MrHappyGoLucky12 Report post Posted February 9, 2015 What are these two suspicious things? I can't find too much about them and they aren't in the Add/Remove Programs. http://s3.postimg.org/xe44g41mr/Untitled.png I used: CCleaner Malware Bytes Anti Malware Spybot Search & Destroy Super Anti Spyware Bit Defender F-Secure Kaspersky Panda Activescan Trend Micro Housecall and they are still there. I got a HJT and Spybot log. It won't let me post the Spybot log here because it is too long, and when I hit POST, it takes minutes and then gives me a fatal error message. But here is the HJT log: Logfile of Spybot 2.4.40.0. Copyright © 2000-2015 Safer-Networking Limited. All rights reserved. Scan saved at 2/8/2015 5:33:22 PM Platform: Windows 8.1 (Build: 9200) (6.3.9200) Running processes: [system Process] System C:\Windows\System32\smss.exe C:\Windows\System32\csrss.exe C:\Windows\System32\wininit.exe C:\Windows\System32\csrss.exe C:\Windows\System32\winlogon.exe C:\Windows\System32\services.exe C:\Windows\System32\lsass.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\VPDAgent_x64.exe C:\Windows\System32\atiesrxx.exe C:\Windows\System32\dwm.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\atieclxx.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\spoolsv.exe C:\Windows\System32\svchost.exe C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe C:\Program Files (x86)\Bluetooth Suite\AdminService.exe C:\Windows\SysWOW64\IntelCpHeciSvc.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\System32\dasHost.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe C:\Program Files (x86)\Neat\exec\NeatStartupService.exe C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe C:\Windows\System32\svchost.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe C:\Windows\SysWOW64\dllhost.exe C:\Program Files\Windows Defender\NisSrv.exe C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe C:\Windows\System32\taskhostex.exe C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\explorer.exe C:\Windows\System32\SearchIndexer.exe C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe C:\Windows\System32\conhost.exe C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Sony\VAIO Care\VCPerfService.exe C:\Program Files\Sony\VAIO Care\listener.exe C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe C:\Program Files\Sony\VAIO Update\VUAgent.exe C:\Program Files\Sony\VAIO Improvement\vim.exe C:\Program Files\Sony\VAIO Improvement\vim.exe C:\Program Files\Sony\VAIO Care\VCSystemTray.exe C:\Windows\System32\wbem\WmiPrvSE.exe C:\Program Files\Sony\VAIO Care\VCService.exe C:\Program Files\Sony\VAIO Care\VCAgent.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe chrome.exe chrome.exe chrome.exe chrome.exe chrome.exe chrome.exe chrome.exe chrome.exe chrome.exe chrome.exe C:\Windows\ImmersiveControlPanel\SystemSettings.exe C:\Windows\System32\WWAHost.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Classic Shell\ClassicStartMenu.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe C:\Program Files\SUPERAntiSpyware\SASCore64.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Windows\System32\taskhost.exe SearchProtocolHost.exe SearchFilterHost.exe WmiPrvSE.exe dllhost.exe dllhost.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTools.exe F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe O4 - HKCU\..\Run: [Google Update] C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_193928417959A0B74D1B60975331D7B6] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKLM\..\Run: [] O4 - HKLM\..\Run: [startCCC] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe O20 - Winlogon Notify: igfxcui = igfxdev.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer64.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~1\Office14\URLREDIR.DLL O23 - Service: SAS Core Service (!SASCORE) - /owner unsupported/ - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @1394.inf,%PCI\CC_0C0010.DeviceDesc%;1394 OHCI Compliant Host Controller (1394ohci) - /owner unsupported/ - \SystemRoot\System32\drivers\1394ohci.sys O23 - Service: @acpi.inf,%ACPI.SvcDesc%;Microsoft ACPI Driver (ACPI) - /owner unsupported/ - System32\drivers\ACPI.sys O23 - Service: Microsoft ACPIEx Driver (acpiex) - /owner unsupported/ - System32\Drivers\acpiex.sys O23 - Service: @acpipagr.inf,%SvcDesc%;ACPI Processor Aggregator Driver (acpipagr) - /owner unsupported/ - \SystemRoot\System32\drivers\acpipagr.sys O23 - Service: @acpipmi.inf,%AcpiPmi.SvcDesc%;ACPI Power Meter Driver (AcpiPmi) - /owner unsupported/ - \SystemRoot\System32\drivers\acpipmi.sys O23 - Service: @acpitime.inf,%AcpiTime.SvcDesc%;ACPI Wake Alarm Driver (acpitime) - /owner unsupported/ - \SystemRoot\System32\drivers\acpitime.sys O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Drive CS4 NP (AdobeDriveCS4_NP) - /owner unsupported/ - O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: afcdp (afcdp) - /owner unsupported/ - system32\DRIVERS\afcdp.sys O23 - Service: Acronis Nonstop Backup Service (afcdpsrv) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe O23 - Service: @%systemroot%\system32\drivers\afd.sys,-1000 (AFD) - /owner unsupported/ - \SystemRoot\system32\drivers\afd.sys O23 - Service: VPDAgent (Agent) - /owner unsupported/ - C:\WINDOWS\VPDAgent_x64.exe O23 - Service: @machine.inf,%agp440_svcdesc%;Intel AGP Bus Filter (agp440) - /owner unsupported/ - System32\drivers\agp440.sys O23 - Service: @%systemroot%\system32\drivers\ahcache.sys,-102 (ahcache) - /owner unsupported/ - system32\DRIVERS\ahcache.sys O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - /owner unsupported/ - C:\WINDOWS\System32\alg.exe O23 - Service: @cpu.inf,%AmdK8.SvcDesc%;AMD K8 Processor Driver (AmdK8) - /owner unsupported/ - \SystemRoot\System32\drivers\amdk8.sys O23 - Service: @oem49.inf,%AMDKMPFD_svcdesc%;AMD PCI Root Bus Lower Filter (amdkmpfd) - /owner unsupported/ - System32\drivers\amdkmpfd.sys O23 - Service: @cpu.inf,%AmdPPM.SvcDesc%;AMD Processor Driver (AmdPPM) - /owner unsupported/ - \SystemRoot\System32\drivers\amdppm.sys O23 - Service: @%systemroot%\system32\appidsvc.dll,-102 (AppID) - /owner unsupported/ - \SystemRoot\system32\drivers\appid.sys O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\AppReadiness.dll,-1000 (AppReadiness) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\appxdeploymentserver.dll,-1 (AppXSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @arcsas.inf,%arcsas_ServiceName%;Adaptec SAS/SATA-II RAID Storport's Miniport Driver (arcsas) - /owner unsupported/ - System32\drivers\arcsas.sys O23 - Service: @mshdc.inf,%idechannel.DeviceDesc%;IDE Channel (atapi) - /owner unsupported/ - System32\drivers\atapi.sys O23 - Service: @oem9.inf,%BTHSUPPORT.SvcDesc%;Qualcomm Atheros Virtual Bluetooth Class (AthBTPort) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\btath_flt.sys O23 - Service: AtherosSvc (AtherosSvc) - /owner unsupported/ - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe O23 - Service: @oem38.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver (athr) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\athwbx.sys O23 - Service: @%SystemRoot%\system32\AudioEndpointBuilder.dll,-204 (AudioEndpointBuilder) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @netbvbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II VBD (b06bdrv) - /owner unsupported/ - System32\drivers\bxvbda.sys O23 - Service: @bcmfn2.inf,%bcmfn2.SVCDESC%;bcmfn2 Service (bcmfn2) - /owner unsupported/ - \SystemRoot\System32\drivers\bcmfn2.sys O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: Beep (Beep) - /owner unsupported/ - O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-102 (bowser) - /owner unsupported/ - system32\DRIVERS\bowser.sys O23 - Service: @%windir%\system32\bisrv.dll,-100 (BrokerInfrastructure) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @oem7.inf,%BTATH_A2DP.SvcDesc%;Bluetooth A2DP Audio Driver (BTATH_A2DP) - /owner unsupported/ - \SystemRoot\system32\drivers\btath_a2dp.sys O23 - Service: @oem39.inf,%btath_avdt.SvcDesc%;Qualcomm Atheros Bluetooth AVDT Service (btath_avdt) - /owner unsupported/ - \SystemRoot\system32\drivers\btath_avdt.sys O23 - Service: @oem3.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus (BTATH_BUS) - /owner unsupported/ - \SystemRoot\System32\drivers\btath_bus.sys O23 - Service: @oem27.inf,%BTATH_HCRP.SvcDesc%;Bluetooth HCRP Server driver (BTATH_HCRP) - /owner unsupported/ - \SystemRoot\System32\drivers\btath_hcrp.sys O23 - Service: @oem32.inf,%BTATH_LWFLT%;Bluetooth LWFLT Device (BTATH_LWFLT) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\btath_lwflt.sys O23 - Service: @oem34.inf,%BTATH_RCP%;Bluetooth AVRCP Device (BTATH_RCP) - /owner unsupported/ - \SystemRoot\System32\drivers\btath_rcp.sys O23 - Service: @oem39.inf,%BTATH_VDP.SvcDesc%;Bluetooth VDP Driver (BTATH_VDP) - /owner unsupported/ - \SystemRoot\system32\drivers\btath_vdp.sys O23 - Service: BtFilter (BtFilter) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\btfilter.sys O23 - Service: @bthaudhid.inf,%BthAvrcpTg_SvcDesc%;Bluetooth Audio/Video Remote Control HID (BthAvrcpTg) - /owner unsupported/ - \SystemRoot\System32\drivers\BthAvrcpTg.sys O23 - Service: @bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service (BthEnum) - /owner unsupported/ - \SystemRoot\System32\drivers\BthEnum.sys O23 - Service: @bthhfenum.inf,%BthHFEnum.SVCDESC%;Bluetooth Hands-Free Audio and Call Control HID Enumerator (BthHFEnum) - /owner unsupported/ - \SystemRoot\System32\drivers\bthhfenum.sys O23 - Service: @bthaudhid.inf,%BthAudioHFHid.SVCDESC%;Bluetooth Hands-Free Call Control HID (bthhfhid) - /owner unsupported/ - \SystemRoot\System32\drivers\BthHFHid.sys O23 - Service: @%SystemRoot%\System32\BthHFSrv.dll,-103 (BthHFSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @bthleenum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver (BthLEEnum) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\BthLEEnum.sys O23 - Service: @bthspp.inf,%BthSerial.DisplayName%;Bluetooth Serial Communications Driver (BTHMODEM) - /owner unsupported/ - \SystemRoot\System32\drivers\bthmodem.sys O23 - Service: @bthpan.inf,%BthPan.DisplayName%;Bluetooth Device (Personal Area Network) (BthPan) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\bthpan.sys O23 - Service: @bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver (BTHPORT) - /owner unsupported/ - \SystemRoot\System32\Drivers\BTHport.sys