Jump to content
Sign in to follow this  
MrHappyGoLucky12

What are these two suspicious things?

Recommended Posts

What are these two suspicious things? I can't find too much about them and they aren't in the Add/Remove Programs.




I used:

  • CCleaner
  • Malware Bytes Anti Malware
  • Spybot Search & Destroy
  • Super Anti Spyware
  • Bit Defender
  • F-Secure
  • Kaspersky
  • Panda Activescan
  • Trend Micro Housecall
and they are still there. I got a HJT and Spybot log. It won't let me post the Spybot log here because it is too long, and when I hit POST, it takes minutes and then gives me a fatal error message. But here is the HJT log:



Logfile of Spybot 2.4.40.0. Copyright © 2000-2015 Safer-Networking Limited. All rights reserved.

Scan saved at 2/8/2015 5:33:22 PM

Platform: Windows 8.1 (Build: 9200) (6.3.9200)


Running processes:

[system Process]

System

C:\Windows\System32\smss.exe

C:\Windows\System32\csrss.exe

C:\Windows\System32\wininit.exe

C:\Windows\System32\csrss.exe

C:\Windows\System32\winlogon.exe

C:\Windows\System32\services.exe

C:\Windows\System32\lsass.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\VPDAgent_x64.exe

C:\Windows\System32\atiesrxx.exe

C:\Windows\System32\dwm.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\atieclxx.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\System32\svchost.exe

C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

C:\Windows\SysWOW64\IntelCpHeciSvc.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Windows\System32\dasHost.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

C:\Program Files (x86)\Neat\exec\NeatStartupService.exe

C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

C:\Windows\System32\svchost.exe

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

C:\Program Files\Windows Defender\MsMpEng.exe

C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

C:\Windows\SysWOW64\dllhost.exe

C:\Program Files\Windows Defender\NisSrv.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\taskhostex.exe

C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Windows\explorer.exe

C:\Windows\System32\SearchIndexer.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe

C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe

C:\Windows\System32\conhost.exe

C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files\Sony\VAIO Care\VCPerfService.exe

C:\Program Files\Sony\VAIO Care\listener.exe

C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

C:\Program Files\Sony\VAIO Update\VUAgent.exe

C:\Program Files\Sony\VAIO Improvement\vim.exe

C:\Program Files\Sony\VAIO Improvement\vim.exe

C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

C:\Windows\System32\wbem\WmiPrvSE.exe

C:\Program Files\Sony\VAIO Care\VCService.exe

C:\Program Files\Sony\VAIO Care\VCAgent.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

chrome.exe

chrome.exe

chrome.exe

chrome.exe

chrome.exe

chrome.exe

chrome.exe

chrome.exe

chrome.exe

chrome.exe

C:\Windows\ImmersiveControlPanel\SystemSettings.exe

C:\Windows\System32\WWAHost.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\Classic Shell\ClassicStartMenu.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe

C:\Program Files\SUPERAntiSpyware\SASCore64.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

C:\Windows\System32\taskhost.exe

SearchProtocolHost.exe

SearchFilterHost.exe

WmiPrvSE.exe

dllhost.exe

dllhost.exe

C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe


F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe

O4 - HKCU\..\Run: [Google Update] C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe

O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_193928417959A0B74D1B60975331D7B6] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKLM\..\Run: []

O4 - HKLM\..\Run: [startCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe

O20 - Winlogon Notify: igfxcui = igfxdev.dll

O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll

O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL

O23 - Service: SAS Core Service (!SASCORE) - /owner unsupported/ - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

O23 - Service: @1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller (1394ohci) - /owner unsupported/ - \SystemRoot\System32\drivers\1394ohci.sys

O23 - Service: @acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver (ACPI) - /owner unsupported/ - System32\drivers\ACPI.sys

O23 - Service: Microsoft ACPIEx Driver (acpiex) - /owner unsupported/ - System32\Drivers\acpiex.sys

O23 - Service: @acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver (acpipagr) - /owner unsupported/ - \SystemRoot\System32\drivers\acpipagr.sys

O23 - Service: @acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver (AcpiPmi) - /owner unsupported/ - \SystemRoot\System32\drivers\acpipmi.sys

O23 - Service: @acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver (acpitime) - /owner unsupported/ - \SystemRoot\System32\drivers\acpitime.sys

O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Drive CS4 NP (AdobeDriveCS4_NP) - /owner unsupported/ -

O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: afcdp (afcdp) - /owner unsupported/ - system32\DRIVERS\afcdp.sys

O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

O23 - Service: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - /owner unsupported/ - \SystemRoot\system32\drivers\afd.sys

O23 - Service: VPDAgent (Agent) - /owner unsupported/ - C:\WINDOWS\VPDAgent_x64.exe

O23 - Service: @machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter (agp440) - /owner unsupported/ - System32\drivers\agp440.sys

O23 - Service: @%systemroot%\system32\drivers\ahcache.sys,-102 (ahcache) - /owner unsupported/ - system32\DRIVERS\ahcache.sys

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - /owner unsupported/ - C:\WINDOWS\System32\alg.exe

O23 - Service: @cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver (AmdK8) - /owner unsupported/ - \SystemRoot\System32\drivers\amdk8.sys

O23 - Service: @oem49.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter (amdkmpfd) - /owner unsupported/ - System32\drivers\amdkmpfd.sys

O23 - Service: @cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver (AmdPPM) - /owner unsupported/ - \SystemRoot\System32\drivers\amdppm.sys

O23 - Service: @%systemroot%\system32\appidsvc.dll,-102 (AppID) - /owner unsupported/ - \SystemRoot\system32\drivers\appid.sys

O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver (arcsas) - /owner unsupported/ - System32\drivers\arcsas.sys

O23 - Service: @mshdc.inf,%idechannel.DeviceDesc%;IDE Channel (atapi) - /owner unsupported/ - System32\drivers\atapi.sys

O23 - Service: @oem9.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class (AthBTPort) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\btath_flt.sys

O23 - Service: AtherosSvc (AtherosSvc) - /owner unsupported/ - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe

O23 - Service: @oem38.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\athwbx.sys

O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD (b06bdrv) - /owner unsupported/ - System32\drivers\bxvbda.sys

O23 - Service: @bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service (bcmfn2) - /owner unsupported/ - \SystemRoot\System32\drivers\bcmfn2.sys

O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: Beep (Beep) - /owner unsupported/ -

O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-102 (bowser) - /owner unsupported/ - system32\DRIVERS\bowser.sys

O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @oem7.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver (BTATH_A2DP) - /owner unsupported/ - \SystemRoot\system32\drivers\btath_a2dp.sys

O23 - Service: @oem39.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service (btath_avdt) - /owner unsupported/ - \SystemRoot\system32\drivers\btath_avdt.sys

O23 - Service: @oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus (BTATH_BUS) - /owner unsupported/ - \SystemRoot\System32\drivers\btath_bus.sys

O23 - Service: @oem27.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver (BTATH_HCRP) - /owner unsupported/ - \SystemRoot\System32\drivers\btath_hcrp.sys

O23 - Service: @oem32.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device (BTATH_LWFLT) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\btath_lwflt.sys

O23 - Service: @oem34.inf,%BTATH_RCP%;Bluetooth AVRCP Device (BTATH_RCP) - /owner unsupported/ - \SystemRoot\System32\drivers\btath_rcp.sys

O23 - Service: @oem39.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver (BTATH_VDP) - /owner unsupported/ - \SystemRoot\system32\drivers\btath_vdp.sys

O23 - Service: BtFilter (BtFilter) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\btfilter.sys

O23 - Service: @bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID (BthAvrcpTg) - /owner unsupported/ - \SystemRoot\System32\drivers\BthAvrcpTg.sys

O23 - Service: @bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service (BthEnum) - /owner unsupported/ - \SystemRoot\System32\drivers\BthEnum.sys

O23 - Service: @bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator (BthHFEnum) - /owner unsupported/ - \SystemRoot\System32\drivers\bthhfenum.sys

O23 - Service: @bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID (bthhfhid) - /owner unsupported/ - \SystemRoot\System32\drivers\BthHFHid.sys

O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver (BthLEEnum) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\BthLEEnum.sys

O23 - Service: @bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver (BTHMODEM) - /owner unsupported/ - \SystemRoot\System32\drivers\bthmodem.sys

O23 - Service: @bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network) (BthPan) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\bthpan.sys

O23 - Service: @bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver (BTHPORT) - /owner unsupported/ - \SystemRoot\System32\Drivers\BTHport.sys

O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver (BTHUSB) - /owner unsupported/ - \SystemRoot\System32\Drivers\BTHUSB.sys

O23 - Service: CD/DVD File System Reader (cdfs) - /owner unsupported/ - system32\DRIVERS\cdfs.sys

O23 - Service: @cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver (cdrom) - /owner unsupported/ - \SystemRoot\System32\drivers\cdrom.sys

O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @circlass.inf,%circlass.SVCDESC%;Consumer IR Devices (circlass) - /owner unsupported/ - \SystemRoot\System32\drivers\circlass.sys

O23 - Service: @%SystemRoot%\system32\drivers\clfs.sys,-100 (CLFS) - /owner unsupported/ - System32\drivers\CLFS.sys

O23 - Service: CLVirtualDrive (CLVirtualDrive) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys

O23 - Service: @cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver (CmBatt) - /owner unsupported/ - \SystemRoot\System32\drivers\CmBatt.sys

O23 - Service: @CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver (CompositeBus) - /owner unsupported/ - \SystemRoot\System32\drivers\CompositeBus.sys

O23 - Service: @comres.dll,-947 (COMSysApp) - /owner unsupported/ - C:\WINDOWS\system32\dllhost.exe

O23 - Service: Console Driver (condrv) - /owner unsupported/ - System32\drivers\condrv.sys

O23 - Service: Intel® Content Protection HECI Service (cphs) - /owner unsupported/ - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe

O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\drivers\dam.sys,-100 (dam) - /owner unsupported/ - system32\drivers\dam.sys

O23 - Service: @combase.dll,-5012 (DcomLaunch) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-1008 (Dfsc) - /owner unsupported/ - System32\Drivers\dfsc.sys

O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @disk.inf,%disk_ServiceDesc%;Disk Driver (disk) - /owner unsupported/ - System32\drivers\disk.sys

O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers (drmkaud) - /owner unsupported/ - \SystemRoot\system32\drivers\drmkaud.sys

O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: LDDM Graphics Subsystem (DXGKrnl) - /owner unsupported/ - \SystemRoot\System32\drivers\dxgkrnl.sys

O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD (ebdrv) - /owner unsupported/ - System32\drivers\evbda.sys

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe

O23 - Service: @%SystemRoot%\system32\drivers\EhStorClass.sys,-100 (EhStorClass) - /owner unsupported/ - System32\drivers\EhStorClass.sys

