±Ï,,Î±-Î¿Î¼Î¹Î»Î¯ÎµÏ,
2017-02-09 18:32 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-02-08 21:37 - 2016-08-09 22:30 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î¦Ï‰Ï,,. Î±ÏÏ‡Î¹ÎµÏ€Î¹ÏƒÎºÎ¿Ï€Î®
2017-02-02 12:44 - 2016-09-29 11:25 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î Î±ÏÎÎ¼Î²Î±ÏƒÎ·
2017-02-01 12:14 - 2016-08-17 10:21 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Documents\ÎÎ¯ÎºÎ·
2017-01-30 12:28 - 2011-07-25 18:08 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\vlc
2017-01-26 20:52 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2017-01-22 21:52 - 2017-01-15 22:20 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Î•ÎºÏ,,ÏÏ€Ï‰ÏƒÎ·
2017-01-22 21:42 - 2017-01-09 11:38 - 00000000 ____D C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\Ï†Ï‰Ï,,. 2016-17

==================== Files in the root of some directories =======

2010-06-11 17:56 - 2010-01-11 17:09 - 0000209 _____ () C:\Program Files (x86)\Common Files\version.txt
2012-07-09 18:27 - 2012-07-09 09:12 - 10676407 _____ () C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\ÎœÎ±Î¸Î®Î¼Î±Ï,,Î± Î¶Ï‰Î®Ï, Î±Ï€ÏŒ ÎÎ½Î±Î½ Î¼Î¹ÎºÏÎ¿ÏƒÎºÎ¿Ï€Î¹ÎºÏŒ Î³Î¯Î³Î±Î½Ï,,Î±.flv
2015-03-25 18:15 - 2016-07-03 18:36 - 0006144 _____ () C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-03-18 22:22 - 2015-03-18 22:22 - 0000017 _____ () C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\resmon.resmoncfg
2011-07-26 10:27 - 2011-07-26 10:27 - 0000000 _____ () C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\{3B3548E1-6599-4891-8558-AF4235941B2E}
2011-08-10 17:09 - 2011-08-10 17:09 - 0000000 _____ () C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\{6ABBD38A-4F2C-46FF-9E90-5EDA534F3419}
2011-08-10 15:48 - 2011-08-10 15:52 - 0000000 _____ () C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\{C277838A-2CB1-4205-A375-C47F3E3FD77C}
2013-05-18 12:16 - 2013-05-18 12:20 - 5395654 _____ () C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Î•Ï...Î±Î³Î³ÎÎ»Î¹Î±...zip
2010-06-12 16:09 - 2010-06-15 18:30 - 0000862 _____ () C:\ProgramData\hpzinstall.log
2010-12-19 16:47 - 2012-06-24 20:41 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-02-14 10:19