O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver (BTHUSB) - /owner unsupported/ - \SystemRoot\System32\Drivers\BTHUSB.sys O23 - Service: CD/DVD File System Reader (cdfs) - /owner unsupported/ - system32\DRIVERS\cdfs.sys O23 - Service: @cdrom.inf,%cdrom_ServiceDesc%;CD-ROM Driver (cdrom) - /owner unsupported/ - \SystemRoot\System32\drivers\cdrom.sys O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @circlass.inf,%circlass.SVCDESC%;Consumer IR Devices (circlass) - /owner unsupported/ - \SystemRoot\System32\drivers\circlass.sys O23 - Service: @%SystemRoot%\system32\drivers\clfs.sys,-100 (CLFS) - /owner unsupported/ - System32\drivers\CLFS.sys O23 - Service: CLVirtualDrive (CLVirtualDrive) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\CLVirtualDrive.sys O23 - Service: @cmbatt.inf,%CmBatt.SvcDesc%;Microsoft ACPI Control Method Battery Driver (CmBatt) - /owner unsupported/ - \SystemRoot\System32\drivers\CmBatt.sys O23 - Service: @CompositeBus.inf,%CompositeBus.SVCDESC%;Composite Bus Enumerator Driver (CompositeBus) - /owner unsupported/ - \SystemRoot\System32\drivers\CompositeBus.sys O23 - Service: @comres.dll,-947 (COMSysApp) - /owner unsupported/ - C:\WINDOWS\system32\dllhost.exe O23 - Service: Console Driver (condrv) - /owner unsupported/ - System32\drivers\condrv.sys O23 - Service: Intel® Content Protection HECI Service (cphs) - /owner unsupported/ - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\drivers\dam.sys,-100 (dam) - /owner unsupported/ - system32\drivers\dam.sys O23 - Service: @combase.dll,-5012 (DcomLaunch) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\das.dll,-100 (DeviceAssociationService) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (DeviceInstall) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-1008 (Dfsc) - /owner unsupported/ - System32\Drivers\dfsc.sys O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @disk.inf,%disk_ServiceDesc%;Disk Driver (disk) - /owner unsupported/ - System32\drivers\disk.sys O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @wdmaudio.inf,%drmkaud.SvcDesc%;Microsoft Trusted Audio Drivers (drmkaud) - /owner unsupported/ - \SystemRoot\system32\drivers\drmkaud.sys O23 - Service: @%SystemRoot%\system32\DeviceSetupManager.dll,-1000 (DsmSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: LDDM Graphics Subsystem (DXGKrnl) - /owner unsupported/ - \SystemRoot\System32\drivers\dxgkrnl.sys O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (Eaphost) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @netevbda.inf,%vbd_srv_desc%;Broadcom NetXtreme II 10 GigE VBD (ebdrv) - /owner unsupported/ - System32\drivers\evbda.sys O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - /owner unsupported/ - C:\WINDOWS\System32\lsass.exe O23 - Service: @%SystemRoot%\system32\drivers\EhStorClass.sys,-100 (EhStorClass) - /owner unsupported/ - System32\drivers\EhStorClass.sys O23 - Service: @ehstortcgdrv.inf,%EhStorTcgDrv.Desc%;Microsoft driver for storage devices supporting IEEE 1667 and TCG protocols (EhStorTcgDrv) - /owner unsupported/ - System32\drivers\EhStorTcgDrv.sys O23 - Service: @errdev.inf,%ERRDEV.SvcDesc%;Microsoft Hardware Error Device Driver (ErrDev) - /owner unsupported/ - \SystemRoot\System32\drivers\errdev.sys O23 - Service: Energy Server Service (ESRV_SVC) - /owner unsupported/ - O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (EventLog) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @comres.dll,-2450 (EventSystem) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: exFAT File System Driver (exfat) - /owner unsupported/ - O23 - Service: FAT12/16/32 File System Driver (fastfat) - /owner unsupported/ - O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - /owner unsupported/ - C:\WINDOWS\system32\fxssvc.exe O23 - Service: @fdc.inf,%fdc_ServiceDesc%;Floppy Disk Controller Driver (fdc) - /owner unsupported/ - \SystemRoot\System32\drivers\fdc.sys O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\fhsvc.dll,-101 (fhsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\drivers\fileinfo.sys,-100 (FileInfo) - /owner unsupported/ - System32\drivers\fileinfo.sys O23 - Service: @%SystemRoot%\system32\drivers\filetrace.sys,-10001 (Filetrace) - /owner unsupported/ - system32\drivers\filetrace.sys O23 - Service: FLEXnet Licensing Service (FLEXnet Licensing Service) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: FLEXnet Licensing Service 64 (FLEXnet Licensing Service 64) - /owner unsupported/ - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe O23 - Service: @flpydisk.inf,%floppy_ServiceDesc%;Floppy Disk Driver (flpydisk) - /owner unsupported/ - \SystemRoot\System32\drivers\flpydisk.sys O23 - Service: @%SystemRoot%\system32\drivers\fltmgr.sys,-10001 (FltMgr) - /owner unsupported/ - system32\drivers\fltmgr.sys O23 - Service: Acronis Storage Filter Management (fltsrv) - /owner unsupported/ - system32\DRIVERS\fltsrv.sys O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\PresentationHost.exe,-3309 (FontCache3.0.0.0) - /owner unsupported/ - C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe O23 - Service: @%SystemRoot%\system32\drivers\fsdepends.sys,-10001 (FsDepends) - /owner unsupported/ - System32\drivers\FsDepends.sys O23 - Service: @%SystemRoot%\system32\drivers\fvevol.sys,-100 (fvevol) - /owner unsupported/ - System32\DRIVERS\fvevol.sys O23 - Service: @cpu.inf,%FxPPM.SvcDesc%;Power Framework Processor Driver (FxPPM) - /owner unsupported/ - \SystemRoot\System32\drivers\fxppm.sys O23 - Service: @machine.inf,%gagp30kx_svcdesc%;Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms (gagp30kx) - /owner unsupported/ - System32\drivers\gagp30kx.sys O23 - Service: @wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter (gencounter) - /owner unsupported/ - \SystemRoot\System32\drivers\vmgencounter.sys O23 - Service: Microsoft GPIO Class Extension Driver (GPIOClx0101) - /owner unsupported/ - System32\Drivers\msgpioclx.sys O23 - Service: @gpapi.dll,-112 (gpsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: Google Update Service (gupdate) (gupdate) - /owner unsupported/ - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - /owner unsupported/ - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: @hdaudbus.inf,%HDAudBus.SVCDESC%;Microsoft UAA Bus Driver for High Definition Audio (HDAudBus) - /owner unsupported/ - \SystemRoot\System32\drivers\HDAudBus.sys O23 - Service: @hidbatt.inf,%HidBatt.SvcDesc%;HID UPS Battery Driver (HidBatt) - /owner unsupported/ - \SystemRoot\System32\drivers\HidBatt.sys O23 - Service: @hidbth.inf,%HIDBTH.SvcDesc%;Microsoft Bluetooth HID Miniport (HidBth) - /owner unsupported/ - \SystemRoot\System32\drivers\hidbth.sys O23 - Service: @hidi2c.inf,%hidi2c.SVCDESC%;Microsoft I2C HID Miniport Driver (hidi2c) - /owner unsupported/ - \SystemRoot\System32\drivers\hidi2c.sys O23 - Service: @hidir.inf,%HIDIR.SvcDesc%;Microsoft Infrared HID Driver (HidIr) - /owner unsupported/ - \SystemRoot\System32\drivers\hidir.sys O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @oem20.inf,%HID.SvcDesc%;Microsoft HID Class Driver (HidUsb) - /owner unsupported/ - \SystemRoot\System32\drivers\hidusb.sys O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\drivers\http.sys,-1 (HTTP) - /owner unsupported/ - system32\drivers\HTTP.sys O23 - Service: @%systemroot%\system32\drivers\hwpolicy.sys,-101 (hwpolicy) - /owner unsupported/ - System32\drivers\hwpolicy.sys O23 - Service: @msmouse.inf,%i8042prt.SvcDesc%;PS/2 Keyboard and Mouse Port Driver (i8042prt) - /owner unsupported/ - \SystemRoot\System32\drivers\i8042prt.sys O23 - Service: @ialpssi_gpio.inf,%iaLPSSi_GPIO.SVCDESC%;Intel® Serial IO GPIO Controller Driver (iaLPSSi_GPIO) - /owner unsupported/ - \SystemRoot\System32\drivers\iaLPSSi_GPIO.sys O23 - Service: @ialpssi_i2c.inf,%iaLPSSi_I2C.SVCDESC%;Intel® Serial IO I2C Controller Driver (iaLPSSi_I2C) - /owner unsupported/ - \SystemRoot\System32\drivers\iaLPSSi_I2C.sys O23 - Service: @iastorav.inf,%iaStorAV.DeviceDesc%;Intel® SATA RAID Controller Windows (iaStorAV) - /owner unsupported/ - System32\drivers\iaStorAV.sys O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - /owner unsupported/ - C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @iastorv.inf,%*PNP0600.DeviceDesc%;Intel RAID Controller Windows 7 (iaStorV) - /owner unsupported/ - System32\drivers\iaStorV.sys O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - /owner unsupported/ - C:\WINDOWS\system32\IEEtwCollector.exe O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: Service for Realtek HD Audio (WDM) (IntcAzAudAddService) - /owner unsupported/ - \SystemRoot\system32\drivers\RTKVHD64.sys O23 - Service: @oem10.inf,%IntcDAud.SvcDesc%;Intel® Display Audio (IntcDAud) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\IntcDAud.sys O23 - Service: Intel® Capability Licensing Service Interface (Intel® Capability Licensing Service Interface) - /owner unsupported/ - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel® ME Service (Intel® ME Service) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe O23 - Service: @intelpep.inf,%INTELPEP.SVCDESC%;Intel® Power Engine Plug-in Driver (intelpep) - /owner unsupported/ - System32\drivers\intelpep.sys O23 - Service: @cpu.inf,%IntelPPM.SvcDesc%;Intel Processor Driver (intelppm) - /owner unsupported/ - \SystemRoot\System32\drivers\intelppm.sys O23 - Service: @%systemroot%\system32\rascfg.dll,-32013 (IpFilterDriver) - /owner unsupported/ - system32\DRIVERS\ipfltdrv.sys O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: IP Network Address Translator (IPNAT) - /owner unsupported/ - System32\drivers\ipnat.sys O23 - Service: @%SystemRoot%\system32\drivers\irenum.sys,-100 (IRENUM) - /owner unsupported/ - system32\drivers\irenum.sys O23 - Service: @iscsi.inf,%iScsiPortName%;iScsiPort Driver (iScsiPrt) - /owner unsupported/ - \SystemRoot\System32\drivers\msiscsi.sys O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyboard.inf,%kbdclass.SvcDesc%;Keyboard Class Driver (kbdclass) - /owner unsupported/ - \SystemRoot\System32\drivers\kbdclass.sys O23 - Service: @keyboard.inf,%KBDHID.SvcDesc%;Keyboard HID Driver (kbdhid) - /owner unsupported/ - \SystemRoot\System32\drivers\kbdhid.sys O23 - Service: @kdnic.inf,%KdNic.Service.DispName%;Microsoft Kernel Debug Network Miniport (NDIS 6.20) (kdnic) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\kdnic.sys O23 - Service: @keyiso.dll,-100 (KeyIso) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe O23 - Service: Kernel Streaming Thunks (ksthunk) - /owner unsupported/ - \SystemRoot\system32\drivers\ksthunk.sys O23 - Service: @comres.dll,-2946 (KtmRm) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\GeofenceMonitorService.dll,-1 (lfsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-6 (lltdio) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\lltdio.sys O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: @%windir%\system32\lsm.dll,-1001 (LSM) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\drivers\luafv.sys,-100 (luafv) - /owner unsupported/ - \SystemRoot\system32\drivers\luafv.sys O23 - Service: @oem12.inf,%HECI_SvcDesc%;Intel® Management Engine Interface (MEIx64) - /owner unsupported/ - \SystemRoot\System32\drivers\HECIx64.sys O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @monitor.inf,%Monitor.SVCDESC%;Microsoft Monitor Class Function Driver Service (monitor) - /owner unsupported/ - \SystemRoot\System32\drivers\monitor.sys O23 - Service: @msmouse.inf,%mouclass.SvcDesc%;Mouse Class Driver (mouclass) - /owner unsupported/ - \SystemRoot\System32\drivers\mouclass.sys O23 - Service: @msmouse.inf,%MOUHID.SvcDesc%;Mouse HID Driver (mouhid) - /owner unsupported/ - \SystemRoot\System32\drivers\mouhid.sys O23 - Service: @%SystemRoot%\system32\drivers\mountmgr.sys,-100 (mountmgr) - /owner unsupported/ - System32\drivers\mountmgr.sys O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23092 (mpsdrv) - /owner unsupported/ - System32\drivers\mpsdrv.sys O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\webclnt.dll,-104 (MRxDAV) - /owner unsupported/ - \SystemRoot\system32\drivers\mrxdav.sys O23 - Service: @%systemroot%\system32\wkssvc.dll,-1002 (mrxsmb) - /owner unsupported/ - system32\DRIVERS\mrxsmb.sys O23 - Service: @%systemroot%\system32\wkssvc.dll,-1004 (mrxsmb10) - /owner unsupported/ - system32\DRIVERS\mrxsmb10.sys O23 - Service: @%systemroot%\system32\wkssvc.dll,-1006 (mrxsmb20) - /owner unsupported/ - system32\DRIVERS\mrxsmb20.sys O23 - Service: @%SystemRoot%\system32\bridgeres.dll,-1 (MsBridge) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\bridge.sys O23 - Service: @comres.dll,-2797 (MSDTC) - /owner unsupported/ - C:\WINDOWS\System32\msdtc.exe O23 - Service: @msgpiowin32.inf,%GPIO.SvcDesc%;Common Driver for Buttons, DockMode and Laptop/Slate Indicator (msgpiowin32) - /owner unsupported/ - \SystemRoot\System32\drivers\msgpiowin32.sys O23 - Service: @%SystemRoot%\system32\drivers\mshidkmdf.sys,-100 (mshidkmdf) - /owner unsupported/ - \SystemRoot\System32\drivers\mshidkmdf.sys O23 - Service: @%SystemRoot%\system32\drivers\mshidumdf.sys,-100 (mshidumdf) - /owner unsupported/ - \SystemRoot\System32\drivers\mshidumdf.sys O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - /owner unsupported/ - C:\WINDOWS\system32\msiexec.exe O23 - Service: @ksfilter.inf,%MSKSSRV.DeviceDesc%;Microsoft Streaming Service Proxy (MSKSSRV) - /owner unsupported/ - \SystemRoot\system32\drivers\MSKSSRV.sys O23 - Service: @C:\Windows\system32\DRIVERS\mslldp.sys,-200 (MsLldp) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\mslldp.sys O23 - Service: @ksfilter.inf,%MSPCLOCK.DeviceDesc%;Microsoft Streaming Clock Proxy (MSPCLOCK) - /owner unsupported/ - \SystemRoot\system32\drivers\MSPCLOCK.sys O23 - Service: @ksfilter.inf,%MSPQM.DeviceDesc%;Microsoft Streaming Quality Manager Proxy (MSPQM) - /owner unsupported/ - \SystemRoot\system32\drivers\MSPQM.sys O23 - Service: @mssmbios.inf,%mssmbios_svcdesc%;Microsoft System Management BIOS Driver (mssmbios) - /owner unsupported/ - \SystemRoot\System32\drivers\mssmbios.sys O23 - Service: @ksfilter.inf,%MSTEE.DeviceDesc%;Microsoft Streaming Tee/Sink-to-Sink Converter (MSTEE) - /owner unsupported/ - \SystemRoot\system32\drivers\MSTEE.sys O23 - Service: @mtconfig.inf,%MTConfig.SVCDESC%;Microsoft Input Configuration Driver (MTConfig) - /owner unsupported/ - \SystemRoot\System32\drivers\MTConfig.sys O23 - Service: @%systemroot%\system32\drivers\mup.sys,-101 (Mup) - /owner unsupported/ - System32\Drivers\mup.sys O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\drivers\nwifi.sys,-101 (NativeWifiP) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\nwifi.sys O23 - Service: @%SystemRoot%\system32\ncasvc.dll,-3009 (NcaSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\ncbservice.dll,-500 (NcbService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\NcdAutoSetup.dll,-100 (NcdAutoSetup) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\drivers\ndis.sys,-200 (NDIS) - /owner unsupported/ - system32\drivers\ndis.sys O23 - Service: @%SystemRoot%\System32\drivers\ndiscap.sys,-5000 (NdisCap) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndiscap.sys O23 - Service: @%SystemRoot%\System32\drivers\ndisimplatform.sys,-501 (NdisImPlatform) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\NdisImPlatform.sys O23 - Service: @%systemroot%\system32\rascfg.dll,-32001 (NdisTapi) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndistapi.sys O23 - Service: @ndisuio.inf,%NDISUIO_Desc%;NDIS Usermode I/O Protocol (Ndisuio) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndisuio.sys O23 - Service: @%SystemRoot%\System32\drivers\NdisVirtualBus.sys,-200 (NdisVirtualBus) - /owner unsupported/ - \SystemRoot\System32\drivers\NdisVirtualBus.sys O23 - Service: @%systemroot%\system32\rascfg.dll,-32002 (NdisWan) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndiswan.sys O23 - Service: @%systemroot%\system32\rascfg.dll,-32014 (NdisWanLegacy) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\ndiswan.sys O23 - Service: @%SystemRoot%\system32\drivers\Ndu.sys,-10001 (Ndu) - /owner unsupported/ - system32\drivers\Ndu.sys O23 - Service: Neat Startup Service (Neat Startup Service) - /owner unsupported/ - C:\Program Files (x86)\Neat\exec\NeatStartupService.exe O23 - Service: @netnb.inf,%NetBIOS_Desc%;NetBIOS Interface (NetBIOS) - /owner unsupported/ - system32\DRIVERS\netbios.sys O23 - Service: @%SystemRoot%\system32\drivers\netbt.sys,-2 (NetBT) - /owner unsupported/ - System32\DRIVERS\netbt.sys O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\netprofmsvc.dll,-202 (netprofm) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8201 (NetTcpPortSharing) - /owner unsupported/ - C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe O23 - Service: NetworkSupport (NetworkSupport) - /owner unsupported/ - C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @npsvctrig.inf,%NPSVCTRIG.SvcDisplayName%;Named pipe service trigger provider (npsvctrig) - /owner unsupported/ - \SystemRoot\System32\drivers\npsvctrig.sys O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\drivers\nsiproxy.sys,-2 (nsiproxy) - /owner unsupported/ - system32\drivers\nsiproxy.sys O23 - Service: @machine.inf,%agpnvidia_svcdesc%;NVIDIA nForce AGP Bus Filter (nv_agp) - /owner unsupported/ - System32\drivers\nv_agp.sys O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @msports.inf,%Parport.SVCDESC%;Parallel port driver (Parport) - /owner unsupported/ - \SystemRoot\System32\drivers\parport.sys O23 - Service: @%SystemRoot%\system32\drivers\partmgr.sys,-100 (partmgr) - /owner unsupported/ - System32\drivers\partmgr.sys O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @machine.inf,%pci_svcdesc%;PCI Bus Driver (pci) - /owner unsupported/ - System32\drivers\pci.sys O23 - Service: Performance Counters for Windows Driver (pcw) - /owner unsupported/ - System32\drivers\pcw.sys O23 - Service: @%SystemRoot%\system32\drivers\pdc.sys,-100 (pdc) - /owner unsupported/ - system32\drivers\pdc.sys O23 - Service: PEAUTH (PEAUTH) - /owner unsupported/ - system32\drivers\peauth.sys O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - /owner unsupported/ - C:\WINDOWS\SysWow64\perfhost.exe O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-200 (PlugPlay) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: PMBDeviceInfoProvider (PMBDeviceInfoProvider) - /owner unsupported/ - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll,-1 (PrintNotify) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @cpu.inf,%Processor.SvcDesc%;Processor Driver (Processor) - /owner unsupported/ - \SystemRoot\System32\drivers\processr.sys O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\drivers\pacer.sys,-101 (Psched) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\pacer.sys O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\drivers\qwavedrv.sys,-1 (QWAVEdrv) - /owner unsupported/ - \SystemRoot\system32\drivers\qwavedrv.sys O23 - Service: Remote Access Auto Connection Driver (RasAcd) - /owner unsupported/ - System32\DRIVERS\rasacd.sys O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\rascfg.dll,-32007 (RasPppoe) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\raspppoe.sys O23 - Service: @%systemroot%\system32\wkssvc.dll,-1000 (rdbss) - /owner unsupported/ - system32\DRIVERS\rdbss.sys O23 - Service: @rdpbus.inf,%rdpbus_svcdesc%;Remote Desktop Device Redirector Bus Driver (rdpbus) - /owner unsupported/ - \SystemRoot\System32\drivers\rdpbus.sys O23 - Service: @%SystemRoot%\System32\DRIVERS\rdpdr.sys,-100 (RDPDR) - /owner unsupported/ - System32\drivers\rdpdr.sys O23 - Service: @%systemroot%\system32\drprov.dll,-100 (RDPNP) - /owner unsupported/ - O23 - Service: Remote Desktop Video Miniport Driver (RdpVideoMiniport) - /owner unsupported/ - System32\drivers\rdpvideominiport.sys O23 - Service: ReadyBoost (rdyboost) - /owner unsupported/ - System32\drivers\rdyboost.sys O23 - Service: @%Systemroot%\system32\mprdim.dll,-200 (RemoteAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI) (RFCOMM) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\rfcomm.sys O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - /owner unsupported/ - C:\WINDOWS\system32\locator.exe O23 - Service: @combase.dll,-5010 (RpcSs) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\lltdres.dll,-5 (rspndr) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\rspndr.sys O23 - Service: @oem45.inf,%rtl8168.Service.DispName%;Inventec 8168 NT Driver (RTL8168) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\rtlh64.sys O23 - Service: Intel® System Behavior Tracker Collector Service (SampleCollector) - /owner unsupported/ - O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe O23 - Service: SASDIFSV (SASDIFSV) - /owner unsupported/ - \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS O23 - Service: SASKUTIL (SASKUTIL) - /owner unsupported/ - \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS O23 - Service: @sbp2.inf,%sbp2_ServiceDesc%;SBP-2 Transport/Protocol Bus Driver (sbp2port) - /owner unsupported/ - System32\drivers\sbp2port.sys O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\ScDeviceEnum.dll,-100 (ScDeviceEnum) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\drivers\scfilter.sys,-11 (scfilter) - /owner unsupported/ - System32\DRIVERS\scfilter.sys O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @sdstor.inf,%sdstor_ServiceDesc%;SD Storage Port Driver (sdstor) - /owner unsupported/ - \SystemRoot\System32\drivers\sdstor.sys O23 - Service: Security Driver (secdrv) - /owner unsupported/ - O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: semav6thermal64ro (semav6thermal64ro) - /owner unsupported/ - C:\WINDOWS\system32\drivers\semav6thermal64ro.sys O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: Serial UART Support Library (SerCx) - /owner unsupported/ - system32\drivers\SerCx.sys O23 - Service: Serial UART Support Library (SerCx2) - /owner unsupported/ - system32\drivers\SerCx2.sys O23 - Service: @msports.inf,%Serenum.SVCDESC%;Serenum Filter Driver (Serenum) - /owner unsupported/ - \SystemRoot\System32\drivers\serenum.sys O23 - Service: @msports.inf,%Serial.SVCDESC%;Serial port driver (Serial) - /owner unsupported/ - \SystemRoot\System32\drivers\serial.sys O23 - Service: @msmouse.inf,%sermouse.SvcDesc%;Serial Mouse Driver (sermouse) - /owner unsupported/ - \SystemRoot\System32\drivers\sermouse.sys O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @oem29.inf,%SvcDesc%;Sony Firmware Extension Parser (SFEP) - /owner unsupported/ - \SystemRoot\System32\drivers\SFEP.sys O23 - Service: @flpydisk.inf,%sfloppy_devdesc%;High-Capacity Floppy Disk Drive (sfloppy) - /owner unsupported/ - \SystemRoot\System32\drivers\sfloppy.sys O23 - Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\smphost.dll,-102 (smphost) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: Acronis Snapshots Manager (snapman) - /owner unsupported/ - system32\DRIVERS\snapman.sys O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - /owner unsupported/ - C:\WINDOWS\System32\snmptrap.exe O23 - Service: VAIO Content Importer (SOHCImp) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe O23 - Service: Sony Digital Media Server (SOHDms) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe O23 - Service: Sony Device Searcher (SOHDs) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe O23 - Service: @oem30.inf,%SOWS%;Sony Wireless State Device (SOWS) - /owner unsupported/ - \SystemRoot\System32\drivers\sows.sys O23 - Service: @spaceport.inf,%Spaceport_ServiceDesc%;Storage Spaces Driver (spaceport) - /owner unsupported/ - System32\drivers\spaceport.sys O23 - Service: Simple Peripheral Bus Support Library (SpbCx) - /owner unsupported/ - system32\drivers\SpbCx.sys O23 - Service: VAIO Entertainment Common Service (SpfService) - /owner unsupported/ - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - /owner unsupported/ - C:\WINDOWS\System32\spoolsv.exe O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - /owner unsupported/ - C:\WINDOWS\system32\sppsvc.exe O23 - Service: @%systemroot%\system32\srvsvc.dll,-102 (srv) - /owner unsupported/ - System32\DRIVERS\srv.sys O23 - Service: @%systemroot%\system32\srvsvc.dll,-104 (srv2) - /owner unsupported/ - System32\DRIVERS\srv2.sys O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @mshdc.inf,%storahci_ServiceDescription%;Microsoft Standard SATA AHCI Driver (storahci) - /owner unsupported/ - System32\drivers\storahci.sys O23 - Service: @%SystemRoot%\system32\vmstorfltres.dll,-1000 (storflt) - /owner unsupported/ - System32\drivers\vmstorfl.sys O23 - Service: @stornvme.inf,%StorNVMe_ServiceDesc%;Microsoft Standard NVM Express Driver (stornvme) - /owner unsupported/ - System32\drivers\stornvme.sys O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\svsvc.dll,-101 (svsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @swenum.inf,%SWENUM.SVCDESC%;Software Bus Driver (swenum) - /owner unsupported/ - \SystemRoot\System32\drivers\swenum.sys O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: Acronis Sync Agent Service (syncagentsrv) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe O23 - Service: @oem17.inf,%SynTP.SvcDesc%;Synaptics TouchPad Driver (SynTP) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\SynTP.sys O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%windir%\system32\SystemEventsBrokerServer.dll,-1001 (SystemEventsBroker) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50003 (Tcpip) - /owner unsupported/ - System32\drivers\tcpip.sys O23 - Service: @netip6.inf,%MS_TCPIP6.TCPIP6.ServiceDescription%;Microsoft IPv6 Protocol Driver (TCPIP6) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tcpip.sys O23 - Service: TCP/IP Registry Compatibility (tcpipreg) - /owner unsupported/ - System32\drivers\tcpipreg.sys O23 - Service: Acronis Try&Decide and Restore Points filter (tdrpman) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tdrpman.sys O23 - Service: @%SystemRoot%\system32\tcpipcfg.dll,-50004 (tdx) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tdx.sys O23 - Service: @termmou.inf,%TermInpt.SVCDESC%;Microsoft Remote Desktop Input Driver (terminpt) - /owner unsupported/ - \SystemRoot\System32\drivers\terminpt.sys O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: Acronis TIB Manager (tib) - /owner unsupported/ - system32\DRIVERS\tib.sys O23 - Service: Acronis TIB Mounter (tib_mounter) - /owner unsupported/ - system32\DRIVERS\tib_mounter.sys O23 - Service: @%windir%\system32\TimeBrokerServer.dll,-1001 (TimeBroker) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @tpm.inf,%TPM%;TPM (TPM) - /owner unsupported/ - \SystemRoot\system32\drivers\tpm.sys O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - /owner unsupported/ - C:\WINDOWS\servicing\TrustedInstaller.exe O23 - Service: @tsgenericusbdriver.inf,%TsUsbGD.DeviceDesc.Generic%;Remote Desktop Generic USB Device (TsUsbGD) - /owner unsupported/ - \SystemRoot\System32\drivers\TsUsbGD.sys O23 - Service: @nettun.inf,%TUNNEL.Service.DisplayName%;Microsoft Tunnel Miniport Adapter Driver (tunnel) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\tunnel.sys O23 - Service: @machine.inf,%uagp35_svcdesc%;Microsoft AGPv3.5 Filter (uagp35) - /owner unsupported/ - System32\drivers\uagp35.sys O23 - Service: @uaspstor.inf,%UASPortName%;USB Attached SCSI (UAS) Driver (UASPStor) - /owner unsupported/ - \SystemRoot\System32\drivers\uaspstor.sys O23 - Service: USB Controller Extension (UCX01000) - /owner unsupported/ - \SystemRoot\System32\drivers\ucx01000.sys O23 - Service: udfs (udfs) - /owner unsupported/ - system32\DRIVERS\udfs.sys O23 - Service: @uefi.inf,%UEFI.SvcDesc%;Microsoft UEFI Driver (UEFI) - /owner unsupported/ - \SystemRoot\System32\drivers\UEFI.sys O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - /owner unsupported/ - C:\WINDOWS\system32\UI0Detect.exe O23 - Service: @machine.inf,%uliagpkx_svcdesc%;Uli AGP Bus Filter (uliagpkx) - /owner unsupported/ - System32\drivers\uliagpkx.sys O23 - Service: @umbus.inf,%umbus.SVCDESC%;UMBus Enumerator Driver (umbus) - /owner unsupported/ - \SystemRoot\System32\drivers\umbus.sys O23 - Service: @umpass.inf,%UmPass.SVCDESC%;Microsoft UMPass Driver (UmPass) - /owner unsupported/ - \SystemRoot\System32\drivers\umpass.sys O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - /owner unsupported/ - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @usb.inf,%GenericParent.SvcDesc%;Microsoft USB Generic Parent Driver (usbccgp) - /owner unsupported/ - \SystemRoot\System32\drivers\usbccgp.sys O23 - Service: @usbcir.inf,%usbcir.SVCDESC%;eHome Infrared Receiver (USBCIR) (usbcir) - /owner unsupported/ - \SystemRoot\System32\drivers\usbcir.sys O23 - Service: @usbport.inf,%EHCIMP.SvcDesc%;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver (usbehci) - /owner unsupported/ - \SystemRoot\System32\drivers\usbehci.sys O23 - Service: @usbport.inf,%ROOTHUB.SvcDesc%;Microsoft USB Standard Hub Driver (usbhub) - /owner unsupported/ - \SystemRoot\System32\drivers\usbhub.sys O23 - Service: @usbhub3.inf,%UsbHub3.SVCDESC%;SuperSpeed Hub (USBHUB3) - /owner unsupported/ - \SystemRoot\System32\drivers\UsbHub3.sys O23 - Service: @usbport.inf,%OHCIMP.SvcDesc%;Microsoft USB Open Host Controller Miniport Driver (usbohci) - /owner unsupported/ - \SystemRoot\System32\drivers\usbohci.sys O23 - Service: @usbprint.inf,%USBPRINT.SvcDesc%;Microsoft USB PRINTER Class (usbprint) - /owner unsupported/ - \SystemRoot\System32\drivers\usbprint.sys O23 - Service: @usbstor.inf,%USBSTOR.SvcDesc%;USB Mass Storage Driver (USBSTOR) - /owner unsupported/ - \SystemRoot\System32\drivers\USBSTOR.SYS O23 - Service: @usbport.inf,%UHCIMP.SvcDesc%;Microsoft USB Universal Host Controller Miniport Driver (usbuhci) - /owner unsupported/ - \SystemRoot\System32\drivers\usbuhci.sys O23 - Service: @usbvideo.inf,%USBVideo.SvcDesc%;USB Video Device (WDM) (usbvideo) - /owner unsupported/ - \SystemRoot\System32\Drivers\usbvideo.sys O23 - Service: @usbxhci.inf,%PCI\CC_0C0330.DeviceDesc%;USB xHCI Compliant Host Controller (USBXHCI) - /owner unsupported/ - \SystemRoot\System32\drivers\USBXHCI.SYS O23 - Service: User Energy Server Service (USER_ESRV_SVC) - /owner unsupported/ - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe O23 - Service: VAIO Event Service (VAIO Event Service) - /owner unsupported/ - C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe O23 - Service: VAIO Power Management (VAIO Power Management) - /owner unsupported/ - C:\Program Files\Sony\VAIO Power Management\SPMService.