O23 - Service: @ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols (EhStorTcgDrv) - /owner unsupported/ - System32\drivers\EhStorTcgDrv.sys

O23 - Service: @errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver (ErrDev) - /owner unsupported/ - \SystemRoot\System32\drivers\errdev.sys

O23 - Service: Energy Server Service (ESRV_SVC) - /owner unsupported/ -

O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @comres.dll,-2450 (EventSystem) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: exFAT File System Driver (exfat) - /owner unsupported/ -

O23 - Service: FAT12/16/32 File System Driver (fastfat) - /owner unsupported/ -

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - /owner unsupported/ - C:\WINDOWS\system32\fxssvc.exe

O23 - Service: @fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver (fdc) - /owner unsupported/ - \SystemRoot\System32\drivers\fdc.sys

O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\drivers\fileinfo.sys,-100 (FileInfo) - /owner unsupported/ - System32\drivers\fileinfo.sys

O23 - Service: @%SystemRoot%\system32\drivers\filetrace.sys,-10001 (Filetrace) - /owner unsupported/ - system32\drivers\filetrace.sys

O23 - Service: FLEXnet Licensing Service (FLEXnet Licensing Service) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: FLEXnet Licensing Service 64 (FLEXnet Licensing Service 64) - /owner unsupported/ - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe

O23 - Service: @flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver (flpydisk) - /owner unsupported/ - \SystemRoot\System32\drivers\flpydisk.sys

O23 - Service: @%SystemRoot%\system32\drivers\fltmgr.sys,-10001 (FltMgr) - /owner unsupported/ - system32\drivers\fltmgr.sys

O23 - Service: Acronis Storage Filter Management (fltsrv) - /owner unsupported/ - system32\DRIVERS\fltsrv.sys

O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\PresentationHost.exe,-3309 (FontCache3.0.0.0) - /owner unsupported/ - C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

O23 - Service: @%SystemRoot%\system32\drivers\fsdepends.sys,-10001 (FsDepends) - /owner unsupported/ - System32\drivers\FsDepends.sys

O23 - Service: @%SystemRoot%\system32\drivers\fvevol.sys,-100 (fvevol) - /owner unsupported/ - System32\DRIVERS\fvevol.sys

O23 - Service: @cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver (FxPPM) - /owner unsupported/ - \SystemRoot\System32\drivers\fxppm.sys

O23 - Service: @machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms (gagp30kx) - /owner unsupported/ - System32\drivers\gagp30kx.sys

O23 - Service: @wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter (gencounter) - /owner unsupported/ - \SystemRoot\System32\drivers\vmgencounter.sys

O23 - Service: Microsoft GPIO Class Extension Driver (GPIOClx0101) - /owner unsupported/ - System32\Drivers\msgpioclx.sys

O23 - Service: @gpapi.dll,-112 (gpsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - /owner unsupported/ - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - /owner unsupported/ - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: @hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio (HDAudBus) - /owner unsupported/ - \SystemRoot\System32\drivers\HDAudBus.sys

O23 - Service: @hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver (HidBatt) - /owner unsupported/ - \SystemRoot\System32\drivers\HidBatt.sys

O23 - Service: @hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport (HidBth) - /owner unsupported/ - \SystemRoot\System32\drivers\hidbth.sys

O23 - Service: @hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver (hidi2c) - /owner unsupported/ - \SystemRoot\System32\drivers\hidi2c.sys

O23 - Service: @hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver (HidIr) - /owner unsupported/ - \SystemRoot\System32\drivers\hidir.sys

O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @oem20.inf,%HID.SvcDesc%;Microsoft HID Class Driver (HidUsb) - /owner unsupported/ - \SystemRoot\System32\drivers\hidusb.sys

O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\drivers\http.sys,-1 (HTTP) - /owner unsupported/ - system32\drivers\HTTP.sys

O23 - Service: @%systemroot%\system32\drivers\hwpolicy.sys,-101 (hwpolicy) - /owner unsupported/ - System32\drivers\hwpolicy.sys

O23 - Service: @msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver (i8042prt) - /owner unsupported/ - \SystemRoot\System32\drivers\i8042prt.sys

O23 - Service: @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel® Serial IO GPIO Controller Driver (iaLPSSi_GPIO) - /owner unsupported/ - \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys

O23 - Service: @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel® Serial IO I2C Controller Driver (iaLPSSi_I2C) - /owner unsupported/ - \SystemRoot\System32\drivers\iaLPSSi_I2C.sys

O23 - Service: @iastorav.inf,%iaStorAV.DeviceDesc%;Intel® SATA RAID Controller Windows (iaStorAV) - /owner unsupported/ - System32\drivers\iaStorAV.sys

O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - /owner unsupported/ - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

O23 - Service: @iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7 (iaStorV) - /owner unsupported/ - System32\drivers\iaStorV.sys

O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - /owner unsupported/ - C:\WINDOWS\system32\IEEtwCollector.exe

O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - /owner unsupported/ - \SystemRoot\system32\drivers\RTKVHD64.sys

O23 - Service: @oem10.inf,%IntcDAud.SvcDesc%;Intel® Display Audio (IntcDAud) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\IntcDAud.sys

O23 - Service: Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) - /owner unsupported/ - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® ME Service (Intel® ME Service) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: @intelpep.inf,%INTELPEP.SVCDESC%;Intel® Power Engine Plug-in Driver (intelpep) - /owner unsupported/ - System32\drivers\intelpep.sys

O23 - Service: @cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver (intelppm) - /owner unsupported/ - \SystemRoot\System32\drivers\intelppm.sys

O23 - Service: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - /owner unsupported/ - system32\DRIVERS\ipfltdrv.sys

O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: IP Network Address Translator (IPNAT) - /owner unsupported/ - System32\drivers\ipnat.sys

O23 - Service: @%SystemRoot%\system32\drivers\irenum.sys,-100 (IRENUM) - /owner unsupported/ - system32\drivers\irenum.sys

O23 - Service: @iscsi.inf,%iScsiPortName%;iScsiPort Driver (iScsiPrt) - /owner unsupported/ - \SystemRoot\System32\drivers\msiscsi.sys

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver (kbdclass) - /owner unsupported/ - \SystemRoot\System32\drivers\kbdclass.sys

O23 - Service: @keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver (kbdhid) - /owner unsupported/ - \SystemRoot\System32\drivers\kbdhid.sys

O23 - Service: @kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20) (kdnic) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\kdnic.sys

O23 - Service: @keyiso.dll,-100 (KeyIso) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe

O23 - Service: Kernel Streaming Thunks (ksthunk) - /owner unsupported/ - \SystemRoot\system32\drivers\ksthunk.sys

O23 - Service: @comres.dll,-2946 (KtmRm) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-6 (lltdio) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\lltdio.sys

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\drivers\luafv.sys,-100 (luafv) - /owner unsupported/ - \SystemRoot\system32\drivers\luafv.sys

O23 - Service: @oem12.inf,%HECI_SvcDesc%;Intel® Management Engine Interface (MEIx64) - /owner unsupported/ - \SystemRoot\System32\drivers\HECIx64.sys

O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service (monitor) - /owner unsupported/ - \SystemRoot\System32\drivers\monitor.sys

O23 - Service: @msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver (mouclass) - /owner unsupported/ - \SystemRoot\System32\drivers\mouclass.sys

O23 - Service: @msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver (mouhid) - /owner unsupported/ - \SystemRoot\System32\drivers\mouhid.sys

O23 - Service: @%SystemRoot%\system32\drivers\mountmgr.sys,-100 (mountmgr) - /owner unsupported/ - System32\drivers\mountmgr.sys

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - /owner unsupported/ - System32\drivers\mpsdrv.sys

O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\webclnt.dll,-104 (MRxDAV) - /owner unsupported/ - \SystemRoot\system32\drivers\mrxdav.sys

O23 - Service: @%systemroot%\system32\wkssvc.dll,-1002 (mrxsmb) - /owner unsupported/ - system32\DRIVERS\mrxsmb.sys

O23 - Service: @%systemroot%\system32\wkssvc.dll,-1004 (mrxsmb10) - /owner unsupported/ - system32\DRIVERS\mrxsmb10.sys

O23 - Service: @%systemroot%\system32\wkssvc.dll,-1006 (mrxsmb20) - /owner unsupported/ - system32\DRIVERS\mrxsmb20.sys

O23 - Service: @%SystemRoot%\system32\bridgeres.dll,-1 (MsBridge) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\bridge.sys

O23 - Service: @comres.dll,-2797 (MSDTC) - /owner unsupported/ - C:\WINDOWS\System32\msdtc.exe

O23 - Service: @msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator (msgpiowin32) - /owner unsupported/ - \SystemRoot\System32\drivers\msgpiowin32.sys

O23 - Service: @%SystemRoot%\system32\drivers\mshidkmdf.sys,-100 (mshidkmdf) - /owner unsupported/ - \SystemRoot\System32\drivers\mshidkmdf.sys

O23 - Service: @%SystemRoot%\system32\drivers\mshidumdf.sys,-100 (mshidumdf) - /owner unsupported/ - \SystemRoot\System32\drivers\mshidumdf.sys

O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - /owner unsupported/ - C:\WINDOWS\system32\msiexec.exe

O23 - Service: @ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy (MSKSSRV) - /owner unsupported/ - \SystemRoot\system32\drivers\MSKSSRV.sys

O23 - Service: @C:\Windows\system32\DRIVERS\mslldp.sys,-200 (MsLldp) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\mslldp.sys

O23 - Service: @ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy (MSPCLOCK) - /owner unsupported/ - \SystemRoot\system32\drivers\MSPCLOCK.sys

O23 - Service: @ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy (MSPQM) - /owner unsupported/ - \SystemRoot\system32\drivers\MSPQM.sys

O23 - Service: @mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver (mssmbios) - /owner unsupported/ - \SystemRoot\System32\drivers\mssmbios.sys

O23 - Service: @ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter (MSTEE) - /owner unsupported/ - \SystemRoot\system32\drivers\MSTEE.sys

O23 - Service: @mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver (MTConfig) - /owner unsupported/ - \SystemRoot\System32\drivers\MTConfig.sys

O23 - Service: @%systemroot%\system32\drivers\mup.sys,-101 (Mup) - /owner unsupported/ - System32\Drivers\mup.sys

O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\drivers\nwifi.sys,-101 (NativeWifiP) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\nwifi.sys

O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\drivers\ndis.sys,-200 (NDIS) - /owner unsupported/ - system32\drivers\ndis.sys

O23 - Service: @%SystemRoot%\System32\drivers\ndiscap.sys,-5000 (NdisCap) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndiscap.sys