==================== End of FRST.txt ============================

Addition log

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2017 02
Ran by Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î® (17-02-2017 21:28:15)
Running from C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop
Windows 10 Home Version 1511 (X64) (2016-01-06 19:34:58)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-639655970-855019576-677582472-500 - Administrator - Disabled)
Guest (S-1-5-21-639655970-855019576-677582472-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-639655970-855019576-677582472-1002 - Limited - Enabled)
Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î® (S-1-5-21-639655970-855019576-677582472-1000 - Administrator - Enabled) => C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®
Î ÏÎ¿ÎµÏ€Î¹Î»ÎµÎ³Î¼ÎÎ½Î¿Ï, Î»Î¿Î³Î±ÏÎ¹Î±ÏƒÎ¼ÏŒÏ, (S-1-5-21-639655970-855019576-677582472-503 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security 9.0.408.0 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 15.2.1 - Hewlett-Packard) Hidden
7200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
7200_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
7200Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.221 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: - ALPS ELECTRIC CO., LTD.)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ArcSoft Magic-i Visual Effects 2 (HKLM-x32\...\{7BB90344-0647-468E-925A-7F69F7983421}) (Version: 2.0.1.85 - ArcSoft)
ArcSoft WebCam Companion 3 (HKLM-x32\...\{DE8AAC73-6D8D-483E-96EA-CAEDDADB9079}) (Version: 3.0.21.193 - ArcSoft)
Ashampoo Burning Studio 9.12 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.1.2 - ashampoo GmbH & Co. KG)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
EPSON TWAIN 5 (HKLM-x32\...\{254BEB3E-1085-4D66-9CDC-0152C0DC2E93}) (Version: 5.71.0000 - SEIKO EPSON Corp.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESET Smart Security (HKLM\...\{C20E6525-879A-47C3-BBC4-6B8096D3F53D}) (Version: 9.0.386.0 - ESET, spol. s r.o.)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Color LaserJet Pro MFP M476 (HKLM-x32\...\{4b849805-3b07-4b35-874a-705c0d103672}) (Version: 10.0.13302.320 - Hewlett-Packard)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software 13.0 Rel. B (HKLM\...\{B61ED343-0B14-4241-999C-490CB1A20DA4}) (Version: 13.0 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPCLJProMFPM476 (HKLM-x32\...\{C44C593D-3009-4D03-910E-243050C5E193}) (Version: 0.05.0000 - Hewlett-Packard)
HPDXP (x32 Version: 3.0.26.15 - HP) Hidden
HPLJDXPHelper (x32 Version: 060.048.005 - HP) Hidden
HPLJUTCore (x32 Version: 008.000.0001 - HP) Hidden
HPLJUTM476 (x32 Version: 010.000.0001 - HP) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00906 - Hewlett-Packard) Hidden
hppM476LaserJetService (x32 Version: 001.034.00634 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 100.040.00198 - Hewlett Packard) Hidden
hpStatusAlertsM476 (x32 Version: 100.046.00121 - Hewlett-Packard) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.4.1001 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.00.01.1002 - Intel Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 11.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.0 - )
LJDXPHelperUI (x32 Version: 060.048.005 - HP) Hidden
MAGENTA - AUTOMATED ACCENTUATOR Pro version (HKLM-x32\...\mon2polp_is1) (Version: - MAGENTA LTD)
Malwarebytes Anti-Malware ÎÎºÎ´Î¿ÏƒÎ· 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
MCShield ::Anti-Malware Tool:: (HKLM-x32\...\MCShield) (Version: 3.0.5.28 - MyCity)
Media Gallery (HKLM-x32\...\{DD88F979-FA58-41AC-980C-A6E1A82B61D9}) (Version: 1.1.1.11200 - Sony Corporation)
Media Gallery (x32 Version: 1.1.1.11200 - Sony Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Greek/Î•Î»Î»Î·Î½Î¹ÎºÎ¬ (HKLM\...\Office14.OMUI.el-gr) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.7.1.6246 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 en-US)) (Version: 45.7.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Photo Story 3 for Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.11 - Microsoft Corporation)
PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.1.00.13280 - Sony Corporation)
PMB VAIO Edition Guide (x32 Version: 1.5.00.03020 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150 - Sony Corporation) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5992 - Realtek Semiconductor Corp.)
Roxio Easy Media Creator 10 LJ (HKLM-x32\...\{537BF16E-7412-448C-95D8-846E85A1D817}) (Version: 10.3 - Roxio)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (HKLM\...\{90140000-0100-0408-1000-0000000FF1CE}_Office14.OMUI.el-gr_{61DD112D-121A-41F4-A2B9-18AE704467D6}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 64-Bit Edition (Version: - Microsoft) Hidden
Setting Utility Series (HKLM-x32\...\{A7DA438C-2E43-4C20-BFDA-C1F4A6208558}) (Version: 5.1.0.11200 - Sony Corporation)
Setup_msm_VCMS_x64 (Version: 2.6.0.06040 - Sony Corporation) Hidden
Setup_msm_VOFS_x64 (Version: 2.4.0.16010 - Sony Corporation) Hidden
Setup_VEP_x64_Contain_SSDB (Version: 3.9.30.19080 - Sony Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SOHLib Merge Module (x32 Version: 2.2.0.11240 - Sony Corporation) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sony Home Network Library (HKLM-x32\...\{A6B90666-2A1F-49E8-A40E-27EAAD11C096}) (Version: 2.2.0.13270 - Sony Corporation)
Sony Home Network Library (x32 Version: 2.0.1.10160 - Sony Corporation) Hidden
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 2.5.2 - Krzysztof Kowalczyk)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Uninstall 5.2.0 (HKLM-x32\...\Total Uninstall 5 & Power Dream_is1) (Version: - )
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
VAIO - PMB VAIO Edition Guide (HKLM-x32\...\InstallShield_{339F9B4D-00CB-4C1C-BED8-EC86A9AB602A}) (Version: 1.5.00.03020 - Sony Corporation)
VAIO - PMB VAIO Edition Plug-in (HKLM-x32\...\InstallShield_{22008CF9-2B54-4022-AFD8-3B7D42C89E6B}) (Version: 1.5.10.06150 - Sony Corporation)
VAIO Care (HKLM-x32\...\{36C5BBF0-E5BF-4DE1-B684-7E90B0C93FB5}) (Version: 6.3.0.09020 - Sony Corporation)
VAIO Care (x32 Version: 6.3.0.09020 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Analyzing Manager (HKLM\...\{F8B40DB4-FD07-4368-AA57-34F2B0839683}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata Intelligent Analyzing Manager (x32 Version: 3.6.0.09250 - Sony Corporation) Hidden
VAIO Content Metadata Intelligent Network Service Manager (HKLM\...\{725D5BA4-E9FA-452B-8CF5-D7E5F8055C71}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata Manager Settings (HKLM\...\{8FE3CF66-4484-4D39-B47D-DEBBA173619D}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Metadata XML Interface Library (HKLM\...\{97C58294-36D8-4594-8A49-7AB4AE096504}) (Version: 3.9.20.08110 - Sony Corporation)
VAIO Content Monitoring Settings (HKLM-x32\...\{06C05B90-2127-4933-8ABA-61833BDE13FA}) (Version: 2.6.0.13120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.1.1.03100 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.2.0.09150 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.2.0.09150 - Sony Corporation) Hidden
VAIO DVD Menu Data (HKLM-x32\...\{596BED91-A1D8-4DF1-8CD1-1C777F7588AC}) (Version: 2.4.00.05300 - Sony Corporation)
VAIO Entertainment Platform (HKLM-x32\...\{0489D044-6386-4BDF-9F98-577D60CF79DD}) (Version: 3.9.30.19080 - Sony Corporation)
VAIO Event Service (HKLM-x32\...\{C7477742-DDB4-43E5-AC8D-0259E1E661B1}) (Version: 5.1.0.12010 - Sony Corporation)
VAIO Gate (HKLM-x32\...\{A7C30414-2382-4086-B0D6-01A88ABA21C3}) (Version: 1.2.0.09240 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 1.0.0.10290 - Sony Corporation)
VAIO Hardware Diagnostics (x32 Version: 3.9.1 - Sony Corporation) Hidden
VAIO Marketing Tools (HKLM-x32\...\MarketingTools) (Version: - Sony Corporation)
VAIO Media plus (HKLM-x32\...\{8DE50158-80AA-4FF2-9E9F-0A7C46F71FCD}) (Version: 2.0.1.10160 - Sony Corporation)
VAIO Media plus Opening Movie (HKLM-x32\...\{9238E8A4-BEBA-43A3-B926-769BDBF194C5}) (Version: 1.2.0.09100 - Sony Corporation)
VAIO Movie Story Template Data (HKLM-x32\...\InstallShield_{6FA8BA2C-052B-4072-B8E2-2302C268BE9E}) (Version: 2.5.00.05300 - Sony Corporation)
VAIO Movie Story Template Data (x32 Version: 2.0.00.09240 - Sony Corporation) Hidden
VAIO Original Function Settings (HKLM-x32\...\{04EAE65A-CDCF-480F-B754-5C3A9364239C}) (Version: 2.4.0.19040 - Sony Corporation)
VAIO Personalization Manager (HKLM\...\{BAD9A7B0-FA18-4247-A6F5-BDCF64B40C4C}) (Version: 3.0.2.05260 - Sony Corporation)
VAIO Power Management (HKLM-x32\...\{803E4FA5-A940-4420-B89D-A8BC2E160247}) (Version: 5.0.0.11300 - Sony Corporation)
VAIO Premium Partners (HKLM-x32\...\VAIO Premium Partners) (Version: 1.0 - Sony Europe)
VAIO Quick Web Access (HKLM-x32\...\splashtop) (Version: 1.2.2.3 - Sony Corporation)
VAIO Quick Web Access (x32 Version: 1.2.2.3 - Sony Corporation) Hidden
VAIO screensaver (HKLM-x32\...\VAIO screensaver) (Version: 1.0.0.0 - Sony Europe)
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.3.1.08110 - Sony Corporation)
VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.1.2.06030 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO Wallpaper Contents (HKLM-x32\...\{D60F97EC-EF06-4E1E-B0D1-C2CBABA62FA3}) (Version: 2.0.0.06010 - Sony Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (x32 Version: 1.2.0 - Sony Corporation) Hidden
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.500 - Broadcom Corporation)
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405) (HKLM\...\930E4792BDAEAFB62A9514EE7578775658A5D07C) (Version: 09/09/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Î£Ï...Î»Î»Î¿Î³Î® Ï†Ï‰Ï,,Î¿Î³ÏÎ±Ï†Î¹ÏŽÎ½ (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {018FC5C1-FF4A-457E-8C24-DA61A1FD791D} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {17D44386-0B97-4A57-87C2-CD2D6BCF7CA4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe
Task: {21B4E91C-F1F9-41AE-B0B5-32B8E89BA125} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {233496FF-87CD-4F93-AF55-E227211C2A45} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2D3E679A-89F3-4D37-AD87-03C4314F29D0} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe
Task: {30A18F00-124C-413D-B700-2A8B1E155BB2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {31B69E8B-1956-4E2C-8A7F-F7A46DCD84FD} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {332EEDD0-8AA2-4BB1-9F30-EA23DC382276} - System32\Tasks\{85EED92F-EDEF-4612-B4B8-38DF51EB1AE0} => C:\Program Files (x86)\Mon2Pol\mon2pol.exe [2007-11-19] (MATZENTA LTD)
Task: {333A61B2-6BBF-47EF-BD73-8FDC27D4A860} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2013-04-16] (Hewlett Packard)
Task: {3788F196-F6F4-43FB-BDAC-CA97D0ED9F62} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {41306C37-9074-4B28-B8A9-003AB17216B9} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {492FE4F9-2447-4083-851C-7F83D3AFC6C5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe
Task: {4E67DAFA-3096-424D-9086-68B0D1E4BF30} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {5818BAD0-F5DE-4256-B4F9-901086F0A29A} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {618F16F7-98BC-49EF-A735-8C065E07AAFB} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)
Task: {652F862A-EA71-4620-B20E-BC57185E3616} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {683A40DB-1DEC-4CA1-AD94-F3E67037CF66} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-02-17] (Adobe Systems Incorporated)
Task: {6B846AB4-3998-45E4-AA44-89A921B6B974} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {6B8C7485-8D56-4BA6-9636-EFBB595C0C4E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {6BF7A6F0-3D76-4989-8695-9F30FEB38869} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe
Task: {70556C87-BAAB-4F86-BDAB-2018A29CA1E6} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {70F391BE-2E38-4338-B8C2-DB57298C9387} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {724E6836-51D6-4634-B681-B1B1F8EE4290} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe
Task: {73011DB1-B887-492F-AB70-A542CCAA6462} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {7A68AFA3-21AC-49E6-8501-71FD85E4B00A} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe
Task: {817B9C0C-655A-4AEB-940C-5B67D26ABA2E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe
Task: {86D8B847-B310-4A9B-99C6-6C2B76DCFD7C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {87869628-DADA-41D3-A103-B5BDEBE2F619} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {884F0F21-48AE-4FD4-AE58-52E504EDD61A} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {88D894E8-3CD7-4E4D-B7BD-3130891232F0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {8A5ECCA6-3B66-4A4E-83FE-0161E5F63008} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {8B5DB9BB-D106-4903-8417-D94D2154A48C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe
Task: {93CCC019-2FEC-4260-ACC8-658A2E155ECE} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe
Task: {96AA48B6-AE5B-4442-A20E-01DD6B0A52FC} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2009-09-25] (Sony Corporation)
Task: {9FC07282-7255-44B1-8134-DA372BF49650} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe
Task: {A14A97B5-CBCC-46A0-AF7C-FB1BCB25AEA2} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)
Task: {A1C7802C-22EF-43AE-A7A8-05B5BCB1BA6D} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe
Task: {AAE80DE4-8EC8-4B4C-ACFB-BDBAC365B5DE} - System32\Tasks\{C773BBF2-11F8-4BFB-882B-2A87F65EB7A1} => C:\Program Files (x86)\Mon2Pol\mon2pol.exe [2007-11-19] (MATZENTA LTD)
Task: {B0AA64E9-5689-465D-A328-5F308BEDB2B0} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-19] (Sony Corporation)
Task: {B1DD9C78-7A07-4006-B82A-C99D9F557E73} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {B600A111-E627-4D02-B144-C17BD5C54B4E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe
Task: {B63F6BF5-71DE-468C-9FDD-9E0E0489ABC9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {B8FADF67-9CBF-4861-BD43-AF3AEB31CC45} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe
Task: {BA5E71EF-B693-452E-80A7-A0AA2F07E66D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {BF2C490F-776D-4550-A3C7-B935EDA166C1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {C088534D-F8E7-4F09-AA02-695E0ECF752E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe
Task: {C1D1B4FA-4A68-4458-9DCC-11E684CBBB3F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe
Task: {C9C248B6-819D-4224-8AE6-0103FFE3047F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-11] (Google Inc.)
Task: {CBDAB155-96C5-4B05-A9B3-8DBDD4F7C157} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CE0ABA7A-F0E2-4BEB-9971-2704DA50A6DB} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2009-11-20] (Sony Corporation)
Task: {DA042B22-68C6-46E5-B9D4-492E0F287114} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-02-18] ()
Task: {DAA15DA2-686A-41D2-BD05-ABA542E74BC3} - System32\Tasks\{CF9F321D-7361-45E8-9056-3BD5C92A2CD6} => C:\Program Files (x86)\Mon2Pol\mon2pol.exe [2007-11-19] (MATZENTA LTD)
Task: {E0442743-04DD-412D-B0C4-71CD3F035F1E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-01-11] (Google Inc.)
Task: {E1E402C6-D75B-45BA-BE19-449ABC7BBAA6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {E9E7DBDA-0CF6-4771-A99B-149DA08E7194} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {ECF34C66-8274-4714-86DF-F1CA0503F8C9} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {F3C28F6F-9E43-4A5A-8C01-3EB2863213C4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe
Task: {F9D5E1D9-6687-490F-93D1-BC5F496045B6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-22 18:17 - 2016-10-25 11:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-22 18:17 - 2016-10-25 11:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-08-10 16:52 - 2008-06-19 23:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-01-12 19:57 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-08-09 20:55 - 2016-07-01 05:48 - 00472064