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - /owner unsupported/ - C:\WINDOWS\system32\lsass.exe O23 - Service: VAIO Content Folder Watcher (VCFw) - /owner unsupported/ - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe O23 - Service: VCService (VCService) - /owner unsupported/ - C:\Program Files\Sony\VAIO Care\VCService.exe O23 - Service: @vdrvroot.inf,%vdrvroot_svcdesc%;Microsoft Virtual Drive Enumerator (vdrvroot) - /owner unsupported/ - System32\drivers\vdrvroot.sys O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - /owner unsupported/ - C:\WINDOWS\System32\vds.exe O23 - Service: @%SystemRoot%\system32\drivers\VerifierExt.sys,-1000 (VerifierExt) - /owner unsupported/ - system32\drivers\VerifierExt.sys O23 - Service: @%SystemRoot%\system32\vmbusres.dll,-1000 (vmbus) - /owner unsupported/ - System32\drivers\vmbus.sys O23 - Service: @%systemroot%\system32\vmicres.dll,-801 (vmicguestinterface) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-101 (vmicheartbeat) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-201 (vmickvpexchange) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-601 (vmicrdv) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-301 (vmicshutdown) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-401 (vmictimesync) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%systemroot%\system32\vmicres.dll,-501 (vmicvss) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @volmgr.inf,%volmgr_svcdesc%;Volume Manager Driver (volmgr) - /owner unsupported/ - System32\drivers\volmgr.sys O23 - Service: @%SystemRoot%\system32\drivers\volmgrx.sys,-100 (volmgrx) - /owner unsupported/ - System32\drivers\volmgrx.sys O23 - Service: @volume.inf,%VolumeClassName%;Storage volumes (volsnap) - /owner unsupported/ - System32\drivers\volsnap.sys O23 - Service: @wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus (vpci) - /owner unsupported/ - \SystemRoot\System32\drivers\vpci.sys O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - /owner unsupported/ - C:\WINDOWS\system32\vssvc.exe O23 - Service: @vstxraid.inf,%Driver.DeviceDesc%;VIA StorX Storage RAID Controller Windows Driver (VSTXRAID) - /owner unsupported/ - System32\drivers\vstxraid.sys O23 - Service: VUAgent (VUAgent) - /owner unsupported/ - C:\Program Files\Sony\VAIO Update\vuagent.exe O23 - Service: @%SystemRoot%\System32\drivers\vwifibus.sys,-257 (vwifibus) - /owner unsupported/ - \SystemRoot\System32\drivers\vwifibus.sys O23 - Service: @%SystemRoot%\System32\drivers\vwififlt.sys,-259 (vwififlt) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\vwififlt.sys O23 - Service: @%SystemRoot%\System32\drivers\vwifimp.sys,-261 (vwifimp) - /owner unsupported/ - \SystemRoot\system32\DRIVERS\vwifimp.sys O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @hiddigi.inf,%WacomPen.SVCDESC%;Wacom Serial Pen HID Driver (WacomPen) - /owner unsupported/ - \SystemRoot\System32\drivers\wacompen.sys O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - /owner unsupported/ - C:\WINDOWS\system32\wbengine.exe O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\System32\wcmsvc.dll,-4097 (Wcmsvc) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - /owner unsupported/ - C:\WINDOWS\System32\svchost.exe O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - /owner unsupported/ - C:\WINDOWS\system32\svchost.exe O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-390 (WdBoot) - /owner unsupported/ - system32\drivers\WdBoot.sys O23 - Service: @%SystemRoot%\system32\drivers\Wdf01000.sys,-1000 (Wdf01000) - /owner unsupported/ - syste Share this post Link to post Share on other sites
Juliet Report post Posted February 9, 2015 Hi One of those items pictured is possibly a driver update, can't guarantee that but we can check. What issues are you having?, virus alerts, browser errors? ~~~~~~~~~~~~~~~~~~` - Save ALL Tools to your Desktop- All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step. Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using. Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. Choose Settings. at the bottom of the screen click the "Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK. Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu. Internet Explorer - Click the Tools menu in the upper right-corner of the browser. Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen. NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop. ~~~~~~~~ Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop. Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run. Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme. Click Yes to the disclaimer. Ensure the Addition.txt box is checked. Click the Scan button and let the programme run. Upon completion, click OK, then OK on the Addition.txt pop up screen. Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 (edited) I'm not really having any issues; I just don't want unknown icons in my system tray. They just recently appeared; I check it regularly. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-02-2015 Ran by MrHappyGoLucky12 (administrator) on JOHN-PC-VAIO on 09-02-2015 11:27:50 Running from C:\Users\MrHappyGoLucky12\Desktop Loaded Profiles: MrHappyGoLucky12 (Available profiles: MrHappyGoLucky12) Platform: Windows 8.1 (X64) OS Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Two Pilots) C:\Windows\VPDAgent_x64.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Windows ® Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe (The Neat Company) C:\Program Files (x86)\Neat\exec\NeatStartupService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe (Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe (Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe (Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe (Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe () C:\Program Files\Sony\VAIO Care\listener.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe (Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe (iolo technologies, LLC) C:\Program Files\Sony\VAIO Care\Iolo\ioloTools.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [startCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.) Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Run: [GoogleChromeAutoLaunch_193928417959A0B74D1B60975331D7B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [898376 2015-02-04] (Google Inc.) HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Run: [Google Update] => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2015-01-07] (Google Inc.) HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7780120 2015-01-22] (SUPERAntiSpyware) ShellIconOverlayIdentifiers: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) ShellIconOverlayIdentifiers-x32: [shareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-770957529-1316470831-3961421521-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://sony13.msn.com SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpoint.com/results.html?v=insMac&t=1411&ap=578080078&q={searchTerms}&r=25 BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll (IvoSoft) Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF Plugin: @java.com/DTPlugin,version=10.5.0 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-770957529-1316470831-3961421521-1001: @tools.google.com/Google Update;version=3 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKU\S-1-5-21-770957529-1316470831-3961421521-1001: @tools.google.com/Google Update;version=9 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.) Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.msn.com/?cobrand=sony13.msn.com&ocid=SNYDHP&pc=MASAJS" CHR Profile: C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-07] CHR Extension: (Google Docs) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-07] CHR Extension: (Google Drive) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-07] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-07] CHR Extension: (YouTube) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-07] CHR Extension: (Google Cast) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\boadgeojelhgndaghljhdicfkmllpafd [2015-01-07] CHR Extension: (Facebook) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2015-02-06] CHR Extension: (Screen capture, screenshot share/save) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjbjepchlgclmpinlbbeinajphohgfod [2015-01-08] CHR Extension: (Google Search) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-07] CHR Extension: (Session Buddy) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\edacconmaakjimmfgnblocblbcdcpbko [2015-02-08] CHR Extension: (Google Sheets) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-07] CHR Extension: (AdBlock) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-01-23] CHR Extension: (feedly) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2015-02-08] CHR Extension: (Cisco WebEx Extension) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlhmfgmfgeifomenelglieieghnjghma [2015-02-05] CHR Extension: (Google Wallet) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-07] CHR Extension: (Diigo Web Collector - Capture and Annotate) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\oojbgadfejifecebmdnhhkbhdjaphole [2015-01-08] CHR Extension: (Send from Gmail (by Google)) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2015-01-08] CHR Extension: (Gmail) - C:\Users\MrHappyGoLucky12\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-07] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) R2 Agent; C:\WINDOWS\VPDAgent_x64.exe [148480 2014-05-20] (Two Pilots) [File not signed] R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [318592 2013-11-29] (Windows ® Win 7 DDK provider) S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-28] (Microsoft Corporation) R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [128896 2012-07-24] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-24] (Intel Corporation) R2 Neat Startup Service; C:\Program Files (x86)\Neat\exec\NeatStartupService.exe [6144 2014-08-06] (The Neat Company) [File not signed] S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [639576 2013-05-10] (Sony Corporation) R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [487960 2014-12-16] (Sony Corporation) R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-11-19] (Intel Corporation) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-11-19] (Intel Corporation) S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-11-07] (Sony Corporation) R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2015-01-05] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-01-05] (Microsoft Corporation) R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-11-29] (Atheros) [File not signed] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-27] (Advanced Micro Devices, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-12-02] (Qualcomm Atheros Communications, Inc.) R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-11-29] (Qualcomm Atheros) R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-11-29] (Qualcomm Atheros) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink) R3 rimssne; C:\Windows\System32\drivers\rimssne64.sys [103424 2012-08-22] (REDC) R3 