O23 - Service: @%SystemRoot%\System32\drivers\ndisimplatform.sys,-501 (NdisImPlatform) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\NdisImPlatform.sys

O23 - Service: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndistapi.sys

O23 - Service: @ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol (Ndisuio) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndisuio.sys

O23 - Service: @%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200 (NdisVirtualBus) - /owner unsupported/ - \SystemRoot\System32\drivers\NdisVirtualBus.sys

O23 - Service: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndiswan.sys

O23 - Service: @%systemroot%\system32\rascfg.dll,-32014 (NdisWanLegacy) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndiswan.sys

O23 - Service: @%SystemRoot%\system32\drivers\Ndu.sys,-10001 (Ndu) - /owner unsupported/ - system32\drivers\Ndu.sys

O23 - Service: Neat Startup Service (Neat Startup Service) - /owner unsupported/ - C:\Program Files (x86)\Neat\exec\NeatStartupService.exe

O23 - Service: @netnb.inf,%NetBIOS_Desc%;NetBIOS Interface (NetBIOS) - /owner unsupported/ - system32\DRIVERS\netbios.sys

O23 - Service: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - /owner unsupported/ - System32\DRIVERS\netbt.sys

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe

O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201 (NetTcpPortSharing) - /owner unsupported/ - C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

O23 - Service: NetworkSupport (NetworkSupport) - /owner unsupported/ - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe

O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider (npsvctrig) - /owner unsupported/ - \SystemRoot\System32\drivers\npsvctrig.sys

O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - /owner unsupported/ - system32\drivers\nsiproxy.sys

O23 - Service: @machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter (nv_agp) - /owner unsupported/ - System32\drivers\nv_agp.sys

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @msports.inf,%Parport.SVCDESC%;Parallel port driver (Parport) - /owner unsupported/ - \SystemRoot\System32\drivers\parport.sys

O23 - Service: @%SystemRoot%\system32\drivers\partmgr.sys,-100 (partmgr) - /owner unsupported/ - System32\drivers\partmgr.sys

O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @machine.inf,%pci_svcdesc%;PCI Bus Driver (pci) - /owner unsupported/ - System32\drivers\pci.sys

O23 - Service: Performance Counters for Windows Driver (pcw) - /owner unsupported/ - System32\drivers\pcw.sys

O23 - Service: @%SystemRoot%\system32\drivers\pdc.sys,-100 (pdc) - /owner unsupported/ - system32\drivers\pdc.sys

O23 - Service: PEAUTH (PEAUTH) - /owner unsupported/ - system32\drivers\peauth.sys

O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - /owner unsupported/ - C:\WINDOWS\SysWow64\perfhost.exe

O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) - /owner unsupported/ - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @cpu.inf,%Processor.SvcDesc%;Processor Driver (Processor) - /owner unsupported/ - \SystemRoot\System32\drivers\processr.sys

O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\pacer.sys

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1 (QWAVEdrv) - /owner unsupported/ - \SystemRoot\system32\drivers\qwavedrv.sys

O23 - Service: Remote Access Auto Connection Driver (RasAcd) - /owner unsupported/ - System32\DRIVERS\rasacd.sys

O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\raspppoe.sys

O23 - Service: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - /owner unsupported/ - system32\DRIVERS\rdbss.sys

O23 - Service: @rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver (rdpbus) - /owner unsupported/ - \SystemRoot\System32\drivers\rdpbus.sys

O23 - Service: @%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100 (RDPDR) - /owner unsupported/ - System32\drivers\rdpdr.sys

O23 - Service: @%systemroot%\system32\drprov.dll,-100 (RDPNP) - /owner unsupported/ -

O23 - Service: Remote Desktop Video Miniport Driver (RdpVideoMiniport) - /owner unsupported/ - System32\drivers\rdpvideominiport.sys

O23 - Service: ReadyBoost (rdyboost) - /owner unsupported/ - System32\drivers\rdyboost.sys

O23 - Service: @%Systemroot%\system32\mprdim.dll,-200 (RemoteAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI) (RFCOMM) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\rfcomm.sys

O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - /owner unsupported/ - C:\WINDOWS\system32\locator.exe

O23 - Service: @combase.dll,-5010 (RpcSs) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\lltdres.dll,-5 (rspndr) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\rspndr.sys

O23 - Service: @oem45.inf,%rtl8168.Service.DispName%;Inventec 8168 NT Driver (RTL8168) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\rtlh64.sys

O23 - Service: Intel® System Behavior Tracker Collector Service (SampleCollector) - /owner unsupported/ -

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe

O23 - Service: SASDIFSV (SASDIFSV) - /owner unsupported/ - \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS

O23 - Service: SASKUTIL (SASKUTIL) - /owner unsupported/ - \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS

O23 - Service: @sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver (sbp2port) - /owner unsupported/ - System32\drivers\sbp2port.sys

O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\drivers\scfilter.sys,-11 (scfilter) - /owner unsupported/ - System32\DRIVERS\scfilter.sys

O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver (sdstor) - /owner unsupported/ - \SystemRoot\System32\drivers\sdstor.sys

O23 - Service: Security Driver (secdrv) - /owner unsupported/ -

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: semav6thermal64ro (semav6thermal64ro) - /owner unsupported/ - C:\WINDOWS\system32\drivers\semav6thermal64ro.sys

O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: Serial UART Support Library (SerCx) - /owner unsupported/ - system32\drivers\SerCx.sys

O23 - Service: Serial UART Support Library (SerCx2) - /owner unsupported/ - system32\drivers\SerCx2.sys

O23 - Service: @msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver (Serenum) - /owner unsupported/ - \SystemRoot\System32\drivers\serenum.sys

O23 - Service: @msports.inf,%Serial.SVCDESC%;Serial port driver (Serial) - /owner unsupported/ - \SystemRoot\System32\drivers\serial.sys

O23 - Service: @msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver (sermouse) - /owner unsupported/ - \SystemRoot\System32\drivers\sermouse.sys

O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @oem29.inf,%SvcDesc%;Sony Firmware Extension Parser (SFEP) - /owner unsupported/ - \SystemRoot\System32\drivers\SFEP.sys

O23 - Service: @flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive (sfloppy) - /owner unsupported/ - \SystemRoot\System32\drivers\sfloppy.sys

O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: Acronis Snapshots Manager (snapman) - /owner unsupported/ - system32\DRIVERS\snapman.sys

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - /owner unsupported/ - C:\WINDOWS\System32\snmptrap.exe

O23 - Service: VAIO Content Importer (SOHCImp) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe

O23 - Service: Sony Digital Media Server (SOHDms) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

O23 - Service: Sony Device Searcher (SOHDs) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe

O23 - Service: @oem30.inf,%SOWS%;Sony Wireless State Device (SOWS) - /owner unsupported/ - \SystemRoot\System32\drivers\sows.sys

O23 - Service: @spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver (spaceport) - /owner unsupported/ - System32\drivers\spaceport.sys

O23 - Service: Simple Peripheral Bus Support Library (SpbCx) - /owner unsupported/ - system32\drivers\SpbCx.sys

O23 - Service: VAIO Entertainment Common Service (SpfService) - /owner unsupported/ - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - /owner unsupported/ - C:\WINDOWS\System32\spoolsv.exe

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - /owner unsupported/ - C:\WINDOWS\system32\sppsvc.exe

O23 - Service: @%systemroot%\system32\srvsvc.dll,-102 (srv) - /owner unsupported/ - System32\DRIVERS\srv.sys

O23 - Service: @%systemroot%\system32\srvsvc.dll,-104 (srv2) - /owner unsupported/ - System32\DRIVERS\srv2.sys

O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver (storahci) - /owner unsupported/ - System32\drivers\storahci.sys

O23 - Service: @%SystemRoot%\system32\vmstorfltres.dll,-1000 (storflt) - /owner unsupported/ - System32\drivers\vmstorfl.sys

O23 - Service: @stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver (stornvme) - /owner unsupported/ - System32\drivers\stornvme.sys

O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver (swenum) - /owner unsupported/ - \SystemRoot\System32\drivers\swenum.sys

O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: Acronis Sync Agent Service (syncagentsrv) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

O23 - Service: @oem17.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver (SynTP) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\SynTP.sys

O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - /owner unsupported/ - System32\drivers\tcpip.sys

O23 - Service: @netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver (TCPIP6) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tcpip.sys

O23 - Service: TCP/IP Registry Compatibility (tcpipreg) - /owner unsupported/ - System32\drivers\tcpipreg.sys

O23 - Service: Acronis Try&Decide and Restore Points filter (tdrpman) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tdrpman.sys

O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tdx.sys

O23 - Service: @termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver (terminpt) - /owner unsupported/ - \SystemRoot\System32\drivers\terminpt.sys

O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: Acronis TIB Manager (tib) - /owner unsupported/ - system32\DRIVERS\tib.sys

O23 - Service: Acronis TIB Mounter (tib_mounter) - /owner unsupported/ - system32\DRIVERS\tib_mounter.sys

O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @tpm.inf,%TPM%;TPM (TPM) - /owner unsupported/ - \SystemRoot\system32\drivers\tpm.sys

O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - /owner unsupported/ - C:\WINDOWS\servicing\TrustedInstaller.exe

O23 - Service: @tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device (TsUsbGD) - /owner unsupported/ - \SystemRoot\System32\drivers\TsUsbGD.sys

O23 - Service: @nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver (tunnel) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tunnel.sys

O23 - Service: @machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter (uagp35) - /owner unsupported/ - System32\drivers\uagp35.sys

O23 - Service: @uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver (UASPStor) - /owner unsupported/ - \SystemRoot\System32\drivers\uaspstor.sys

O23 - Service: USB Controller Extension (UCX01000) - /owner unsupported/ - \SystemRoot\System32\drivers\ucx01000.sys

O23 - Service: udfs (udfs) - /owner unsupported/ - system32\DRIVERS\udfs.sys

O23 - Service: @uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver (UEFI) - /owner unsupported/ - \SystemRoot\System32\drivers\UEFI.sys

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - /owner unsupported/ - C:\WINDOWS\system32\UI0Detect.exe

O23 - Service: @machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter (uliagpkx) - /owner unsupported/ - System32\drivers\uliagpkx.sys

O23 - Service: @umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver (umbus) - /owner unsupported/ - \SystemRoot\System32\drivers\umbus.sys

O23 - Service: @umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver (UmPass) - /owner unsupported/ - \SystemRoot\System32\drivers\umpass.sys

O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver (usbccgp) - /owner unsupported/ - \SystemRoot\System32\drivers\usbccgp.sys

O23 - Service: @usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR) (usbcir) - /owner unsupported/ - \SystemRoot\System32\drivers\usbcir.sys

O23 - Service: @usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver (usbehci) - /owner unsupported/ - \SystemRoot\System32\drivers\usbehci.sys