DR M · February 17, 2017, 07:45:20 PM

LOGS PART 2

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-11-22 18:17 - 2016-10-25 11:42 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-11-22 18:17 - 2016-10-25 11:42 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2011-08-10 16:52 - 2008-06-19 23:41 - 00062464 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2016-01-12 19:57 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-08-09 20:55 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-11-22 18:17 - 2016-10-25 06:49 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-11-22 18:17 - 2016-10-25 06:44 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-11-22 18:17 - 2016-10-25 06:45 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-11-22 18:17 - 2016-10-25 06:48 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-17 09:57 - 2016-05-17 09:59 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2009-12-28 20:06 - 2009-11-21 01:19 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2016-05-17 09:57 - 2016-05-17 09:59 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-17 09:57 - 2016-05-17 09:59 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2014-07-04 10:42 - 2016-11-29 18:49 - 04001280 _____ () C:\Program Files (x86)\palemoon\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-639655970-855019576-677582472-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Apoint => %ProgramFiles%\Apoint\Apoint.exe
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: HydraVisionDesktopManager => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: ISBMgr.exe => "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
MSCONFIG\startupreg: MarketingTools => C:\Program Files (x86)\Sony\Marketing Tools\MarketingTools.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NortonOnlineBackupReminder => "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SHTtray.exe => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: StatusAlerts => "C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe" /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre6\bin\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{55984F22-2EEF-4317-800D-FAAAAC981DED}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A7917A4-66FB-40F8-8EB9-B724500A3217}] => (Allow) LPort=1900
FirewallRules: [{B7242D9C-EEDB-4E4E-A8B5-D51C276807B3}] => (Allow) LPort=2869
FirewallRules: [{EDEA2511-6302-4552-941C-601264C2B1E4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{B99412B4-E620-4207-BAAE-D84C82BC8A09}] => (Allow) C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{E487CC99-6F86-42F4-9D79-CAEE59F31571}] => (Allow) C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Temp\7zS8D12.tmp\SymNRT.exe
FirewallRules: [{AA1ABF08-50B3-43D3-A8D0-BBBC27D19DCD}] => (Allow) C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Local\Temp\7zS8D12.tmp\SymNRT.exe
FirewallRules: [{255CB5A5-0A50-4776-8FFA-12C85AAE5191}] => (Allow) C:\Program Files (x86)\Sony\VAIO Media plus\VMp.exe
FirewallRules: [{0A57DEDD-44B8-4A79-BDC5-2E25AF2ED7E6}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{A260E4BA-879D-4411-883E-F947132DCA2D}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
FirewallRules: [{97294B12-8E7B-4FF8-A12C-3A6BFC86674C}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{388F12D1-37C0-4C7C-9572-C176E799F009}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [{E92B2D2D-CDA5-410D-A15B-103561638D9F}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{BAA7A4B8-9137-4F8D-AD77-5D013E3BB990}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{A75F0536-FCBA-4EF8-99E7-6758A216343F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{4AE5E903-C4C0-4070-AC91-453C04C85B98}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{D7DF7F2E-3A5C-4FDA-B42D-D830EF8B6A9E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{5CF32258-B33F-4654-8F5B-F48133B125C7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{19CDD36A-6327-4753-A8D4-01C7F72C01D7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{907E7636-8FC4-4C45-87B1-592D6E02F7CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{88595415-9BAF-47EA-B89B-DBBB31DCF6F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{595DA638-7594-4B4B-9508-20170D2D653E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{6E6D8284-9AAA-4373-8C1E-1856F6F827BF}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{4299876C-AEA7-4446-9133-5515A9A60846}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{C950521C-C91B-400D-A17A-A8D95F32A19A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{71D498E5-580E-40ED-9783-5DAFD9DB0071}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{971F09EE-1568-4D5E-A923-9BD00614A9F6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{E7703374-8904-49AB-98E9-3E86B45E4EBF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{98060FD8-3944-4C35-A5CD-595B05EF646B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A5A94E20-4AED-4B4D-9F3B-31DC2E0C4442}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{86887F54-E465-4EA2-B9DF-1FAA304391F7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{003C57FA-E307-41C5-AA16-6118606DF0EE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{44B830BB-3972-46A6-BB20-28CF21DAB7B9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{689A1089-7113-4908-BEE3-8CC9A1F82C0F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{579D8516-C41E-4515-A5B6-E8D5C9FEBD44}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{6EA75175-C123-4F91-9067-84528CA05FC7}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{C8A1B7F2-466A-4FF7-A28A-84C15396D19D}] => (Allow) svchost.exe