risdsnxc; C:\Windows\System32\drivers\risdsnxc64.sys [104960 2012-08-22] (REDC) R3 RTL8168; C:\Windows\system32\DRIVERS\rtlh64.sys [681688 2015-01-21] (Inventec ) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R3 semav6thermal64ro; C:\WINDOWS\system32\drivers\semav6thermal64ro.sys [13792 2015-01-04] () R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-23] (Synaptics Incorporated) R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-10] (Sony Corporation) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2015-01-06] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2015-01-06] (Acronis) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-01-05] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-09 11:27 - 2015-02-09 11:28 - 00020849 _____ () C:\Users\MrHappyGoLucky12\Desktop\FRST.txt 2015-02-09 11:27 - 2015-02-09 11:27 - 00000000 ____D () C:\FRST 2015-02-09 11:17 - 2015-02-09 11:17 - 02132992 _____ (Farbar) C:\Users\MrHappyGoLucky12\Desktop\FRST64.exe 2015-02-09 10:42 - 2015-02-09 10:42 - 21868120 _____ (Summitsoft) C:\Users\MrHappyGoLucky12\Downloads\Setup-LDStudioPro-v1.7.1 (1).exe 2015-02-09 01:37 - 2015-02-09 01:37 - 21868120 _____ (Summitsoft) C:\Users\MrHappyGoLucky12\Downloads\Setup-LDStudioPro-v1.7.1.exe 2015-02-08 23:19 - 2015-02-08 23:19 - 14042763 _____ () C:\Users\MrHappyGoLucky12\Downloads\PAN Foundation Training for CFS & Fibromyalgia (Resources).zip 2015-02-08 22:55 - 2015-02-08 22:55 - 30826994 _____ () C:\Users\MrHappyGoLucky12\Downloads\cockytwinks.mp4 2015-02-08 20:18 - 2015-02-08 20:18 - 22531717 _____ () C:\Users\MrHappyGoLucky12\Downloads\Jobrien0318.mp4 2015-02-08 17:38 - 2015-02-08 17:38 - 00000077 _____ () C:\WINDOWS\setupact.log 2015-02-08 17:38 - 2015-02-08 17:38 - 00000000 _____ () C:\WINDOWS\setuperr.log 2015-02-08 17:37 - 2015-02-08 17:37 - 02983872 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2015-02-08 17:37 - 2015-02-08 17:37 - 00000720 _____ () C:\WINDOWS\PFRO.log 2015-02-08 16:45 - 2015-02-08 16:46 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2015-02-08 16:45 - 2015-02-08 16:45 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\SUPERAntiSpyware.com 2015-02-08 16:45 - 2015-02-08 16:45 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com 2015-02-08 16:45 - 2015-02-08 16:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-02-08 16:42 - 2015-02-08 16:56 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-02-08 16:42 - 2015-02-08 16:48 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-02-08 16:42 - 2015-02-08 16:42 - 00001403 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-02-08 16:42 - 2015-02-08 16:42 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking 2015-02-08 16:42 - 2015-02-08 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-02-08 16:42 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2015-02-08 16:24 - 2015-02-08 16:24 - 00000000 ____D () C:\ProgramData\ClassicShell 2015-02-08 16:24 - 2015-02-08 16:00 - 00002170 _____ () C:\Users\MrHappyGoLucky12\AppData\Roaming\Microsoft\Windows\Start Menu\startscreen.lnk 2015-02-08 16:00 - 2015-02-08 16:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell 2015-02-08 11:12 - 2015-02-08 12:30 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\YouCaring 2015-02-08 00:14 - 2015-02-08 00:14 - 00388608 _____ (Trend Micro Inc.) C:\Users\MrHappyGoLucky12\Downloads\HijackThis.exe 2015-02-07 18:13 - 2015-02-07 18:13 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\MrHappyGoLucky12\Downloads\spybot-2.4.exe 2015-02-07 14:42 - 2015-02-07 14:43 - 21173480 _____ (SUPERAntiSpyware) C:\Users\MrHappyGoLucky12\Downloads\SUPERAntiSpyware.exe 2015-02-06 22:22 - 2015-02-06 22:22 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-02-06 22:22 - 2015-02-06 22:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-02-06 22:22 - 2015-02-06 22:22 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-02-06 22:22 - 2015-02-06 22:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-02-06 22:22 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-02-06 22:22 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-02-06 22:22 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-02-06 05:30 - 2015-02-06 05:30 - 00597304 _____ () C:\Users\MrHappyGoLucky12\Downloads\flux-setup.exe 2015-02-06 04:45 - 2015-02-06 05:20 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Naturalsoft 2015-02-06 04:41 - 2015-02-06 04:41 - 19548464 _____ (Naturalsoft limited ) C:\Users\MrHappyGoLucky12\Downloads\standardsetup (1).exe 2015-02-06 04:39 - 2015-02-06 04:42 - 184316376 _____ (Ai Squared) C:\Users\MrHappyGoLucky12\Downloads\WindowEyesForOfficeEnglish9000.exe 2015-02-05 13:51 - 2015-02-05 13:51 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\webex 2015-02-05 13:50 - 2015-02-05 13:50 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Mozilla 2015-02-05 13:50 - 2015-02-05 13:50 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\WebEx 2015-02-05 13:50 - 2015-02-05 13:50 - 00000000 ____D () C:\ProgramData\WebEx 2015-02-05 04:12 - 2015-02-05 04:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IZArc 2015-02-05 04:00 - 2015-02-05 04:00 - 00000000 ____D () C:\ProgramData\IntelDLM 2015-02-05 03:42 - 2015-02-05 03:42 - 00053564 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502050342148564.log 2015-02-05 03:42 - 2015-02-05 03:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2015-02-05 03:25 - 2015-02-05 03:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Intel 2015-02-05 03:25 - 2015-02-05 03:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver Update Utility 2015-02-05 03:25 - 2015-02-05 03:25 - 00000000 ____D () C:\Program Files (x86)\Intel Driver Update Utility 2015-02-05 03:05 - 2015-02-08 17:27 - 00000000 ____D () C:\WINDOWS\Minidump 2015-02-05 02:24 - 2015-02-08 12:46 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\StartPoint 2015-02-05 02:24 - 2015-02-05 04:20 - 00000000 ____D () C:\Program Files (x86)\IZArc 2015-02-04 13:49 - 2015-02-04 15:13 - 1043816448 _____ () C:\Users\MrHappyGoLucky12\Downloads\DRP_14.15_Full.iso 2015-02-04 11:58 - 2015-02-08 22:52 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\ClassicShell 2015-02-04 11:58 - 2015-02-08 16:00 - 00000000 ____D () C:\Program Files\Classic Shell 2015-02-04 11:57 - 2015-02-04 11:57 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia 2015-02-04 11:57 - 2015-02-04 11:57 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia 2015-02-04 11:55 - 2015-02-05 06:03 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Raptr 2015-02-04 11:55 - 2015-02-05 06:03 - 00000000 ____D () C:\Program Files (x86)\Raptr 2015-02-04 11:55 - 2015-02-04 11:55 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\library_dir 2015-02-04 11:54 - 2015-02-04 11:54 - 00053564 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201502041154531636.log 2015-02-04 11:54 - 2015-02-04 11:54 - 00000000 ____D () C:\ProgramData\AMD 2015-02-04 11:54 - 2015-02-04 11:54 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2015-02-04 11:53 - 2015-02-04 11:53 - 00000000 ____D () C:\Program Files (x86)\AMD 2015-02-04 11:46 - 2015-02-05 03:37 - 00000000 ____D () C:\ProgramData\Package Cache 2015-02-04 11:45 - 2015-02-05 03:37 - 00000000 ____D () C:\Program Files\AMD 2015-02-04 11:44 - 2015-02-04 13:33 - 00000000 ____D () C:\AMD 2015-02-02 13:24 - 2015-02-02 13:24 - 00000000 ____D () C:\ProgramData\Summitsoft 2015-02-02 13:24 - 2015-02-02 13:24 - 00000000 ____D () C:\ProgramData\Caphyon 2015-02-02 13:24 - 2015-02-02 13:24 - 00000000 ____D () C:\Program Files (x86)\Summitsoft 2015-02-02 13:23 - 2015-02-02 13:23 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Summitsoft 2015-02-01 14:12 - 2015-02-01 14:12 - 07989957 _____ () C:\Users\MrHappyGoLucky12\Downloads\aaalogo41.zip 2015-01-30 18:00 - 2015-01-30 18:00 - 22864074 _____ () C:\Users\MrHappyGoLucky12\Downloads\Highandbi420.mp4 2015-01-30 13:33 - 2015-01-30 13:33 - 00017604 _____ () C:\Users\MrHappyGoLucky12\Downloads\Start-Up-Expenses.xlsx 2015-01-29 08:06 - 2015-01-29 08:06 - 23064137 _____ () C:\Users\MrHappyGoLucky12\Downloads\Haunted_pants.mp4 2015-01-29 02:34 - 2015-01-29 02:35 - 25032457 _____ () C:\Users\MrHappyGoLucky12\Downloads\Sellers69.mp4 2015-01-28 23:33 - 2015-01-28 23:33 - 33225659 _____ () C:\Users\MrHappyGoLucky12\Downloads\Izzy20153.mp4 2015-01-28 10:07 - 2015-01-28 10:07 - 46215387 _____ () C:\Users\MrHappyGoLucky12\Downloads\Abaraks91.mp4 2015-01-27 22:42 - 2015-01-27 22:42 - 56692946 _____ () C:\Users\MrHappyGoLucky12\Downloads\Powwow69.mp4 2015-01-27 22:11 - 2015-01-27 22:11 - 31823251 _____ () C:\Users\MrHappyGoLucky12\Downloads\Izzy20152.mp4 2015-01-27 04:58 - 2015-01-27 04:58 - 45234264 _____ () C:\Users\MrHappyGoLucky12\Downloads\Raintree03.mp4 2015-01-27 04:17 - 2015-01-27 04:17 - 40695855 _____ () C:\Users\MrHappyGoLucky12\Downloads\Cuteboytoy89.mp4 2015-01-26 20:42 - 2015-01-26 20:42 - 35238074 _____ () C:\Users\MrHappyGoLucky12\Downloads\Izzy2015.mp4 2015-01-26 11:45 - 2015-01-26 11:45 - 12348934 _____ () C:\Users\MrHappyGoLucky12\Downloads\Madmedic85.mp4 2015-01-25 15:34 - 2015-01-25 15:34 - 00002794 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2015-01-25 15:34 - 2015-01-25 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-01-25 15:34 - 2015-01-25 15:34 - 00000000 ____D () C:\Program Files\CCleaner 2015-01-25 09:13 - 2015-01-25 09:23 - 00000000 ____D () C:\Stuff 2015-01-25 08:10 - 2015-01-25 08:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-01-25 08:09 - 2015-01-25 08:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2015-01-25 08:09 - 2015-01-25 08:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2015-01-25 07:48 - 2014-04-15 18:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-01-25 07:48 - 2014-04-15 18:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2015-01-21 07:01 - 2015-01-21 07:01 - 00681688 _____ (Inventec ) C:\WINDOWS\system32\Drivers\rtlh64.sys 2015-01-21 07:01 - 2015-01-21 07:01 - 00075480 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll 2015-01-19 10:40 - 2015-01-19 10:40 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Cyberlink 2015-01-18 22:54 - 2015-01-19 06:50 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\DVD Flick 2015-01-18 22:28 - 2015-01-21 19:59 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\DVD Flick 2015-01-18 22:27 - 2015-01-18 22:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVD Flick 2015-01-18 22:26 - 2015-01-18 22:27 - 00000000 ____D () C:\Program Files (x86)\DVD Flick 2015-01-18 22:26 - 2008-08-31 13:27 - 00028672 _____ (-) C:\WINDOWS\SysWOW64\mousewheel.ocx 2015-01-18 22:26 - 2007-08-31 18:36 - 00036864 _____ (Robdogg Inc.) C:\WINDOWS\SysWOW64\trayicon_handler.ocx 2015-01-18 22:26 - 2004-03-09 00:00 - 01081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomctl.ocx 2015-01-18 22:26 - 2004-03-09 00:00 - 00662288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscomct2.ocx 2015-01-18 22:26 - 2004-03-09 00:00 - 00609824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.ocx 2015-01-18 22:26 - 2004-03-09 00:00 - 00212240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\richtx32.ocx 2015-01-18 22:26 - 2003-01-26 13:41 - 00040960 _____ (vbAccelerator) C:\WINDOWS\SysWOW64\ssubtmr6.dll 2015-01-18 22:26 - 1998-06-24 00:00 - 00164144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comct232.ocx 2015-01-18 21:47 - 2015-01-18 21:47 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2015-01-16 15:02 - 2015-02-08 23:26 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Screencast-O-Matic 2015-01-16 15:02 - 2015-01-16 15:02 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screencast-O-Matic 2015-01-14 08:30 - 2015-01-14 08:30 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2015-01-14 06:16 - 2015-01-14 06:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005 2015-01-14 06:15 - 2015-01-14 06:15 - 00000000 ____D () C:\Program Files\Microsoft Analysis Services 2015-01-14 06:15 - 2015-01-14 06:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Analysis Services 2015-01-14 02:27 - 2014-12-19 01:26 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2015-01-14 02:27 - 2014-12-11 21:04 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWbPrxy.exe 2015-01-14 02:27 - 2014-12-11 19:51 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys 2015-01-14 02:27 - 2014-12-08 20:50 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2015-01-14 02:27 - 2014-12-08 14:42 - 00535640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2015-01-14 02:27 - 2014-12-08 14:42 - 00531616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-01-14 02:27 - 2014-12-08 14:42 - 00448792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2015-01-14 02:27 - 2014-12-08 14:42 - 00413248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2015-01-14 02:27 - 2014-12-08 14:42 - 00372408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll 2015-01-14 02:27 - 2014-12-08 14:42 - 00108944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll 2015-01-14 02:27 - 2014-12-08 14:42 - 00038264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2015-01-14 02:27 - 2014-12-08 14:42 - 00033584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe 2015-01-14 02:27 - 2014-12-05 22:17 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll 2015-01-14 02:27 - 2014-12-05 20:41 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll 2015-01-14 02:27 - 2014-12-05 20:35 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2015-01-13 13:25 - 2015-01-13 13:25 - 00067810 _____ () C:\Users\MrHappyGoLucky12\Downloads\myshazam-history.html 2015-01-13 04:52 - 2015-01-13 04:53 - 122418480 _____ (Apple Inc.) C:\Users\MrHappyGoLucky12\Downloads\iTunes64Setup.exe 2015-01-12 13:07 - 2015-01-14 06:16 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8 2015-01-12 08:08 - 2015-01-12 08:10 - 00103835 _____ () C:\WINDOWS\system32\sdtn 2015-01-12 06:13 - 2015-01-12 06:14 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\Logo Ideas 2015-01-12 00:21 - 2015-01-12 00:21 - 00000000 ____D () C:\Program Files\Common Files\DESIGNER 2015-01-10 00:53 - 2015-01-10 00:53 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon 2015-01-10 00:53 - 2015-01-10 00:53 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Amazon ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-02-09 11:14 - 2015-01-07 02:01 - 00000978 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA.job 2015-02-09 11:00 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2015-02-09 10:55 - 2015-01-07 01:43 - 00000932 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-02-09 06:50 - 2015-01-05 08:46 - 01620841 _____ () C:\WINDOWS\WindowsUpdate.log 2015-02-09 04:14 - 2015-01-07 02:01 - 00000926 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core.job 2015-02-08 18:55 - 2015-01-07 01:43 - 00000928 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-02-08 18:42 - 2015-01-04 18:31 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-770957529-1316470831-3961421521-1001 2015-02-08 17:45 - 2014-09-24 02:15 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2015-02-08 17:38 - 2013-08-22 09:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2015-02-08 17:36 - 2013-08-22 08:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2015-02-08 17:27 - 2015-01-04 22:10 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\CrashDumps 2015-02-08 15:55 - 2015-01-04 18:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Packages 2015-02-08 15:55 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2015-02-06 16:41 - 2012-07-26 02:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2015-02-05 18:50 - 2015-01-07 01:43 - 00003904 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-02-05 18:50 - 2015-01-07 01:43 - 00003668 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-02-05 06:03 - 2015-01-07 01:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-02-05 06:03 - 2015-01-05 08:28 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM 2015-02-05 06:03 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\WinMetadata 2015-02-05 05:57 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\registration 2015-02-05 05:56 - 2015-01-08 10:37 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\uTorrent 2015-02-05 05:55 - 2015-01-04 10:37 - 00000000 ____D () C:\Program Files\ATI 2015-02-05 04:09 - 2015-01-07 02:01 - 00003946 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA 2015-02-05 04:09 - 2015-01-07 02:01 - 00003566 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core 2015-02-05 03:41 - 2015-01-04 10:37 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2015-02-05 03:17 - 2015-01-04 19:32 - 00000000 ____D () C:\Update 2015-02-05 03:08 - 2015-01-05 08:34 - 00000000 ____D () C:\Users\MrHappyGoLucky12 2015-02-04 11:57 - 2015-01-05 07:17 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\Adobe 2015-02-04 11:41 - 2012-07-26 03:12 - 00000000 ____D () C:\WINDOWS\LiveKernelReports 2015-02-03 14:31 - 2014-09-24 04:55 - 00714720 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-02-03 14:31 - 2014-09-24 04:55 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-02 14:57 - 2015-01-04 18:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Local\VirtualStore 2015-01-27 23:44 - 2015-01-05 08:25 - 00000000 ___DC () C:\WINDOWS\Panther 2015-01-26 01:29 - 2013-08-22 10:36 - 00000000 ____D () C:\WINDOWS\rescache 2015-01-25 15:01 - 2015-01-08 04:34 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Software 2015-01-25 08:31 - 2015-01-06 19:26 - 00000000 ____D () C:\ProgramData\Oracle 2015-01-25 08:31 - 2015-01-04 10:44 - 00000000 ____D () C:\Program Files (x86)\Java 2015-01-25 08:30 - 2015-01-06 19:27 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-01-20 04:39 - 2015-01-04 21:29 - 00000000 ____D () C:\Users\Guest 2015-01-20 04:39 - 2015-01-04 21:29 - 00000000 ____D () C:\Users\Administrator 2015-01-19 10:40 - 2015-01-08 07:30 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\CyberLink 2015-01-19 10:40 - 2015-01-04 11:14 - 00000000 ____D () C:\ProgramData\CyberLink 2015-01-18 02:37 - 2015-01-06 21:06 - 00000000 ____D () C:\Users\MrHappyGoLucky12\Downloads\Torso Shots 2015-01-15 04:00 - 2015-01-05 02:50 - 00000000 ____D () C:\WINDOWS\system32\MRT 2015-01-15 03:55 - 2015-01-05 02:50 - 113365784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-01-14 06:17 - 2015-01-06 22:05 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-01-14 06:16 - 2015-01-06 22:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2015-01-14 06:16 - 2015-01-06 22:05 - 00000000 ____D () C:\Program Files\Microsoft Office 2015-01-14 06:15 - 2014-09-24 01:53 - 00000000 ____D () C:\WINDOWS\ShellNew 2015-01-12 13:07 - 2015-01-05 08:15 - 00000000 ____D () C:\Program Files (x86)\MSBuild 2015-01-12 08:08 - 2015-01-06 22:50 - 00000000 ____D () C:\ProgramData\boost_interprocess 2015-01-12 04:30 - 2015-01-04 18:25 - 00000000 ____D () C:\Users\MrHappyGoLucky12\AppData\Roaming\Adobe ==================== Files in the root of some directories ======= 2015-01-04 10:33 - 2015-01-04 10:33 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-09 04:57 ==================== End Of Log ============================ Edited February 9, 2015 by MrHappyGoLucky12 Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-02-2015 Ran by MrHappyGoLucky12 at 2015-02-09 11:28:38 Running from C:\Users\MrHappyGoLucky12\Desktop Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.) Adobe Anchor Service x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe CMaps x64 CS4 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe Creative Suite 4 Design Premium (HKLM-x32\...\Adobe_55230b0b70661df0f212e88f0b655f7) (Version: 4.0 - Adobe Systems Incorporated) Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden Adobe Flash Player 10 Plugin (HKLM-x32\...\{03DEEAD2-F3B7-45BF-9006-A25D015F00D2}) (Version: 10.0.2.54 - Adobe Systems, Inc.) Adobe Fonts All x64 (Version: 2.0 - Adobe Systems Incorporated) Hidden Adobe InDesign CS4 Icon Handler x64 (Version: 6.0 - Adobe Systems Incorporated) Hidden Adobe Linguistics CS4 x64 (Version: 4.0.0 - Adobe Systems Incorporated) Hidden Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated) Adobe PDF Library Files x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS4 (64 Bit) (Version: 11.0 - Adobe Systems Incorporated) Hidden Adobe Reader X (10.1.13) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.13 - Adobe Systems Incorporated) Adobe Type Support x64 CS4 (Version: 9.0 - Adobe Systems Incorporated) Hidden Adobe WinSoft Linguistics Plugin x64 (Version: 1.1 - Adobe Systems Incorporated) Hidden Amazon Kindle (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Amazon Kindle) (Version: - Amazon) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) ArtRage Studio (HKLM-x32\...