O23 - Service: @usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver (usbhub) - /owner unsupported/ - \SystemRoot\System32\drivers\usbhub.sys

O23 - Service: @usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub (USBHUB3) - /owner unsupported/ - \SystemRoot\System32\drivers\UsbHub3.sys

O23 - Service: @usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver (usbohci) - /owner unsupported/ - \SystemRoot\System32\drivers\usbohci.sys

O23 - Service: @usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class (usbprint) - /owner unsupported/ - \SystemRoot\System32\drivers\usbprint.sys

O23 - Service: @usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver (USBSTOR) - /owner unsupported/ - \SystemRoot\System32\drivers\USBSTOR.SYS

O23 - Service: @usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver (usbuhci) - /owner unsupported/ - \SystemRoot\System32\drivers\usbuhci.sys

O23 - Service: @usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM) (usbvideo) - /owner unsupported/ - \SystemRoot\System32\Drivers\usbvideo.sys

O23 - Service: @usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller (USBXHCI) - /owner unsupported/ - \SystemRoot\System32\drivers\USBXHCI.SYS

O23 - Service: User Energy Server Service (USER_ESRV_SVC) - /owner unsupported/ - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

O23 - Service: VAIO Event Service (VAIO Event Service) - /owner unsupported/ - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

O23 - Service: VAIO Power Management (VAIO Power Management) - /owner unsupported/ - C:\Program Files\Sony\VAIO Power Management\SPMService.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe

O23 - Service: VAIO Content Folder Watcher (VCFw) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe

O23 - Service: VCService (VCService) - /owner unsupported/ - C:\Program Files\Sony\VAIO Care\VCService.exe

O23 - Service: @vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator (vdrvroot) - /owner unsupported/ - System32\drivers\vdrvroot.sys

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - /owner unsupported/ - C:\WINDOWS\System32\vds.exe

O23 - Service: @%SystemRoot%\system32\drivers\VerifierExt.sys,-1000 (VerifierExt) - /owner unsupported/ - system32\drivers\VerifierExt.sys

O23 - Service: @%SystemRoot%\system32\vmbusres.dll,-1000 (vmbus) - /owner unsupported/ - System32\drivers\vmbus.sys

O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver (volmgr) - /owner unsupported/ - System32\drivers\volmgr.sys

O23 - Service: @%SystemRoot%\system32\drivers\volmgrx.sys,-100 (volmgrx) - /owner unsupported/ - System32\drivers\volmgrx.sys

O23 - Service: @volume.inf,%VolumeClassName%;Storage volumes (volsnap) - /owner unsupported/ - System32\drivers\volsnap.sys

O23 - Service: @wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus (vpci) - /owner unsupported/ - \SystemRoot\System32\drivers\vpci.sys

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - /owner unsupported/ - C:\WINDOWS\system32\vssvc.exe

O23 - Service: @vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver (VSTXRAID) - /owner unsupported/ - System32\drivers\vstxraid.sys

O23 - Service: VUAgent (VUAgent) - /owner unsupported/ - C:\Program Files\Sony\VAIO Update\vuagent.exe

O23 - Service: @%SystemRoot%\System32\drivers\vwifibus.sys,-257 (vwifibus) - /owner unsupported/ - \SystemRoot\System32\drivers\vwifibus.sys

O23 - Service: @%SystemRoot%\System32\drivers\vwififlt.sys,-259 (vwififlt) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\vwififlt.sys

O23 - Service: @%SystemRoot%\System32\drivers\vwifimp.sys,-261 (vwifimp) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\vwifimp.sys

O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver (WacomPen) - /owner unsupported/ - \SystemRoot\System32\drivers\wacompen.sys

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - /owner unsupported/ - C:\WINDOWS\system32\wbengine.exe

O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe

O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390 (WdBoot) - /owner unsupported/ - system32\drivers\WdBoot.sys

O23 - Service: @%SystemRoot%\system32\drivers\Wdf01000.sys,-1000 (Wdf01000) - /owner unsupported/ - syste

Share this post


Link to post
Share on other sites

Hi

One of those items pictured is possibly a driver update, can't guarantee that but we can check.

 

 

What issues are you having?, virus alerts, browser errors?

~~~~~~~~~~~~~~~~~~`

- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

 

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the

"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder

and the click the "Select Folder" button. Click OK to get out of the Options menu.

IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and

select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.

NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

 

~~~~~~~~

 

xlK5Hdb.pngFarbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.
  • Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.
  • Right-Click FRST.exe / FRST64.exe and select AVOiBNU.jpgRun as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

     

     

Share this post


Link to post
Share on other sites
I'm not really having any issues; I just don't want unknown icons in my system tray. They just recently appeared; I check it regularly.



Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015

Ran by MrHappyGoLucky12 (administrator) on JOHN-PC-VAIO on 09-02-2015 11:27:50

Running from C:\Users\MrHappyGoLucky12\Desktop

Loaded Profiles: MrHappyGoLucky12 (Available profiles: MrHappyGoLucky12)

Platform: Windows 8.1 (X64) OS Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal



==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(Two Pilots) C:\Windows\VPDAgent_x64.exe

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe

(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe

(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe

(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe

(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe

(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe

(Microsoft Corporation) C:\Windows\System32\WWAHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe

(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe

() C:\Program Files\Sony\VAIO Care\listener.exe

(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe

(iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe



==================== Registry (Whitelisted) ==================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)

Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Run: [GoogleChromeAutoLaunch_193928417959A0B74D1B60975331D7B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [898376 2015-02-04] (Google Inc.)

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Run: [Google Update] => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-01-07] (Google Inc.)

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware)

ShellIconOverlayIdentifiers: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

ShellIconOverlayIdentifiers-x32: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

BootExecute: autocheck autochk * sdnclean64.exe


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


HKU\S-1-5-21-770957529-1316470831-3961421521-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com

SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=25

BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)

BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation)

BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft)

Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1


FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-770957529-1316470831-3961421521-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKU\S-1-5-21-770957529-1316470831-3961421521-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)


Chrome:

=======

CHR StartupUrls: Default -> "hxxp://www.msn.com/?cobrand=sony13.msn.com&ocid=SNYDHP&pc=MASAJS"

CHR Profile: C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-07]

CHR Extension: (Google Docs) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-07]

CHR Extension: (Google Drive) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-07]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-07]

CHR Extension: (YouTube) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-07]

CHR Extension: (Google Cast) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-01-07]

CHR Extension: (Facebook) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-02-06]

CHR Extension: (Screen capture, screenshot share/save) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjbjepchlgclmpinlbbeinajphohgfod [2015-01-08]

CHR Extension: (Google Search) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-07]

CHR Extension: (Session Buddy) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-02-08]

CHR Extension: (Google Sheets) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-07]

CHR Extension: (AdBlock) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-23]

CHR Extension: (feedly) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-02-08]

CHR Extension: (Cisco WebEx Extension) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-02-05]

CHR Extension: (Google Wallet) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-07]

CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2015-01-08]

CHR Extension: (Send from Gmail (by Google)) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2015-01-08]

CHR Extension: (Gmail) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-07]


==================== Services (Whitelisted) =================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)

R2 Agent; C:\WINDOWS\VPDAgent_x64.exe [148480 2014-05-20] (Two Pilots) [File not signed]

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-29] (Windows ® Win 7 DDK provider)

S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation)

R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)

R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)

R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation)

R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [6144 2014-08-06] (The Neat Company) [File not signed]

S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation)

R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-16] (Sony Corporation)

R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation)

R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)

R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)

S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation)

S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation)

R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2015-01-05] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-01-05] (Microsoft Corporation)

R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-29] (Atheros) [File not signed]


==================== Drivers (Whitelisted) ====================


(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)


R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Qualcomm Atheros Communications, Inc.)

R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-29] (Qualcomm Atheros)

R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-11-29] (Qualcomm Atheros)

R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)

R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)

R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-22] (REDC)

R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-22] (REDC)

R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec )

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2015-01-04] ()

R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-23] (Synaptics Incorporated)

R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation)

R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-01-06] (Acronis International GmbH)

R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-01-06] (Acronis)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-01-05] (Microsoft Corporation)


==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)



==================== One Month Created Files and Folders ========


(If an entry is included in the fixlist, the file\folder will be moved.)


2015-02-09 11:27 - 2015-02-09 11:28 - 00020849 _____ () C:\Users\MrHappyGoLucky12\Desktop\FRST.txt

2015-02-09 11:27 - 2015-02-09 11:27 - 00000000 ____D () C:\FRST

2015-02-09 11:17 - 2015-02-09 11:17 - 02132992 _____ (Farbar) C:\Users\MrHappyGoLucky12\Desktop\FRST64.exe

2015-02-09 10:42 - 2015-02-09 10:42 - 21868120 _____ (Summitsoft) C:\Users\MrHappyGoLucky12\Downloads\Setup-LDStudioPro-v1.7.1 (1).exe

2015-02-09 01:37 - 2015-02-09 01:37 - 21868120 _____ (Summitsoft) C:\Users\MrHappyGoLucky12\Downloads\Setup-LDStudioPro-v1.7.1.exe

2015-02-08 23:19 - 2015-02-08 23:19 - 14042763 _____ () C:\Users\MrHappyGoLucky12\Downloads\PAN Foundation Training for CFS & Fibromyalgia (Resources).zip

2015-02-08 22:55 - 2015-02-08 22:55 - 30826994 _____ () C:\Users\MrHappyGoLucky12\Downloads\cockytwinks.mp4

2015-02-08 20:18 - 2015-02-08 20:18 - 22531717 _____ () C:\Users\MrHappyGoLucky12\Downloads\Jobrien0318.mp4

2015-02-08 17:38 - 2015-02-08 17:38 - 00000077 _____ () C:\WINDOWS\setupact.log

2015-02-08 17:38 - 2015-02-08 17:38 - 00000000 _____ () C:\WINDOWS\setuperr.log

2015-02-08 17:37 - 2015-02-08 17:37 - 02983872 _____ () C:\WINDOWS\system32\FNTCACHE.DAT

2015-02-08 17:37 - 2015-02-08 17:37 - 00000720 _____ () C:\WINDOWS\PFRO.log

2015-02-08 16:45 - 2015-02-08 16:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware

2015-02-08 16:45 - 2015-02-08 16:45 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\SUPERAntiSpyware.com

2015-02-08 16:45 - 2015-02-08 16:45 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com

2015-02-08 16:45 - 2015-02-08 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware

2015-02-08 16:42 - 2015-02-08 16:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy

2015-02-08 16:42 - 2015-02-08 16:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2

2015-02-08 16:42 - 2015-02-08 16:42 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk

2015-02-08 16:42 - 2015-02-08 16:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking

2015-02-08 16:42 - 2015-02-08 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2