==================== Restore Points =========================

17-02-2017 18:37:08 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: HP Color LaserJet MFP M476dw
Description: HP Color LaserJet MFP M476dw
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: Hewlett-Packard
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart 5510 series
Description: Photosmart 5510 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/17/2017 06:37:33 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: ÎŸÎ¹ Ï...Ï€Î·ÏÎµÏƒÎ¯ÎµÏ, ÎºÏÏ...Ï€Ï,,Î¿Î³ÏÎ¬Ï†Î·ÏƒÎ·Ï, Î±Ï€ÎÏ,,Ï...Ï‡Î±Î½ ÎºÎ±Ï,,Î¬ Ï,,Î·Î½ ÎµÏ€ÎµÎ¾ÎµÏÎ³Î±ÏƒÎ¯Î± Ï,,Î·Ï, ÎºÎ»Î®ÏƒÎ·Ï, OnIdentity() ÏƒÏ,,Î¿ Î±Î½Ï,,Î¹ÎºÎµÎ¯Î¼ÎµÎ½Î¿ Î¼Î¿Î½Î¬Î´Î±Ï, ÎµÎ³Î³ÏÎ±Ï†Î®Ï, ÏƒÏ...ÏƒÏ,,Î®Î¼Î±Ï,,Î¿Ï,.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Î ÏÏ‰Ï,,ÏŒÎºÎ¿Î»Î»Î¿ Microsoft Link-Layer Discovery Protocol.

System Error:
Î"ÎµÎ½ ÎµÏ€Î¹Ï,,ÏÎÏ€ÎµÏ,,Î±Î¹ Î· Ï€ÏÏŒÏƒÎ²Î±ÏƒÎ·.
.

Error: (02/17/2017 06:11:57 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Î¤Î¿ Ï€ÏÏŒÎ³ÏÎ±Î¼Î¼Î± explorer.exe ÎÎºÎ´Î¿ÏƒÎ· 10.0.10586.672 ÏƒÏ,,Î±Î¼Î¬Ï,,Î·ÏƒÎµ Î½Î± Î±Î»Î»Î·Î»ÎµÏ€Î¹Î´ÏÎ¬ Î¼Îµ Ï,,Î± Windows ÎºÎ±Î¹ ÎÎºÎ»ÎµÎ¹ÏƒÎµ. Î"Î¹Î± Î½Î± Î´ÎµÎ¯Ï,,Îµ Î±Î½ Ï...Ï€Î¬ÏÏ‡Î¿Ï...Î½ Î´Î¹Î±Î¸ÎÏƒÎ¹Î¼ÎµÏ, Ï€ÎµÏÎ¹ÏƒÏƒÏŒÏ,,ÎµÏÎµÏ, Ï€Î»Î·ÏÎ¿Ï†Î¿ÏÎ¯ÎµÏ, Î³Î¹Î± Ï,,Î¿ Ï€ÏÏŒÎ²Î»Î·Î¼Î±, ÎµÎ»ÎÎ³Î¾Ï,,Îµ Ï,,Î¿ Î¹ÏƒÏ,,Î¿ÏÎ¹ÎºÏŒ Ï,,Î¿Ï... Ï€ÏÎ¿Î²Î»Î®Î¼Î±Ï,,Î¿Ï, ÏƒÏ,,Î¿Î½ Ï€Î¯Î½Î±ÎºÎ± ÎµÎ»ÎÎ³Ï‡Î¿Ï... Î'ÏƒÏ†Î¬Î»ÎµÎ¹Î±Ï, ÎºÎ±Î¹ ÏƒÏ...Î½Ï,,Î®ÏÎ·ÏƒÎ·Ï,.

Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ Î´Î¹ÎµÏÎ³Î±ÏƒÎ¯Î±Ï,: 1c40

ÎÏÎ± ÎÎ½Î±ÏÎ¾Î·Ï,: 01d28937e12343cb

ÎÏÎ± Ï,,ÎµÏÎ¼Î±Ï,,Î¹ÏƒÎ¼Î¿Ï: 0

Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: C:\WINDOWS\explorer.exe

Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ Î±Î½Î±Ï†Î¿ÏÎ¬Ï,: 2ea37eb9-f52b-11e6-aab9-0024bec3e60f

Î Î»Î®ÏÎµÏ, ÏŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ¿Ï Ï€Î±ÎºÎÏ,,Î¿Ï...:

Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Ï€Î¿Ï... ÏƒÏ‡ÎµÏ,,Î¯Î¶ÎµÏ,,Î±Î¹ Î¼Îµ Ï,,Î¿ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÏŒ Ï€Î±ÎºÎÏ,,Î¿:

Error: (02/12/2017 09:10:53 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IRAPOSTOLI-VAIO)
Description: Î— ÎµÎ½ÎµÏÎ³Î¿Ï€Î¿Î¯Î·ÏƒÎ· Ï,,Î·Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Microsoft.Windows.Photos_8wekyb3d8bbwe!App Î±Ï€ÎÏ,,Ï...Ï‡Îµ Î¼Îµ ÏƒÏ†Î¬Î»Î¼Î±: -2147023170. Î'Î½Î±Ï,,ÏÎÎ¾Ï,,Îµ ÏƒÏ,,Î¿ Î±ÏÏ‡ÎµÎ¯Î¿ ÎºÎ±Ï,,Î±Î³ÏÎ±Ï†Î®Ï, Microsoft-Windows-TWinUI/Operational Î³Î¹Î± Ï€ÏÏŒÏƒÎ¸ÎµÏ,,ÎµÏ, Ï€Î»Î·ÏÎ¿Ï†Î¿ÏÎ¯ÎµÏ,.

Error: (02/09/2017 05:41:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IRAPOSTOLI-VAIO)
Description: Î— ÎµÎ½ÎµÏÎ³Î¿Ï€Î¿Î¯Î·ÏƒÎ· Ï,,Î·Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Microsoft.Windows.Photos_8wekyb3d8bbwe!App Î±Ï€ÎÏ,,Ï...Ï‡Îµ Î¼Îµ ÏƒÏ†Î¬Î»Î¼Î±: -2147023170. Î'Î½Î±Ï,,ÏÎÎ¾Ï,,Îµ ÏƒÏ,,Î¿ Î±ÏÏ‡ÎµÎ¯Î¿ ÎºÎ±Ï,,Î±Î³ÏÎ±Ï†Î®Ï, Microsoft-Windows-TWinUI/Operational Î³Î¹Î± Ï€ÏÏŒÏƒÎ¸ÎµÏ,,ÎµÏ, Ï€Î»Î·ÏÎ¿Ï†Î¿ÏÎ¯ÎµÏ,.