2015-02-08 16:42 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe

2015-02-08 16:24 - 2015-02-08 16:24 - 00000000 ____D () C:\ProgramData\ClassicShell

2015-02-08 16:24 - 2015-02-08 16:00 - 00002170 _____ () C:\Users\MrHappyGoLucky12\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk

2015-02-08 16:00 - 2015-02-08 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell

2015-02-08 11:12 - 2015-02-08 12:30 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\YouCaring

2015-02-08 00:14 - 2015-02-08 00:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\MrHappyGoLucky12\Downloads\HijackThis.exe

2015-02-07 18:13 - 2015-02-07 18:13 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\MrHappyGoLucky12\Downloads\spybot-2.4.exe

2015-02-07 14:42 - 2015-02-07 14:43 - 21173480 _____ (SUPERAntiSpyware) C:\Users\MrHappyGoLucky12\Downloads\SUPERAntiSpyware.exe

2015-02-06 22:22 - 2015-02-06 22:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2015-02-06 22:22 - 2015-02-06 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-02-06 22:22 - 2015-02-06 22:22 - 00000000 ____D () C:\ProgramData\Malwarebytes

2015-02-06 22:22 - 2015-02-06 22:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-02-06 22:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys

2015-02-06 22:22 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys

2015-02-06 22:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys

2015-02-06 05:30 - 2015-02-06 05:30 - 00597304 _____ () C:\Users\MrHappyGoLucky12\Downloads\flux-setup.exe

2015-02-06 04:45 - 2015-02-06 05:20 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Naturalsoft

2015-02-06 04:41 - 2015-02-06 04:41 - 19548464 _____ (Naturalsoft limited ) C:\Users\MrHappyGoLucky12\Downloads\standardsetup (1).exe

2015-02-06 04:39 - 2015-02-06 04:42 - 184316376 _____ (Ai Squared) C:\Users\MrHappyGoLucky12\Downloads\WindowEyesForOfficeEnglish9000.exe

2015-02-05 13:51 - 2015-02-05 13:51 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\webex

2015-02-05 13:50 - 2015-02-05 13:50 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Mozilla

2015-02-05 13:50 - 2015-02-05 13:50 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\WebEx

2015-02-05 13:50 - 2015-02-05 13:50 - 00000000 ____D () C:\ProgramData\WebEx

2015-02-05 04:12 - 2015-02-05 04:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IZArc

2015-02-05 04:00 - 2015-02-05 04:00 - 00000000 ____D () C:\ProgramData\IntelDLM

2015-02-05 03:42 - 2015-02-05 03:42 - 00053564 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502050342148564.log

2015-02-05 03:42 - 2015-02-05 03:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center

2015-02-05 03:25 - 2015-02-05 03:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Intel

2015-02-05 03:25 - 2015-02-05 03:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility

2015-02-05 03:25 - 2015-02-05 03:25 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility

2015-02-05 03:05 - 2015-02-08 17:27 - 00000000 ____D () C:\WINDOWS\Minidump

2015-02-05 02:24 - 2015-02-08 12:46 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\StartPoint

2015-02-05 02:24 - 2015-02-05 04:20 - 00000000 ____D () C:\Program Files (x86)\IZArc

2015-02-04 13:49 - 2015-02-04 15:13 - 1043816448 _____ () C:\Users\MrHappyGoLucky12\Downloads\DRP_14.15_Full.iso

2015-02-04 11:58 - 2015-02-08 22:52 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\ClassicShell

2015-02-04 11:58 - 2015-02-08 16:00 - 00000000 ____D () C:\Program Files\Classic Shell

2015-02-04 11:57 - 2015-02-04 11:57 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia

2015-02-04 11:57 - 2015-02-04 11:57 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia

2015-02-04 11:55 - 2015-02-05 06:03 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Raptr

2015-02-04 11:55 - 2015-02-05 06:03 - 00000000 ____D () C:\Program Files (x86)\Raptr

2015-02-04 11:55 - 2015-02-04 11:55 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\library_dir

2015-02-04 11:54 - 2015-02-04 11:54 - 00053564 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502041154531636.log

2015-02-04 11:54 - 2015-02-04 11:54 - 00000000 ____D () C:\ProgramData\AMD

2015-02-04 11:54 - 2015-02-04 11:54 - 00000000 ____D () C:\Program Files (x86)\AMD AVT

2015-02-04 11:53 - 2015-02-04 11:53 - 00000000 ____D () C:\Program Files (x86)\AMD

2015-02-04 11:46 - 2015-02-05 03:37 - 00000000 ____D () C:\ProgramData\Package Cache

2015-02-04 11:45 - 2015-02-05 03:37 - 00000000 ____D () C:\Program Files\AMD

2015-02-04 11:44 - 2015-02-04 13:33 - 00000000 ____D () C:\AMD

2015-02-02 13:24 - 2015-02-02 13:24 - 00000000 ____D () C:\ProgramData\Summitsoft

2015-02-02 13:24 - 2015-02-02 13:24 - 00000000 ____D () C:\ProgramData\Caphyon

2015-02-02 13:24 - 2015-02-02 13:24 - 00000000 ____D () C:\Program Files (x86)\Summitsoft

2015-02-02 13:23 - 2015-02-02 13:23 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Summitsoft

2015-02-01 14:12 - 2015-02-01 14:12 - 07989957 _____ () C:\Users\MrHappyGoLucky12\Downloads\aaalogo41.zip

2015-01-30 18:00 - 2015-01-30 18:00 - 22864074 _____ () C:\Users\MrHappyGoLucky12\Downloads\Highandbi420.mp4

2015-01-30 13:33 - 2015-01-30 13:33 - 00017604 _____ () C:\Users\MrHappyGoLucky12\Downloads\Start-Up-Expenses.xlsx

2015-01-29 08:06 - 2015-01-29 08:06 - 23064137 _____ () C:\Users\MrHappyGoLucky12\Downloads\Haunted_pants.mp4

2015-01-29 02:34 - 2015-01-29 02:35 - 25032457 _____ () C:\Users\MrHappyGoLucky12\Downloads\Sellers69.mp4

2015-01-28 23:33 - 2015-01-28 23:33 - 33225659 _____ () C:\Users\MrHappyGoLucky12\Downloads\Izzy20153.mp4

2015-01-28 10:07 - 2015-01-28 10:07 - 46215387 _____ () C:\Users\MrHappyGoLucky12\Downloads\Abaraks91.mp4

2015-01-27 22:42 - 2015-01-27 22:42 - 56692946 _____ () C:\Users\MrHappyGoLucky12\Downloads\Powwow69.mp4

2015-01-27 22:11 - 2015-01-27 22:11 - 31823251 _____ () C:\Users\MrHappyGoLucky12\Downloads\Izzy20152.mp4

2015-01-27 04:58 - 2015-01-27 04:58 - 45234264 _____ () C:\Users\MrHappyGoLucky12\Downloads\Raintree03.mp4

2015-01-27 04:17 - 2015-01-27 04:17 - 40695855 _____ () C:\Users\MrHappyGoLucky12\Downloads\Cuteboytoy89.mp4

2015-01-26 20:42 - 2015-01-26 20:42 - 35238074 _____ () C:\Users\MrHappyGoLucky12\Downloads\Izzy2015.mp4

2015-01-26 11:45 - 2015-01-26 11:45 - 12348934 _____ () C:\Users\MrHappyGoLucky12\Downloads\Madmedic85.mp4

2015-01-25 15:34 - 2015-01-25 15:34 - 00002794 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC

2015-01-25 15:34 - 2015-01-25 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2015-01-25 15:34 - 2015-01-25 15:34 - 00000000 ____D () C:\Program Files\CCleaner

2015-01-25 09:13 - 2015-01-25 09:23 - 00000000 ____D () C:\Stuff

2015-01-25 08:10 - 2015-01-25 08:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-01-25 08:09 - 2015-01-25 08:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight

2015-01-25 08:09 - 2015-01-25 08:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight

2015-01-25 07:48 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll

2015-01-25 07:48 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll

2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ (Inventec ) C:\WINDOWS\system32\Drivers\rtlh64.sys

2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll

2015-01-19 10:40 - 2015-01-19 10:40 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Cyberlink

2015-01-18 22:54 - 2015-01-19 06:50 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\DVD Flick

2015-01-18 22:28 - 2015-01-21 19:59 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\DVD Flick

2015-01-18 22:27 - 2015-01-18 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick

2015-01-18 22:26 - 2015-01-18 22:27 - 00000000 ____D () C:\Program Files (x86)\DVD Flick

2015-01-18 22:26 - 2008-08-31 13:27 - 00028672 _____ (-) C:\WINDOWS\SysWOW64\mousewheel.ocx

2015-01-18 22:26 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\WINDOWS\SysWOW64\trayicon_handler.ocx

2015-01-18 22:26 - 2004-03-09 00:00 - 01081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx

2015-01-18 22:26 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx

2015-01-18 22:26 - 2004-03-09 00:00 - 00609824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx

2015-01-18 22:26 - 2004-03-09 00:00 - 00212240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx

2015-01-18 22:26 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\WINDOWS\SysWOW64\ssubtmr6.dll

2015-01-18 22:26 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx

2015-01-18 21:47 - 2015-01-18 21:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf

2015-01-16 15:02 - 2015-02-08 23:26 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Screencast-O-Matic

2015-01-16 15:02 - 2015-01-16 15:02 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screencast-O-Matic

2015-01-14 08:30 - 2015-01-14 08:30 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf

2015-01-14 06:16 - 2015-01-14 06:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005

2015-01-14 06:15 - 2015-01-14 06:15 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services

2015-01-14 06:15 - 2015-01-14 06:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services

2015-01-14 02:27 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys

2015-01-14 02:27 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe

2015-01-14 02:27 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys

2015-01-14 02:27 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll

2015-01-14 02:27 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2015-01-14 02:27 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll

2015-01-14 02:27 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2015-01-14 02:27 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll

2015-01-14 02:27 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll

2015-01-14 02:27 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll

2015-01-14 02:27 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe

2015-01-14 02:27 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe

2015-01-14 02:27 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll

2015-01-14 02:27 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll

2015-01-14 02:27 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2015-01-13 13:25 - 2015-01-13 13:25 - 00067810 _____ () C:\Users\MrHappyGoLucky12\Downloads\myshazam-history.html

2015-01-13 04:52 - 2015-01-13 04:53 - 122418480 _____ (Apple Inc.) C:\Users\MrHappyGoLucky12\Downloads\iTunes64Setup.exe

2015-01-12 13:07 - 2015-01-14 06:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8

2015-01-12 08:08 - 2015-01-12 08:10 - 00103835 _____ () C:\WINDOWS\system32\sdtn

2015-01-12 06:13 - 2015-01-12 06:14 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\Logo Ideas

2015-01-12 00:21 - 2015-01-12 00:21 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER

2015-01-10 00:53 - 2015-01-10 00:53 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon

2015-01-10 00:53 - 2015-01-10 00:53 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Amazon


==================== One Month Modified Files and Folders =======


(If an entry is included in the fixlist, the file\folder will be moved.)