Error: (02/08/2017 09:44:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: egui.exe, ÎÎºÎ´Î¿ÏƒÎ· 8.0.319.0, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x559d2313
ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,: ToastNotify.dll, ÎÎºÎ´Î¿ÏƒÎ·: 8.0.319.0, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x559d2398
ÎšÏ‰Î´Î¹ÎºÏŒÏ, ÎµÎ¾Î±Î¯ÏÎµÏƒÎ·Ï,: 0xc0000005
ÎœÎµÏ,,Î±Ï,,ÏŒÏ€Î¹ÏƒÎ· ÏƒÏ†Î¬Î»Î¼Î±Ï,,Î¿Ï,: 0x0000000000002f3e
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î´Î¹ÎµÏÎ³Î±ÏƒÎ¯Î±Ï,: 0x1ad4
Î§ÏÏŒÎ½Î¿Ï, ÎÎ½Î±ÏÎ¾Î·Ï, ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: 0x01d2824138f1b2ff
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: C:\Program Files\ESET\ESET Smart Security\egui.exe
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,:C:\Program Files\ESET\ESET Smart Security\ToastNotify.dll
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ Î±Î½Î±Ï†Î¿ÏÎ¬Ï,: 1d389556-789c-4afa-a2b8-d2d9e2991a23
Î Î»Î®ÏÎµÏ, ÏŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ¿Ï Ï€Î±ÎºÎÏ,,Î¿Ï...:
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Ï€Î¿Ï... ÏƒÏ‡ÎµÏ,,Î¯Î¶ÎµÏ,,Î±Î¹ Î¼Îµ Ï,,Î¿ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÏŒ Ï€Î±ÎºÎÏ,,Î¿:

Error: (02/08/2017 12:57:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: ShellExperienceHost.exe, ÎÎºÎ´Î¿ÏƒÎ· 10.0.10586.494, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x5775e94c
ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,: ntdll.dll, ÎÎºÎ´Î¿ÏƒÎ·: 10.0.10586.672, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x580ee321
ÎšÏ‰Î´Î¹ÎºÏŒÏ, ÎµÎ¾Î±Î¯ÏÎµÏƒÎ·Ï,: 0xc0000374
ÎœÎµÏ,,Î±Ï,,ÏŒÏ€Î¹ÏƒÎ· ÏƒÏ†Î¬Î»Î¼Î±Ï,,Î¿Ï,: 0x00000000000ee6fc
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î´Î¹ÎµÏÎ³Î±ÏƒÎ¯Î±Ï,: 0x1b44
Î§ÏÏŒÎ½Î¿Ï, ÎÎ½Î±ÏÎ¾Î·Ï, ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: 0x01d281e6970dabfc
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,:C:\WINDOWS\SYSTEM32\ntdll.dll
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ Î±Î½Î±Ï†Î¿ÏÎ¬Ï,: 18359ed3-16f4-4564-a37b-9e4565317c16
Î Î»Î®ÏÎµÏ, ÏŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ¿Ï Ï€Î±ÎºÎÏ,,Î¿Ï...: Microsoft.Windows.ShellExperienceHost_10.0.10586.0_neutral_neutral_cw5n1h2txyewy
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Ï€Î¿Ï... ÏƒÏ‡ÎµÏ,,Î¯Î¶ÎµÏ,,Î±Î¹ Î¼Îµ Ï,,Î¿ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÏŒ Ï€Î±ÎºÎÏ,,Î¿: App

Error: (02/07/2017 09:01:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: egui.exe, ÎÎºÎ´Î¿ÏƒÎ· 8.0.319.0, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x559d2313
ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,: ToastNotify.dll, ÎÎºÎ´Î¿ÏƒÎ·: 8.0.319.0, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x559d2398
ÎšÏ‰Î´Î¹ÎºÏŒÏ, ÎµÎ¾Î±Î¯ÏÎµÏƒÎ·Ï,: 0xc0000005
ÎœÎµÏ,,Î±Ï,,ÏŒÏ€Î¹ÏƒÎ· ÏƒÏ†Î¬Î»Î¼Î±Ï,,Î¿Ï,: 0x0000000000002f3e
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î´Î¹ÎµÏÎ³Î±ÏƒÎ¯Î±Ï,: 0x1648
Î§ÏÏŒÎ½Î¿Ï, ÎÎ½Î±ÏÎ¾Î·Ï, ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: 0x01d28171e32ce22b
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: C:\Program Files\ESET\ESET Smart Security\egui.exe
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,:C:\Program Files\ESET\ESET Smart Security\ToastNotify.dll
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ Î±Î½Î±Ï†Î¿ÏÎ¬Ï,: 741b0225-083d-4f44-bafe-35e46c5ce604
Î Î»Î®ÏÎµÏ, ÏŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ¿Ï Ï€Î±ÎºÎÏ,,Î¿Ï...:
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Ï€Î¿Ï... ÏƒÏ‡ÎµÏ,,Î¯Î¶ÎµÏ,,Î±Î¹ Î¼Îµ Ï,,Î¿ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÏŒ Ï€Î±ÎºÎÏ,,Î¿:

Error: (02/07/2017 09:01:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: IRAPOSTOLI-VAIO)
Description: Î— ÎµÎ½ÎµÏÎ³Î¿Ï€Î¿Î¯Î·ÏƒÎ· Ï,,Î·Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI Î±Ï€ÎÏ,,Ï...Ï‡Îµ Î¼Îµ ÏƒÏ†Î¬Î»Î¼Î±: -2144927141. Î'Î½Î±Ï,,ÏÎÎ¾Ï,,Îµ ÏƒÏ,,Î¿ Î±ÏÏ‡ÎµÎ¯Î¿ ÎºÎ±Ï,,Î±Î³ÏÎ±Ï†Î®Ï, Microsoft-Windows-TWinUI/Operational Î³Î¹Î± Ï€ÏÏŒÏƒÎ¸ÎµÏ,,ÎµÏ, Ï€Î»Î·ÏÎ¿Ï†Î¿ÏÎ¯ÎµÏ,.

Error: (02/07/2017 09:01:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: SearchUI.exe, ÎÎºÎ´Î¿ÏƒÎ· 10.0.10586.672, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x580ee74d
ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,: SearchUI.exe, ÎÎºÎ´Î¿ÏƒÎ·: 10.0.10586.672, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x580ee74d
ÎšÏ‰Î´Î¹ÎºÏŒÏ, ÎµÎ¾Î±Î¯ÏÎµÏƒÎ·Ï,: 0x80000003
ÎœÎµÏ,,Î±Ï,,ÏŒÏ€Î¹ÏƒÎ· ÏƒÏ†Î¬Î»Î¼Î±Ï,,Î¿Ï,: 0x00000000001f82d7
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î´Î¹ÎµÏÎ³Î±ÏƒÎ¯Î±Ï,: 0x1780
Î§ÏÏŒÎ½Î¿Ï, ÎÎ½Î±ÏÎ¾Î·Ï, ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: 0x01d28171dc61adc9
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,:C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ Î±Î½Î±Ï†Î¿ÏÎ¬Ï,: cd0e1c02-1059-4f4d-aa55-d10893ecbfce
Î Î»Î®ÏÎµÏ, ÏŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ¿Ï Ï€Î±ÎºÎÏ,,Î¿Ï...: Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewy
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Ï€Î¿Ï... ÏƒÏ‡ÎµÏ,,Î¯Î¶ÎµÏ,,Î±Î¹ Î¼Îµ Ï,,Î¿ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÏŒ Ï€Î±ÎºÎÏ,,Î¿: CortanaUI

Error: (02/07/2017 08:42:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: egui.exe, ÎÎºÎ´Î¿ÏƒÎ· 8.0.319.0, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x559d2313
ÎŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,: ToastNotify.dll, ÎÎºÎ´Î¿ÏƒÎ·: 8.0.319.0, Ï‡ÏÎ¿Î½Î¹ÎºÎ® ÏƒÎ®Î¼Î±Î½ÏƒÎ·: 0x559d2398
ÎšÏ‰Î´Î¹ÎºÏŒÏ, ÎµÎ¾Î±Î¯ÏÎµÏƒÎ·Ï,: 0xc0000005
ÎœÎµÏ,,Î±Ï,,ÏŒÏ€Î¹ÏƒÎ· ÏƒÏ†Î¬Î»Î¼Î±Ï,,Î¿Ï,: 0x0000000000002f3e
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î´Î¹ÎµÏÎ³Î±ÏƒÎ¯Î±Ï,: 0x1b00
Î§ÏÏŒÎ½Î¿Ï, ÎÎ½Î±ÏÎ¾Î·Ï, ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: 0x01d281569f8b726b
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï,: C:\Program Files\ESET\ESET Smart Security\egui.exe
Î"Î¹Î±Î´ÏÎ¿Î¼Î® ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ®Ï, Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¹ÎºÎ®Ï, Î¼Î¿Î½Î¬Î´Î±Ï,:C:\Program Files\ESET\ESET Smart Security\ToastNotify.dll
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ Î±Î½Î±Ï†Î¿ÏÎ¬Ï,: 918d36a4-5f31-4f0f-8ceb-f48937e7b874
Î Î»Î®ÏÎµÏ, ÏŒÎ½Î¿Î¼Î± ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÎ¿Ï Ï€Î±ÎºÎÏ,,Î¿Ï...:
Î'Î½Î±Î³Î½Ï‰ÏÎ¹ÏƒÏ,,Î¹ÎºÏŒ ÎµÏ†Î±ÏÎ¼Î¿Î³Î®Ï, Ï€Î¿Ï... ÏƒÏ‡ÎµÏ,,Î¯Î¶ÎµÏ,,Î±Î¹ Î¼Îµ Ï,,Î¿ ÎµÎ»Î±Ï,,Ï,,Ï‰Î¼Î±Ï,,Î¹ÎºÏŒ Ï€Î±ÎºÎÏ,,Î¿:

System errors:
=============
Error: (02/17/2017 09:22:39 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Î'Ï€Î¿Ï,,Ï...Ï‡Î¯Î± ÎµÎ³ÎºÎ±Ï,,Î¬ÏƒÏ,,Î±ÏƒÎ·Ï,: Î¤Î± Windows Î±Ï€ÎÏ,,Ï...Ï‡Î±Î½ Î½Î± ÎµÎ³ÎºÎ±Ï,,Î±ÏƒÏ,,Î®ÏƒÎ¿Ï...Î½ Ï,,Î·Î½ Ï€Î±ÏÎ±ÎºÎ¬Ï,,Ï‰ ÎµÎ½Î·Î¼ÎÏÏ‰ÏƒÎ· Î¼Îµ ÏƒÏ†Î¬Î»Î¼Î± 0x8024200d: Î•Î½Î·Î¼ÎÏÏ‰ÏƒÎ· Î´Ï...Î½Î±Ï,,Î¿Ï,,Î®Ï,,Ï‰Î½ Î³Î¹Î± Ï,,Î± Windows 10, ÎÎºÎ´Î¿ÏƒÎ· 1607.

Error: (02/17/2017 08:10:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Î— Ï...Ï€Î·ÏÎµÏƒÎ¯Î± ÎšÎµÎ½Ï,,ÏÎ¹ÎºÏŒÏ, Ï...Ï€Î¿Î»Î¿Î³Î¹ÏƒÏ,,Î®Ï, ÏƒÏ...Î³Ï‡ÏÎ¿Î½Î¹ÏƒÎ¼Î¿Ï_38759 Ï,,ÎµÏÎ¼Î±Ï,,Î¯ÏƒÏ,,Î·ÎºÎµ Î±Ï€ÏÎ¿ÏƒÎ´ÏŒÎºÎ·Ï,,Î±. Î'Ï...Ï,,ÏŒ ÎÏ‡ÎµÎ¹ ÏƒÏ...Î¼Î²ÎµÎ¯ 1 Ï†Î¿ÏÎÏ,. Î˜Î± ÎµÎºÏ,,ÎµÎ»ÎµÏƒÏ,,ÎµÎ¯ Î· Î±ÎºÏŒÎ»Î¿Ï...Î¸Î· Î´Î¹Î¿ÏÎ¸Ï‰Ï,,Î¹ÎºÎ® ÎºÎ¯Î½Î·ÏƒÎ· ÏƒÎµ 10000 Ï‡Î¹Î»Î¹Î¿ÏƒÏ,,Î¬ Ï,,Î¿Ï... Î´ÎµÏ...Ï,,ÎµÏÎ¿Î»ÎÏ€Ï,,Î¿Ï...: Î•Ï€Î±Î½ÎµÎºÎºÎ¯Î½Î·ÏƒÎ· Ï,,Î·Ï, Ï...Ï€Î·ÏÎµÏƒÎ¯Î±Ï,.

Error: (02/17/2017 08:08:22 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Î'Ï€Î¿Ï,,Ï...Ï‡Î¯Î± ÎµÎ³ÎºÎ±Ï,,Î¬ÏƒÏ,,Î±ÏƒÎ·Ï,: Î¤Î± Windows Î±Ï€ÎÏ,,Ï...Ï‡Î±Î½ Î½Î± ÎµÎ³ÎºÎ±Ï,,Î±ÏƒÏ,,Î®ÏƒÎ¿Ï...Î½ Ï,,Î·Î½ Ï€Î±ÏÎ±ÎºÎ¬Ï,,Ï‰ ÎµÎ½Î·Î¼ÎÏÏ‰ÏƒÎ· Î¼Îµ ÏƒÏ†Î¬Î»Î¼Î± 0x80070020: Î•Î½Î·Î¼ÎÏÏ‰ÏƒÎ· Î´Ï...Î½Î±Ï,,Î¿Ï,,Î®Ï,,Ï‰Î½ Î³Î¹Î± Ï,,Î± Windows 10, ÎÎºÎ´Î¿ÏƒÎ· 1607.

Error: (02/17/2017 07:23:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Î'Ï€Î¿Ï,,Ï...Ï‡Î¯Î± ÎµÎ³ÎºÎ±Ï,,Î¬ÏƒÏ,,Î±ÏƒÎ·Ï,: Î¤Î± Windows Î±Ï€ÎÏ,,Ï...Ï‡Î±Î½ Î½Î± ÎµÎ³ÎºÎ±Ï,,Î±ÏƒÏ,,Î®ÏƒÎ¿Ï...Î½ Ï,,Î·Î½ Ï€Î±ÏÎ±ÎºÎ¬Ï,,Ï‰ ÎµÎ½Î·Î¼ÎÏÏ‰ÏƒÎ· Î¼Îµ ÏƒÏ†Î¬Î»Î¼Î± 0x8024200d: Î•Î½Î·Î¼ÎÏÏ‰ÏƒÎ· Î´Ï...Î½Î±Ï,,Î¿Ï,,Î®Ï,,Ï‰Î½ Î³Î¹Î± Ï,,Î± Windows 10, ÎÎºÎ´Î¿ÏƒÎ· 1607.