2015-02-09 11:14 - 2015-01-07 02:01 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA.job

2015-02-09 11:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru

2015-02-09 10:55 - 2015-01-07 01:43 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

2015-02-09 06:50 - 2015-01-05 08:46 - 01620841 _____ () C:\WINDOWS\WindowsUpdate.log

2015-02-09 04:14 - 2015-01-07 02:01 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core.job

2015-02-08 18:55 - 2015-01-07 01:43 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

2015-02-08 18:42 - 2015-01-04 18:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-770957529-1316470831-3961421521-1001

2015-02-08 17:45 - 2014-09-24 02:15 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

2015-02-08 17:38 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT

2015-02-08 17:36 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI

2015-02-08 17:27 - 2015-01-04 22:10 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\CrashDumps

2015-02-08 15:55 - 2015-01-04 18:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Packages

2015-02-08 15:55 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness

2015-02-06 16:41 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp

2015-02-05 18:50 - 2015-01-07 01:43 - 00003904 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2015-02-05 18:50 - 2015-01-07 01:43 - 00003668 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2015-02-05 06:03 - 2015-01-07 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-02-05 06:03 - 2015-01-05 08:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM

2015-02-05 06:03 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\WinMetadata

2015-02-05 05:57 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\registration

2015-02-05 05:56 - 2015-01-08 10:37 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\uTorrent

2015-02-05 05:55 - 2015-01-04 10:37 - 00000000 ____D () C:\Program Files\ATI

2015-02-05 04:09 - 2015-01-07 02:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA

2015-02-05 04:09 - 2015-01-07 02:01 - 00003566 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core

2015-02-05 03:41 - 2015-01-04 10:37 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies

2015-02-05 03:17 - 2015-01-04 19:32 - 00000000 ____D () C:\Update

2015-02-05 03:08 - 2015-01-05 08:34 - 00000000 ____D () C:\Users\MrHappyGoLucky12

2015-02-04 11:57 - 2015-01-05 07:17 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Adobe

2015-02-04 11:41 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports

2015-02-03 14:31 - 2014-09-24 04:55 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2015-02-03 14:31 - 2014-09-24 04:55 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2015-02-02 14:57 - 2015-01-04 18:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\VirtualStore

2015-01-27 23:44 - 2015-01-05 08:25 - 00000000 ___DC () C:\WINDOWS\Panther

2015-01-26 01:29 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache

2015-01-25 15:01 - 2015-01-08 04:34 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Software

2015-01-25 08:31 - 2015-01-06 19:26 - 00000000 ____D () C:\ProgramData\Oracle

2015-01-25 08:31 - 2015-01-04 10:44 - 00000000 ____D () C:\Program Files (x86)\Java

2015-01-25 08:30 - 2015-01-06 19:27 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2015-01-20 04:39 - 2015-01-04 21:29 - 00000000 ____D () C:\Users\Guest

2015-01-20 04:39 - 2015-01-04 21:29 - 00000000 ____D () C:\Users\Administrator

2015-01-19 10:40 - 2015-01-08 07:30 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\CyberLink

2015-01-19 10:40 - 2015-01-04 11:14 - 00000000 ____D () C:\ProgramData\CyberLink

2015-01-18 02:37 - 2015-01-06 21:06 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\Torso Shots

2015-01-15 04:00 - 2015-01-05 02:50 - 00000000 ____D () C:\WINDOWS\system32\MRT

2015-01-15 03:55 - 2015-01-05 02:50 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2015-01-14 06:17 - 2015-01-06 22:05 - 00000000 ____D () C:\ProgramData\Microsoft Help

2015-01-14 06:16 - 2015-01-06 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office

2015-01-14 06:16 - 2015-01-06 22:05 - 00000000 ____D () C:\Program Files\Microsoft Office

2015-01-14 06:15 - 2014-09-24 01:53 - 00000000 ____D () C:\WINDOWS\ShellNew

2015-01-12 13:07 - 2015-01-05 08:15 - 00000000 ____D () C:\Program Files (x86)\MSBuild

2015-01-12 08:08 - 2015-01-06 22:50 - 00000000 ____D () C:\ProgramData\boost_interprocess

2015-01-12 04:30 - 2015-01-04 18:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Adobe


==================== Files in the root of some directories =======


2015-01-04 10:33 - 2015-01-04 10:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl


==================== Bamital & volsnap Check =================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed



LastRegBack: 2015-02-09 04:57


==================== End Of Log ============================

Edited by MrHappyGoLucky12

Share this post


Link to post
Share on other sites
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015

Ran by MrHappyGoLucky12 at 2015-02-09 11:28:38

Running from C:\Users\MrHappyGoLucky12\Desktop

Boot Mode: Normal

==========================================================



==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


==================== Installed Programs ======================


(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


µTorrent (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)

Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Creative Suite 4 Design Premium (HKLM-x32\...\Adobe_55230b0b70661df0f212e88f0b655f7) (Version: 4.0 - Adobe Systems Incorporated)

Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 10 Plugin (HKLM-x32\...\{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}) (Version: 10.0.2.54 - Adobe Systems, Inc.)

Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden

Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)

Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden

Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated)

Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden

Amazon Kindle (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Amazon Kindle) (Version: - Amazon)

AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

ArtRage Studio (HKLM-x32\...\{5A9FE63F-F201-4D55-9F5F-06DDB239AC4F}) (Version: 3.5.5 - Ambient Design)

CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)

ChromecastApp (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.)

Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)

Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)

Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden

CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.)

CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)

Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)

DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen)

FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden

Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation)

Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)

Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel)

IZArc 4.1.9 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.9 - Ivan Zahariev)

Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)

kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden

MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden

Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)

Neat (HKLM-x32\...\Neat) (Version: 5.5.2.7 - The Neat Company)

Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.5 - The Neat Company)

Neat Core Files (x32 Version: 5.5.2.7 - The Neat Company) Hidden

Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company)

NeatConnect Scanner Driver (HKLM\...\{6895EF47-6BD8-468E-BA09-B33636C65B7C}) (Version: 2.0.2.26 - The Neat Company)

Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden

PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden

Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden

Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation)

PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden

PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden

PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6748 - Realtek Semiconductor Corp.)

Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden

Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)

Screencast-O-Matic (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Screencast-O-Matic) (Version: - Screencast-O-Matic)

SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden

Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden

SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden

Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)

SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden

SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden

Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation)

Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com)

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated)

SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)

True Image WD Edition (HKLM-x32\...\{85CB1512-2D4A-4469-AC21-6B111D169CEB}) (Version: 16.0.5962 - Acronis)

VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)

VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation)

VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation)

VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation)

VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation)

VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)

VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation)

VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)

VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)

VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden

VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation)

VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation)

VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation)

VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden

VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics)

VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)

VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden

VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation)

VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)

VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation)

VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)

VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden

VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden

VAIO Touch Search (HKLM\...\{F792DDDD-71C8-419E-AE05-46B0CDB1BEC8}) (Version: 1.1.0.1511 - Sony Corporation)

VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation)

VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation)

VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden

VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden

VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden

VIx64 (Version: 1.0.0 - Sony Corporation) Hidden

VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden

VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden

VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden

VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden

WD Discovery (HKLM-x32\...\{A80AE043-EF68-4B64-9C6F-088405FED315}) (Version: 102.0.1.10 - Western Digital Technologies, Inc.)

Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)

XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden


==================== Custom CLSID (selected items): ==========================


(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


CustomCLSID: HKU\S-1-5-21-770957529-1316470831-3961421521-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-770957529-1316470831-3961421521-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.)


==================== Restore Points =========================


01-02-2015 18:40:40 Installed VAIO Control Center

04-02-2015 11:45:56 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727

06-02-2015 04:44:33 Installed NaturalReaderFree.

08-02-2015 15:59:52 Installed Classic Shell


==================== Hosts content: ==========================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)


Task: {00F3E119-13FC-4D80-9BFC-725460F4D310} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)

Task: {07836C30-FCDA-4621-A7AD-27E65A8C15BD} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {228DCC54-BED7-488F-9EC5-3C37C26B77EB} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics)

Task: {2F95344D-1E2B-4143-A4F2-D010127651E1} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)

Task: {342197E5-8384-430C-A7A1-CBA0037D0E9A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation)

Task: {3F6B5AAC-498C-4E5D-B77C-1C225612C63E} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)

Task: {41979E1A-639B-4543-93CE-BFEA62BC20D6} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

Task: {46DE998A-BD44-412B-9C66-665F82CF31C9} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [2014-02-25] (Sony Corporation)

Task: {4B5A54C4-B59C-43C5-A18C-58DCE6C9DA89} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)

Task: {4F24BBAE-8BD0-4CBF-A2DC-CE37C428A9CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)

Task: {669DE123-377A-4F8B-8CB9-1B9D1C7BD629} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)

Task: {6E2DBB5B-73C8-41AF-9808-1F10EE7C90FD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe

Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION

Task: {6EF3C709-B24E-499E-B258-E008F491ED07} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)

Task: {77AA09A1-3E11-49DC-B8A8-31CAF2FECC3A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe

Task: {7C3365E2-C46A-4113-94B6-647FF680FBA3} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation)

Task: {7D60BBAE-AD27-4DEB-A46F-0D7E71E50122} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)

Task: {7DA985C7-08CA-43AC-886E-14D847FBB77F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {8105D4F1-32D4-41F1-854E-3558A4FC1C8A} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {8A54771C-2C3F-4A3B-A37A-0CECADBA0D11} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.)

Task: {904D9CDB-E289-45D6-B84F-0CB4D32EF45A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)

Task: {91E35717-4E6E-4FDB-AC73-CA99C727905A} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient

Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION

Task: {973AE939-C934-44CF-91F5-A154BC232523} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {A28E0959-0B58-4912-9E2A-426FE9D8C78E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc

Task: {A767092B-5E52-41C7-9636-3A933B7CEBD1} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {A8FA66AA-0471-48D6-9A96-F48767501E19} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-23] (Synaptics Incorporated)

Task: {AF419618-A1F8-436E-AB2A-296B1E293503} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)

Task: {B3ECA20E-8544-4CE8-852B-70F340A75BA1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.)

Task: {BDC289EC-ED97-41CB-9276-F5305F66E753} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-22] (Sony Corporation)

Task: {BED68E5A-4CB5-46A4-8B90-4DA314268413} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.)

Task: {C5B7ACBD-0074-49C6-BC7B-FF0EB043BC8D} - System32\Tasks\VaioRegistrationDesktopTask => C:\Program Files\Sony\VAIO Registration\Sony.VAIO.Desktop.RegistrationTask.exe [2012-08-09] (Sony)

Task: {D3FB53A3-443A-4824-A776-3FEED275816C} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {D4F6E84B-875F-4B63-AD0D-40B4B094543D} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation)

Task: {D6FCD591-6E9B-42F2-9D91-C07A90BD8FA3} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation)

Task: {D7ACCB95-B891-4197-9004-DBE8993D39C3} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {DA554793-C27C-434D-AAC7-A36545B721C5} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"

Task: {DCBE709D-E0DA-4C37-827C-7F5B02F4E348} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation)

Task: {E1C9339A-65D0-4DF7-BF57-99890B2BBA5F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation)

Task: {E668F37A-18E5-41FD-A057-64044E9F0A4A} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {F1D0BE98-CD09-42BE-944E-4C0B40C2ED1A} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {F4AEA0DD-9168-4E7A-BF58-55D625632F2B} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation)

Task: {F98BF843-B1DC-48FD-B109-43AA828F21E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.)

Task: {FBF4A743-2AD6-4D40-98A9-A0F706638CB9} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-04] (Sony Corporation)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core.job => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA.job => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe


==================== Loaded Modules (whitelisted) ==============


2015-01-06 22:41 - 2014-05-20 14:01 - 00054784 _____ () C:\WINDOWS\System32\sdtnpm.dll

2014-12-02 16:52 - 2014-12-02 16:52 - 00029184 _____ () C:\WINDOWS\System32\ssm4mlm.dll

2015-02-05 04:12 - 2012-07-20 14:39 - 02469888 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll

2014-12-02 16:52 - 2014-12-02 16:52 - 01199104 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\ssm4mdu.dll

2015-02-05 18:57 - 2015-02-04 03:53 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll

2015-02-05 18:57 - 2015-02-04 03:53 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll

2015-02-05 18:57 - 2015-02-04 03:53 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll

2013-11-19 13:21 - 2013-11-19 13:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe

2015-02-05 18:57 - 2015-02-04 03:53 - 26771784 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll

2015-02-08 16:42 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl

2015-02-08 16:42 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl

2015-02-08 16:42 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl

2015-02-08 16:42 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll

2015-02-08 16:42 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll

2015-01-04 11:14 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll

2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll

2014-03-06 03:10 - 2014-03-06 03:10 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll

2015-01-04 10:41 - 2012-07-24 21:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2013-11-19 13:21 - 2013-11-19 13:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll


==================== Alternate Data Streams (whitelisted) =========


(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)



==================== Safe Mode (whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)



==================== EXE Association (whitelisted) ===============


(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)



==================== Other Registry Areas =====================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-770957529-1316470831-3961421521-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img2 Wallpaper 1600x900.jpg


==================== MSCONFIG/TASK MANAGER disabled items ==


(Currently there is no automatic fix for this section.)


HKLM\...\StartupApproved\Run: => "IgfxTray"

HKLM\...\StartupApproved\Run: => "HotKeysCmds"

HKLM\...\StartupApproved\Run: => "Persistence"

HKLM\...\StartupApproved\Run: => "StartCCC"

HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"

HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "StartCCC"

HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_193928417959A0B74D1B60975331D7B6"

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "AdobeBridge"

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "CCleaner Monitoring"

HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "SUPERAntiSpyware"


==================== Accounts: =============================


Administrator (S-1-5-21-770957529-1316470831-3961421521-500 - Administrator - Disabled)

Guest (S-1-5-21-770957529-1316470831-3961421521-501 - Limited - Disabled)

MrHappyGoLucky12 (S-1-5-21-770957529-1316470831-3961421521-1001 - Administrator - Enabled) => C:\Users\MrHappyGoLucky12


==================== Faulty Device Manager Devices =============



==================== Event log errors: =========================


Application errors:

==================

Error: (02/09/2015 04:57:06 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.


Error: (02/09/2015 01:44:25 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.


Error: (02/08/2015 05:36:26 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00007ffeae9eb291

Faulting process id: 0x1734

Faulting application start time: 0xVCAgent.exe0

Faulting application path: VCAgent.exe1

Faulting module path: VCAgent.exe2

Report Id: VCAgent.exe3

Faulting package full name: VCAgent.exe4

Faulting package-relative application ID: VCAgent.exe5


Error: (02/08/2015 05:36:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: VCAgent.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)

at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)

at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)

at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)

at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)

at System.Windows.Application.RunInternal(System.Windows.Window)

at System.Windows.Application.Run()

at VCAgent.App.Main()


Error: (02/08/2015 00:32:12 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099

Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000

Exception code: 0xc0000005

Fault offset: 0x00007ffe5c74b0c1

Faulting process id: 0x1a30

Faulting application start time: 0xVCAgent.exe0

Faulting application path: VCAgent.exe1

Faulting module path: VCAgent.exe2

Report Id: VCAgent.exe3

Faulting package full name: VCAgent.exe4

Faulting package-relative application ID: VCAgent.exe5


Error: (02/08/2015 00:32:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: VCAgent.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)

at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)

at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)

at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)

at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)

at System.Windows.Application.RunInternal(System.Windows.Window)

at System.Windows.Application.Run()

at VCAgent.App.Main()


Error: (02/08/2015 04:29:10 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.


Error: (02/07/2015 02:47:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: startpoint.exe, version: 1.1.0.2, time stamp: 0x549aff45

Faulting module name: ntdll.dll, version: 6.3.9600.17476, time stamp: 0x54516af9

Exception code: 0xc0000374

Fault offset: 0x000e5be4

Faulting process id: 0x2330

Faulting application start time: 0xstartpoint.exe0

Faulting application path: startpoint.exe1

Faulting module path: startpoint.exe2

Report Id: startpoint.exe3

Faulting package full name: startpoint.exe4

Faulting package-relative application ID: startpoint.exe5


Error: (02/07/2015 09:28:40 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.


Error: (02/07/2015 03:57:53 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest.

Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest.



System errors:

=============

Error: (02/09/2015 04:58:03 AM) (Source: DCOM) (EventID: 10010) (User: JOHN-PC-VAIO)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Error: (02/09/2015 04:57:33 AM) (Source: DCOM) (EventID: 10010) (User: JOHN-PC-VAIO)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Error: (02/09/2015 01:42:40 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the afcdpsrv service.


Error: (02/09/2015 01:42:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the afcdpsrv service.


Error: (02/09/2015 01:08:45 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO)

Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable


Error: (02/09/2015 00:48:59 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO)

Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable


Error: (02/09/2015 00:47:50 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO)

Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable


Error: (02/09/2015 00:47:35 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO)

Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable


Error: (02/09/2015 00:42:35 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO)

Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable


Error: (02/09/2015 00:41:37 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO)

Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable



Microsoft Office Sessions:

=========================

Error: (02/09/2015 04:57:06 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe


Error: (02/09/2015 01:44:25 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe


Error: (02/08/2015 05:36:26 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffeae9eb291173401d043c82e81d5dcC:\Program Files\Sony\VAIO Care\VCAgent.exeunknownea7bccd2-afe2-11e4-be90-083e8ecc3af2


Error: (02/08/2015 05:36:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: VCAgent.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)

at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)

at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)

at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)

at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)

at System.Windows.Application.RunInternal(System.Windows.Window)

at System.Windows.Application.Run()

at VCAgent.App.Main()


Error: (02/08/2015 00:32:12 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffe5c74b0c11a3001d04121126cdfa7C:\Program Files\Sony\VAIO Care\VCAgent.exeunknown6a23c293-afb8-11e4-be8f-083e8ecc3af2


Error: (02/08/2015 00:32:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Application: VCAgent.exe

Framework Version: v4.0.30319

Description: The process was terminated due to an unhandled exception.

Exception Info: System.NullReferenceException

Stack:

at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)

at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)

at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)

at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)

at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32)

at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32)

at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)

at System.Windows.Application.RunInternal(System.Windows.Window)

at System.Windows.Application.Run()

at VCAgent.App.Main()


Error: (02/08/2015 04:29:10 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe


Error: (02/07/2015 02:47:55 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: startpoint.exe1.1.0.2549aff45ntdll.dll6.3.9600.1747654516af9c0000374000e5be4233001d041796f56aef4C:\Users\MrHappyGoLucky12\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exeC:\WINDOWS\SYSTEM32\ntdll.dll355173c8-af02-11e4-be8f-083e8ecc3af2


Error: (02/07/2015 09:28:40 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe


Error: (02/07/2015 03:57:53 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe



CodeIntegrity Errors:

===================================

Date: 2015-02-09 01:43:59.096

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-02-05 14:39:36.928

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-02-04 01:04:34.739

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-02-03 18:01:36.812

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-01-30 04:19:12.774

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-01-30 04:19:12.617

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-01-30 04:19:12.414

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-01-30 04:19:12.258

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-01-30 04:15:57.908

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


Date: 2015-01-30 04:15:57.736

Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.



==================== Memory info ===========================


Processor: Intel® Core i7-3632QM CPU @ 2.20GHz

Percentage of memory in use: 45%

Total physical RAM: 8064.39 MB

Available physical RAM: 4382.45 MB

Total Pagefile: 16256.39 MB

Available Pagefile: 11096.96 MB

Total Virtual: 131072 MB

Available Virtual: 131071.8 MB


==================== Drives ================================


Drive c: () (Fixed) (Total:235.57 GB) (Free:144.13 GB) NTFS

Drive d: (Duck Dynasty - Season 1) (CDROM) (Total:5.06 GB) (Free:0 GB) UDF

Drive e: (Libraries) (Fixed) (Total:656.83 GB) (Free:191.55 GB) NTFS

Drive f: (Contacts) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive g: (Documents) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive h: (Favorites) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive i: (Music) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive j: (Pictures) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive k: (Software) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive l: (Videos) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive w: (Work) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive x: (School) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive y: (Public) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS

Drive z: (Personal) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS


==================== MBR & Partition Table ==================


========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 14786A41)


Partition: GPT Partition Type.


==================== End Of Log ============================

Share this post


Link to post
Share on other sites

Just a little bit found.

 

Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy.

Paste this into the open notepad. save it to the Desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow)

 

 

FRSTfix.JPG

 

 

start

CloseProcesses:

SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpo...archTerms}&r=25

Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION

Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION

EmptyTemp:

End

Open FRST/FRST64 and press the Fix button just once and wait.

If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

~~~~~~~~~~~~~~~~~~~~~~~~~~`

 

Please run a Threat Scan with Malwarebytes' Anti-Malware.

 

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link

 

Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

 

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

~~~~~~~~~~~~~~`

BY4dvz9.pngAdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts.
  • Click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate.
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean.
  • Follow the prompts and allow your computer to reboot.
  • After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.
-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner.txt.