Error: (02/17/2017 07:22:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Î"ÎµÎ½ Î®Ï,,Î±Î½ Î´Ï...Î½Î±Ï,,Î® Î· ÎµÎºÎºÎ¯Î½Î·ÏƒÎ· Ï,,Î·Ï, Ï...Ï€Î·ÏÎµÏƒÎ¯Î±Ï, Google Update Service (gupdate) ÎµÎ¾Î±Î¹Ï,,Î¯Î±Ï, Ï,,Î¿Ï... Î±ÎºÏŒÎ»Î¿Ï...Î¸Î¿Ï... ÏƒÏ†Î¬Î»Î¼Î±Ï,,Î¿Ï,:
Î— Ï...Ï€Î·ÏÎµÏƒÎ¯Î± Î´ÎµÎ½ Î±Ï€Î¿ÎºÏÎ¯Î¸Î·ÎºÎµ ÏƒÏ,,Î·Î½ Î±Î¯Ï,,Î·ÏƒÎ· ÎµÎºÎºÎ¯Î½Î·ÏƒÎ·Ï, Î® ÎµÎ»ÎÎ³Ï‡Î¿Ï... Î¼ÎÏƒÎ± ÏƒÎµ ÎµÏÎ»Î¿Î³Î¿ Ï‡ÏÏŒÎ½Î¿.

Error: (02/17/2017 07:22:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Î¤Î¿ Ï‡ÏÎ¿Î½Î¹ÎºÏŒ ÏŒÏÎ¹Î¿ Î±Î½Î±Î¼Î¿Î½Î®Ï, Î¾ÎµÏ€ÎµÏÎ¬ÏƒÏ,,Î·ÎºÎµ (30000 Ï‡Î¹Î»Î¹Î¿ÏƒÏ,,Î¬ Ï,,Î¿Ï... Î´ÎµÏ...Ï,,ÎµÏÎ¿Î»ÎÏ€Ï,,Î¿Ï...) ÎºÎ±Ï,,Î¬ Ï,,Î·Î½ Î±Î½Î±Î¼Î¿Î½Î® Î³Î¹Î± Ï,,Î· ÏƒÏÎ½Î´ÎµÏƒÎ· Ï,,Î·Ï, Ï...Ï€Î·ÏÎµÏƒÎ¯Î±Ï, gupdate.

Error: (02/17/2017 07:19:23 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Î— Ï...Ï€Î·ÏÎµÏƒÎ¯Î± NetTcpActivator ÎµÎ¾Î±ÏÏ,,Î¬Ï,,Î±Î¹ Î±Ï€ÏŒ Ï,,Î·Î½ Ï...Ï€Î·ÏÎµÏƒÎ¯Î± NetTcpPortSharing Ï,,Î·Ï, Î¿Ï€Î¿Î¯Î±Ï, Î· ÎµÎºÎºÎ¯Î½Î·ÏƒÎ· Î±Ï€ÎÏ,,Ï...Ï‡Îµ ÎµÎ¾Î±Î¹Ï,,Î¯Î±Ï, Ï,,Î¿Ï... Î±ÎºÏŒÎ»Î¿Ï...Î¸Î¿Ï... ÏƒÏ†Î¬Î»Î¼Î±Ï,,Î¿Ï,:
Î— Ï...Ï€Î·ÏÎµÏƒÎ¯Î± Î´ÎµÎ½ ÎµÎ¯Î½Î±Î¹ ÏƒÎµ Î¸ÎÏƒÎ· Î½Î± Î¾ÎµÎºÎ¹Î½Î®ÏƒÎµÎ¹ Î´Î¹ÏŒÏ,,Î¹ ÎµÎ¯Î½Î±Î¹ Î±Ï€ÎµÎ½ÎµÏÎ³Î¿Ï€Î¿Î¹Î·Î¼ÎÎ½Î· Î® Î´ÎµÎ½ Ï...Ï€Î¬ÏÏ‡Î¿Ï...Î½ ÎµÎ½ÎµÏÎ³Î¿Ï€Î¿Î¹Î·Î¼ÎÎ½ÎµÏ, ÏƒÏ...ÏƒÎºÎµÏ...ÎÏ, Î³Î¹Î± Î±Ï...Ï,,Î®Î½.

Error: (02/17/2017 07:18:59 PM) (Source: Application Popup) (EventID: 56) (User: )
Description: RISD0001

Error: (02/17/2017 07:17:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Î— Ï...Ï€Î·ÏÎµÏƒÎ¯Î± ÎšÎµÎ½Ï,,ÏÎ¹ÎºÏŒÏ, Ï...Ï€Î¿Î»Î¿Î³Î¹ÏƒÏ,,Î®Ï, ÏƒÏ...Î³Ï‡ÏÎ¿Î½Î¹ÏƒÎ¼Î¿Ï_37e2d Ï,,ÎµÏÎ¼Î±Ï,,Î¯ÏƒÏ,,Î·ÎºÎµ Î±Ï€ÏÎ¿ÏƒÎ´ÏŒÎºÎ·Ï,,Î±. Î'Ï...Ï,,ÏŒ ÎÏ‡ÎµÎ¹ ÏƒÏ...Î¼Î²ÎµÎ¯ 1 Ï†Î¿ÏÎÏ,. Î˜Î± ÎµÎºÏ,,ÎµÎ»ÎµÏƒÏ,,ÎµÎ¯ Î· Î±ÎºÏŒÎ»Î¿Ï...Î¸Î· Î´Î¹Î¿ÏÎ¸Ï‰Ï,,Î¹ÎºÎ® ÎºÎ¯Î½Î·ÏƒÎ· ÏƒÎµ 10000 Ï‡Î¹Î»Î¹Î¿ÏƒÏ,,Î¬ Ï,,Î¿Ï... Î´ÎµÏ...Ï,,ÎµÏÎ¿Î»ÎÏ€Ï,,Î¿Ï...: Î•Ï€Î±Î½ÎµÎºÎºÎ¯Î½Î·ÏƒÎ· Ï,,Î·Ï, Ï...Ï€Î·ÏÎµÏƒÎ¯Î±Ï,.

Error: (02/17/2017 06:39:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Î— Î»ÎµÎ¹Ï,,Î¿Ï...ÏÎ³Î¯Î± Ï,,Î·Ï, Ï...Ï€Î·ÏÎµÏƒÎ¯Î±Ï, VAIO Content Metadata Intelligent Analyzing Manager Ï,,ÎµÏÎ¼Î±Ï,,Î¯ÏƒÏ,,Î·ÎºÎµ Î±Î½Î±Ï€Î¬Î½Ï,,ÎµÏ‡Î±. Î'Ï...Ï,,ÏŒ ÏƒÏ...Î½ÎÎ²Î· 1 Ï†Î¿ÏÎ¬(ÎÏ,).

CodeIntegrity:
===================================
Date: 2017-01-24 19:12:55.293
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 13:50:33.301
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2017-01-12 12:30:17.959
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 12:09:56.962
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 11:31:48.826
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-21 10:10:53.727
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-03 09:41:14.137
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

Date: 2016-12-01 22:40:01.895
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2016-12-01 22:40:01.758
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2016-12-01 22:40:01.659
Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 48%
Total physical RAM: 3950.09 MB
Available physical RAM: 2046.19 MB
Total Virtual: 7918.09 MB
Available Virtual: 5973.26 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:450.91 GB) (Free:299.4 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: D85DA3BE)
Partition 1: (Not Active) - (Size=14.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=449 MB) - (Type=27)

END OF THE LOG

RGSA LOG

Result of Security Analysis by Rocket Grannie (x86) Updated: 5th February, 2017
Running from:C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop (21:31:56 - 02/17/2017)
***---------------------------------------------------------***
Microsoft Windows 10 Home X64
UAC is Enabled!
Internet Explorer 11
Default Browser: Microsoft Edge
***------------Antivirus - Antispyware - Firewall-----------***
Windows Defender (Disabled - Up to Date)
ESET Smart Security 9.0.408.0 (Enabled - Up to Date)
ESET Smart Security 9.0.408.0 (Enabled - Up to Date)
Windows Defender (Disabled - Up to Date)
ESET Personal firewall (Enabled)
***-------Security Programs - Browsers - Miscellaneous------***
Adobe Flash Player 24 NPAPI (version 24.0.0.221)
Microsoft Silverlight (version 5.1)
Thunderbird (version 45)
Windows Live Essentials (version 16.4)
WinPatrol (version 33.6)

Malwarebytes Anti-Malware ÎÎºÎ´Î¿ÏƒÎ· (version 2.0.2.1012) is *out of Date*

***----------------Analysis Complete-------------------------***

winchester73 · February 17, 2017, 08:33:39 PM

Panos,

First try the Updates Troubleshooter and see if the problem resolves:

Press Windows key + X, select Control panel.
Search for Troubleshooting in the upper right.
Under System and Security, click on Fix Problems with Windows Updates.
Run the Windows Update troubleshooter.
Restart the system and check if the issue is resolved.