 

 

Please post

fixlist.txt

Malwarebytes log

AdwCleaner.txt

Share this post


Link to post
Share on other sites
Malwarebytes Anti-Malware

www.malwarebytes.org



Update, 2/9/2015 3:35:51 PM, SYSTEM, JOHN-PC-VAIO, Manual, Malware Database, 2015.2.7.3, 2015.2.9.9,

Scan, 2/9/2015 3:58:23 PM, SYSTEM, JOHN-PC-VAIO, Manual, Start:2/9/2015 3:36:01 PM, Duration:22 min 22 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections,


(end)

Share this post


Link to post
Share on other sites
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015

Ran by MrHappyGoLucky12 at 2015-02-09 15:24:22 Run:1

Running from C:\Users\MrHappyGoLucky12\Desktop

Loaded Profiles: MrHappyGoLucky12 (Available profiles: MrHappyGoLucky12)

Boot Mode: Normal

==============================================


Content of fixlist:

*****************

start

CloseProcesses:

SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpo...archTerms}&r=25

Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION

Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION

EmptyTemp:

End

*****************


Processes closed successfully.

"HKU\S-1-5-21-770957529-1316470831-3961421521-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C125A386-E11C-446D-94D8-25011520D962}" => Key deleted successfully.

HKCR\CLSID\{C125A386-E11C-446D-94D8-25011520D962} => Key not found.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EB2B437-ECFC-4929-912D-B1A7E361AF3C}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EB2B437-ECFC-4929-912D-B1A7E361AF3C}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartPoint" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{959793F8-000E-4196-AE1C-F56D26C1FAF4}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{959793F8-000E-4196-AE1C-F56D26C1FAF4}" => Key deleted successfully.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartPoint Updater" => Key deleted successfully.

EmptyTemp: => Removed 422.1 MB temporary data.



The system needed a reboot.


==== End of Fixlog 15:24:27 ====

Share this post


Link to post
Share on other sites
# AdwCleaner v4.110 - Logfile created 09/02/2015 at 17:20:56

# Updated 05/02/2015 by Xplode

# Database : 2015-02-09.1 [server]

# Operating system : Windows 8.1 (x64)

# Username : MrHappyGoLucky12 - JOHN-PC-VAIO

# Running from : C:\Users\MrHappyGoLucky12\Desktop\AdwCleaner.exe

# Option : Cleaning


***** [ Services ] *****



***** [ Files / Folders ] *****


Folder Deleted : C:\Users\MrHappyGoLucky12\AppData\Local\StartPoint


***** [ Scheduled tasks ] *****



***** [ Shortcuts ] *****



***** [ Registry ] *****


Key Deleted : HKCU\Software\Classes\keepmysearch

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}


***** [ Web browsers ] *****


-\\ Internet Explorer v11.0.9600.17416



-\\ Google Chrome v40.0.2214.111



*************************


AdwCleaner[R0].txt - [1053 bytes] - [09/02/2015 17:10:02]

AdwCleaner[s0].txt - [990 bytes] - [09/02/2015 17:20:56]


########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1048 bytes] ##########

Share this post


Link to post
Share on other sites

Tell me whats happening now?

 

What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner.

Most reliable and thorough.

The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find.

This scanner can take quite a bit of time to run, depending of course how full your computer is.

 

 

GzlsbnV.pngESET Online Scan

Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme.
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points.
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
======================================================

Share this post


Link to post
Share on other sites

right click on the icons one at a time, select properties, let's see if we can find some info that way.

Share this post


Link to post
Share on other sites

right click on the icons one at a time, select properties, let's see if we can find some info that way.

 

It's not displayed in the tray, but just shows in the Notification Area Icons settings in Control Panel like in the original picture.

Share this post


Link to post
Share on other sites

Yes I did

 

SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpo...archTerms}&r=25

Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION

Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION

 

we ran the script for that using FRST and that was the only items found at that time, then we ran a scan using MBAM that came up clean.

 

the only thing we haven't done was reset the browsers or manage addons

http://windows.microsoft.com/en-us/internet-explorer/manage-add-ons#ie=ie-11

 

We can take it a step further and set browsers back to default.

 

Instructions on how to backup your Favourites/Bookmarks and other data can be found below.

Proceed with the reset once done.~~~~~~~~~~~~~~~~~~~

 

http://windows.microsoft.com/en-us/windows-vista/remove-icons-from-the-notification-area-system-tray

Share this post


Link to post
Share on other sites

Please download SystemLook from one of the links below and save it to your Desktop.

Download Mirror #1

Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:

    :folderfind
    StartPoint
    :filefind
    StartPoint
    :regfind
    StartPoint
    
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Share this post


Link to post
Share on other sites

We can take it a step further and set browsers back to default.

 

Instructions on how to backup your Favourites/Bookmarks and other data can be found below.

 

I don't have to backup Chrome Bookmarks, do I? What about Chrome extensions? https://support.google.com/chrome/answer/3296214?hl=en . I don't ever use IE so I don't care about it.

Edited by MrHappyGoLucky12

Share this post


Link to post
Share on other sites

Hang on; you're giving me too many tasks at once. :yikes: I'm still on the ESET Online Scan. I made a big mistake. I ran it but skipped one of your directions:

  • Ensure Remove found threats is unchecked.

So, it did remove the threats it found. The file log is below. Luckily, I use SyncToy regularly to backup my files to a NAS. Would you recommend I get my deleted files re-established/synced again before we continue?

Do any of the files below look malicious? I think they are all legit.

E:\Music\Solo Downloader__3687_i868202625_il5993467.exe a variant of Win32/Amonetize.AW potentially unwanted application deleted - quarantined
E:\Software\Application Files\BriskAlbumCreatorSetup.exe a variant of Win32/Agent.SZW trojan cleaned by deleting - quarantined
E:\Software\Application Files\cbsi-10064069.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
E:\Software\Application Files\cbsidlm-tr1_10a-Akram_Media_Creator-BP-10335566.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\Software\Application Files\cbsidlm-tr1_11-Escaro-ORG-75324425.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined
E:\Software\Application Files\dsktopnow.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
E:\Software\Application Files\Flash_Setup.exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined
E:\Software\Application Files\FreeVideoToFlashConverter.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
E:\Software\Application Files\iLividSetup.exe Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantined
E:\Software\Application Files\JustCloud_Setup.exe MSIL/MyPCBackup.D potentially unwanted application deleted - quarantined
E:\Software\Application Files\MediaPlayerClassic.exe a variant of Win32/Verti.B potentially unwanted application deleted - quarantined
E:\Software\Application Files\MediaPlayerClassic_RocketFuelInstaller.exe a variant of Win32/Verti.G potentially unwanted application deleted - quarantined
E:\Software\Application Files\mlsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined
E:\Software\Application Files\mplayer_Setup.exe a variant of Win32/Adware.iBryte.G application cleaned by deleting - quarantined
E:\Software\Application Files\siw-setup.exe Win32/InstallMonetizer.AF potentially unwanted application deleted - quarantined
E:\Software\Application Files\SoftonicDownloader_for_biblio.exe a variant of Win32/SoftonicDownloader.G potentially unwanted application deleted - quarantined
E:\Software\Application Files\SoftonicDownloader_for_esyplanner.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantined
E:\Software\Application Files\SoftonicDownloader_for_mac-os-x-lion-skin-pack.exe Win32/SoftonicDownloader.D potentially unwanted application deleted - quarantined
E:\Software\Application Files\UBCD4WinV360.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted application deleted - quarantined
E:\Software\Application Files\4,001 Business, Sales & Personal Letters (new)\4001Letters.exe Win32/TrojanDownloader.Autoit.NDV trojan cleaned by deleting - quarantined
E:\Software\Application Files\Computer Maintenance\FreeVideoToFlashConverter.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
E:\Software\Bootable OS\UBCD4Win.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted application deleted - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\vncdll.dll Win32/Gimmiv.AA trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\.svn\text-base\vncdll.dll.svn-base Win32/Gimmiv.AA trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\templates\template_x86_darwin.bin OSX/Getshell.B.Gen trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\templates\.svn\text-base\template_x86_darwin.bin.svn-base OSX/Getshell.B.Gen trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\external\source\vncdll\output\vncdll.dll Win32/Gimmiv.AA trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\external\source\vncdll\output\.svn\text-base\vncdll.dll.svn-base Win32/Gimmiv.AA trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\firefox_queryinterface.rb JS/Exploit.CVE-2006-0295.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\mozilla_navigatorjava.rb JS/Exploit.CVE-2006-3677.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\.svn\text-base\firefox_queryinterface.rb.svn-base JS/Exploit.CVE-2006-0295.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\.svn\text-base\mozilla_navigatorjava.rb.svn-base JS/Exploit.CVE-2006-3677.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms09_072_style_object.rb JS/Exploit.CVE-2009-3672.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_002_aurora.rb JS/Exploit.CVE-2010-0249 trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_018_ie_behaviors.rb JS/Exploit.CVE-2010-0806.NAH trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_042_helpctr_xss_cmd_exec.rb HTML/Exploit.CVE-2010-1885.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms09_072_style_object.rb.svn-base JS/Exploit.CVE-2009-3672.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_002_aurora.rb.svn-base JS/Exploit.CVE-2010-0249 trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_018_ie_behaviors.rb.svn-base JS/Exploit.CVE-2010-0806.NAH trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_042_helpctr_xss_cmd_exec.rb.svn-base HTML/Exploit.CVE-2010-1885.A trojan cleaned by deleting - quarantined
E:\Software\Bootable OS\Win7PE\Projects\Tools\Win7PE_SE\x64\hiderun_x64.exe Win64/HideRun.A potentially unwanted application deleted - quarantined
E:\Software\Bootable OS\Win7PE\Projects\Tools\Win7PE_SE\x86\hiderun_x86.exe Win32/HideRun.A potentially unwanted application deleted - quarantined

Share this post


Link to post
Share on other sites

 

Would you recommend I get my deleted files re-established/synced again before we continue?

Up to you :)

Share this post


Link to post
Share on other sites

Do you use Word Press for blogs/websites?, "Start Point" is a Word Press application.

 

It's possible the install62894.exe is also a Word Press application.

check your Word Press control panel to see if you have installed these applications.

Share this post


Link to post
Share on other sites

I do use WordPress, and I contacted PressCoders, the company i buy my themes from, and they said, "I've not seen those files before so can't say for sure. If in doubt I would Google it and see if anything flags up."

Edited by MrHappyGoLucky12

Share this post


Link to post
Share on other sites

We can run other malware scans to try and find something but not sure your computer is infected.

 

What we can do is allow windows updates to install for this cycle and see if that one has to do with anything in windows.

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.
Sign in to follow this  

×
×
  • Create New...