DR M · February 17, 2017, 08:39:29 PM

Quote from: winchester73 on February 17, 2017, 08:33:39 PM
Panos,

First try the Updates Troubleshooter and see if the problem resolves:

Press Windows key + X, select Control panel.
Search for Troubleshooting in the upper right.
Under System and Security, click on Fix Problems with Windows Updates.
Run the Windows Update troubleshooter.
Restart the system and check if the issue is resolved.

Hi, Winchester.

I'm sorry I didn't mentioned this. I already tried troubleshooting, but by downloading a tool from Microsoft's page. It fixed some issues, but one remained unsolved... I don't remember what exactly was the message. I think something about service update, but I don't remember.

DR M · February 17, 2017, 08:53:51 PM

I ran again the troubleshooting tool. Now, all problems are shown fixed, so I restarted the computer. Let's see.

Corrine · February 17, 2017, 08:54:37 PM

If the Troubleshooter doesn't allow the Anniversary Update (1607) to be installed, reset Windows Update components, being sure to back up the registry first. See How do I reset Windows Update components?.

As to the logs, with a quick look, there isn't much more than some leftover "GWX stuff" from the Windows 10 upgrade. Not a big deal, as you know.

winchester73 · February 17, 2017, 08:57:36 PM

Quote from: DR M on February 17, 2017, 08:53:51 PM
I ran again the troubleshooting tool. Now, all problems are shown fixed, so I restarted the computer. Let's see.

Fingers crossed 8)

DR M · February 17, 2017, 08:59:51 PM

Quote from: Corrine on February 17, 2017, 08:54:37 PM
If the Troubleshooter doesn't allow the Anniversary Update (1607) to be installed, reset Windows Update components, being sure to back up the registry first. See How do I reset Windows Update components?.

As to the logs, with a quick look, there isn't much more than some leftover "GWX stuff" from the Windows 10 upgrade. Not a big deal, as you know.

OK, Corrine and Winchester! It seems that some updates are taking place now, as I'm waiting the computer to restart.

Really?? No malware in the logs? This computer is strange! :o

And what about the 28 threads found by Adware Cleaner? They are gone?

winchester73 · February 17, 2017, 09:09:59 PM

Quote from: DR M on February 17, 2017, 08:59:51 PM
Really?? No malware in the logs? This computer is strange! :o

And what about the 28 threads found by Adware Cleaner? They are gone?

AdwCleaner probably removed any junk that was there. If you hit the Clean button, AdwCleaner would have rebooted the computer, removed the files and registry entries associated with the various adware, then displayed a log showing the files, folders, and registry entries that were removed.

The Scan button would have had AdwCleaner search the computer then display all the files, folders, and registry entries found that are used by adware programs. If you haven't 'cleaned', you can run AdwCleaner again and it will display the items.

Corrine · February 17, 2017, 09:11:15 PM

The AdwCleaner log is located in the C:\AdwCleaner folder.

winchester73 · February 17, 2017, 09:13:14 PM

Quote from: Corrine on February 17, 2017, 09:11:15 PM
The AdwCleaner log is located in the C:\AdwCleaner folder.

8)

DR M · February 17, 2017, 09:21:25 PM

8)

# AdwCleaner v6.043 - *Logfile created 17/02/2017 *at 18:31:29
# *Updated on 27/01/2017 by Malwarebytes
# *Database : 2017-02-13.1 [*Server]
# *Operating System : Windows 10 Home (X64)
# *Username : Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î® - IRAPOSTOLI-VAIO
# *Running from : C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\Desktop\adwcleaner_6.043.exe
# *Mode: Clean
# *Support : https://www.malwarebytes.com/support

***** [ *Services ] *****

***** [ *Folders ] *****

[-] *Folder deleted: C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\LocalLow\HPAppData
[-] *Folder deleted: C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\DriverCure
[-] *Folder deleted: C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\speedypc software

*Folder deleted on reboot: C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\SpeedyPC Software
[-] *Folder deleted: C:\Users\Î™ÎµÏÎ±Ï€Î¿ÏƒÏ,,Î¿Î»Î®\AppData\Roaming\Auslogics
[-] *Folder deleted: C:\ProgramData\speedypc software
*Folder deleted on reboot: C:\ProgramData\SpeedyPC Software
*Folder deleted on reboot: C:\ProgramData\Application Data\speedypc software
*Folder deleted on reboot: C:\ProgramData\Application Data\SpeedyPC Software

***** [ *Files ] *****

***** [ DLL ] *****

***** [ WMI ] *****

***** [ *Shortcuts ] *****

***** [ *Scheduled Tasks ] *****

***** [ *Registry ] *****

[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] *Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
*Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
*Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
*Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
*Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] *Key deleted: HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
[-] *Key deleted: HKU\S-1-5-21-639655970-855019576-677582472-1000\Software\DriverTuner
[-] *Key deleted: HKU\S-1-5-21-639655970-855019576-677582472-1000\Software\DriverTuner_Init
[-] *Key deleted: HKU\S-1-5-21-639655970-855019576-677582472-1000\Software\speedypc software
*Key deleted on reboot: HKCU\Software\DriverTuner
*Key deleted on reboot: HKCU\Software\DriverTuner_Init
*Key deleted on reboot: HKCU\Software\speedypc software
[-] *Key deleted: HKLM\SOFTWARE\speedypc software
*Key deleted on reboot: [x64] HKCU\Software\DriverTuner
*Key deleted on reboot: [x64] HKCU\Software\DriverTuner_Init
*Key deleted on reboot: [x64] HKCU\Software\speedypc software

***** [ *Browsers ] *****

*************************

:: *"Tracing" keys deleted
:: *Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [2880 *Bytes] - [17/02/2017 18:31:29]
C:\AdwCleaner\AdwCleaner[S0].txt - [2937 *Bytes] - [17/02/2017 18:30:54]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [3028 *Bytes] ##########

Meanwhile, the update failed, due to empty computer's battery... Now, I'm waiting for them to get downloaded and installed.

Corrine · February 17, 2017, 09:37:15 PM

It is best to download updates when connected to the modem rather than via wi-fi.

As to SpeedyPC, although a couple years old, this explains the pop-ups: Remove SpeedyPC.com pop-up ads (Virus Removal Guide). I haven't gotten past seeing some questionable reviews of DriverTuner but, as you know, it is always best to update from the source rather than third parties.

DR M · February 17, 2017, 09:54:18 PM

I'm using the ethernet cable and not my wi fi for downloading them. They are up to 32%. Very slow downloading.

So, now the computer is clean, once more, and no other action is needed?

Why do you suggest the updates downloading via modem and not wifi?

(I don't think that Driver Tuner got installed intentionally.)

DR M · February 17, 2017, 10:21:45 PM

I thought that updates were installed, especially after the restart. But I see in the Updates History that updates failed again.

Now, it says Downloading updates 100%, and that's it.

Thank you, and I will let you now what is going to happen, tomorrow.

Good night from me now. :)