\{5A9FE63F-F201-4D55-9F5F-06DDB239AC4F}) (Version: 3.5.5 - Ambient Design) CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform) ChromecastApp (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\{079ede36-133d-44b0-8053-c7c1fa8d2e0d}_is1) (Version: 1.5.1383.0 - Google Inc.) Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC) Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft) Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.1923 - CyberLink Corp.) CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.) Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc) DVD Flick 1.3.0.7 (HKLM-x32\...\DVD Flick_is1) (Version: 1.3.0.7 - Dennis Meuwissen) FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden Intel® Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3097 - Intel Corporation) Intel® Driver Update Utility 2.0 (x32 Version: 2.0.0.29 - Intel) Hidden Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation) Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation) Intel® Driver Update Utility (HKLM-x32\...\{8409c4f7-2340-4933-a304-5d37db4fb48b}) (Version: 2.0.0.29 - Intel) IZArc 4.1.9 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.9 - Ivan Zahariev) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation) MergeModule_x64 (Version: 9.1.00 - Sony Corporation) Hidden MergeModule_x86 (x32 Version: 9.1.00 - Sony Corporation) Hidden Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Core Components (x64) ENU (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Sync Framework 2.0 Provider Services (x64) ENU (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Neat (HKLM-x32\...\Neat) (Version: 5.5.2.7 - The Neat Company) Neat ADF Scanner Driver (HKLM\...\{A55F1206-BFA7-4027-92B8-CE4EFDBC3CF2}) (Version: 2.0.2.5 - The Neat Company) Neat Core Files (x32 Version: 5.5.2.7 - The Neat Company) Hidden Neat Mobile Scanner Driver (HKLM\...\{7EA2D88A-C8B7-4102-8644-0A437B6FC143}) (Version: 2.0.1.2 - The Neat Company) NeatConnect Scanner Driver (HKLM\...\{6895EF47-6BD8-468E-BA09-B33636C65B7C}) (Version: 2.0.2.26 - The Neat Company) Networkx64 (Version: 1.0.0 - Sony Corporation) Hidden PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden Photoshop Camera Raw_x64 (Version: 5.0 - Adobe Systems Incorporated) Hidden Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden PlayMemories Home (HKLM-x32\...\{93AA5B49-0994-4EF6-80F3-868C9CEA88ED}) (Version: 4.1.00.12152 - Sony Corporation) PMB_ModeEditor (x32 Version: 9.1.00 - Sony Corporation) Hidden PMB_ServiceUploader (x32 Version: 9.1.00 - Sony Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.312 - Qualcomm Atheros Communications) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6748 - Realtek Semiconductor Corp.) Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.) Screencast-O-Matic (HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\Screencast-O-Matic) (Version: - Screencast-O-Matic) SCS Shortcut (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden Send To Neat (HKLM\...\{237E305C-B625-466A-88CE-1E121BF4FDB1}) (Version: 1.1.0.0 - The Neat Company) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden SOHLib for PlayMemories Home (Version: 1.0.3.02170 - Sony Corporation) Hidden Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden Store App Support Utility (HKLM\...\{B93C07D4-49FF-440D-8A6A-054A42AEA960}) (Version: 1.0.0.02240 - Sony Corporation) Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1170 - SUPERAntiSpyware.com) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.5 - Synaptics Incorporated) SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft) True Image WD Edition (HKLM-x32\...\{85CB1512-2D4A-4469-AC21-6B111D169CEB}) (Version: 16.0.5962 - Acronis) VAIO - Remote Keyboard (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation) VAIO - Remote Keyboard with PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.0.09210 - Sony Corporation) VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.3.2.07020 - Sony Corporation) VAIO Care (HKLM\...\{EF649526-0134-46A8-8DF3-D7F9309E48DB}) (Version: 8.4.2.12046 - Sony Corporation) VAIO Care Hardware Diagnostics Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.11.1.11220 - Sony Corporation) VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation) VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.0.0.08200 - Sony Corporation) VAIO CPU Fan Diagnostic (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation) VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation) VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.1.02270 - Sony Corporation) VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.0.0.08060 - Sony Corporation) VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.0.0.08240 - Sony Corporation) VAIO Gesture Control (x32 Version: 2.0.0.08240 - Sony Corporation) Hidden VAIO Health Report (HKLM-x32\...\VAIO Health Report1.0) (Version: 1.0 - Sony Electronics) VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation) VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.0.0.08090 - Sony Corporation) VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation) VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.2.11060 - Sony Corporation) VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation) VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden VAIO Touch Search (HKLM\...\{F792DDDD-71C8-419E-AE05-46B0CDB1BEC8}) (Version: 1.1.0.1511 - Sony Corporation) VAIO Transfer Support (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.8.0.08212 - Sony Corporation) VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.0.14270 - Sony Corporation) VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden VIx64 (Version: 1.0.0 - Sony Corporation) Hidden VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VU5x64 (Version: 1.1.0 - Sony Corporation ) Hidden VU5x86 (x32 Version: 1.1.0 - Sony Corporation ) Hidden VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden WD Discovery (HKLM-x32\...\{A80AE043-EF68-4B64-9C6F-088405FED315}) (Version: 102.0.1.10 - Western Digital Technologies, Inc.) Windows Driver Package - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (HKLM\...\FF9ECD00DD25FDB7D3208607214790302878ACBE) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.) XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-770957529-1316470831-3961421521-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-770957529-1316470831-3961421521-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll (Google Inc.) ==================== Restore Points ========================= 01-02-2015 18:40:40 Installed VAIO Control Center 04-02-2015 11:45:56 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 06-02-2015 04:44:33 Installed NaturalReaderFree. 08-02-2015 15:59:52 Installed Classic Shell ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 08:25 - 2013-08-22 08:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {00F3E119-13FC-4D80-9BFC-725460F4D310} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation) Task: {07836C30-FCDA-4621-A7AD-27E65A8C15BD} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {228DCC54-BED7-488F-9EC5-3C37C26B77EB} - System32\Tasks\VAIO Health Report => C:\Program Files (x86)\Sony\VAIO Health Report\VAIOHealthReport.exe [2013-06-20] (Sony Electronics) Task: {2F95344D-1E2B-4143-A4F2-D010127651E1} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation) Task: {342197E5-8384-430C-A7A1-CBA0037D0E9A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-01-15] (Microsoft Corporation) Task: {3F6B5AAC-498C-4E5D-B77C-1C225612C63E} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.) Task: {41979E1A-639B-4543-93CE-BFEA62BC20D6} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.) Task: {46DE998A-BD44-412B-9C66-665F82CF31C9} - System32\Tasks\Sony Corporation\Store App Support Utility\Store App Support Utility Logon Start => C:\Program Files\Sony\Store App Support Utility\StoreAppSupportUtility.exe [2014-02-25] (Sony Corporation) Task: {4B5A54C4-B59C-43C5-A18C-58DCE6C9DA89} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation) Task: {4F24BBAE-8BD0-4CBF-A2DC-CE37C428A9CB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd) Task: {669DE123-377A-4F8B-8CB9-1B9D1C7BD629} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink) Task: {6E2DBB5B-73C8-41AF-9808-1F10EE7C90FD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION Task: {6EF3C709-B24E-499E-B258-E008F491ED07} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation) Task: {77AA09A1-3E11-49DC-B8A8-31CAF2FECC3A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {7C3365E2-C46A-4113-94B6-647FF680FBA3} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2014-01-16] (Sony Corporation) Task: {7D60BBAE-AD27-4DEB-A46F-0D7E71E50122} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation) Task: {7DA985C7-08CA-43AC-886E-14D847FBB77F} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {8105D4F1-32D4-41F1-854E-3558A4FC1C8A} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {8A54771C-2C3F-4A3B-A37A-0CECADBA0D11} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.) Task: {904D9CDB-E289-45D6-B84F-0CB4D32EF45A} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation) Task: {91E35717-4E6E-4FDB-AC73-CA99C727905A} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION Task: {973AE939-C934-44CF-91F5-A154BC232523} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {A28E0959-0B58-4912-9E2A-426FE9D8C78E} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {A767092B-5E52-41C7-9636-3A933B7CEBD1} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {A8FA66AA-0471-48D6-9A96-F48767501E19} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-23] (Synaptics Incorporated) Task: {AF419618-A1F8-436E-AB2A-296B1E293503} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation) Task: {B3ECA20E-8544-4CE8-852B-70F340A75BA1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.) Task: {BDC289EC-ED97-41CB-9276-F5305F66E753} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-22] (Sony Corporation) Task: {BED68E5A-4CB5-46A4-8B90-4DA314268413} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.) Task: {C5B7ACBD-0074-49C6-BC7B-FF0EB043BC8D} - System32\Tasks\VaioRegistrationDesktopTask => C:\Program Files\Sony\VAIO Registration\Sony.VAIO.Desktop.RegistrationTask.exe [2012-08-09] (Sony) Task: {D3FB53A3-443A-4824-A776-3FEED275816C} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {D4F6E84B-875F-4B63-AD0D-40B4B094543D} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-01-27] (Sony Corporation) Task: {D6FCD591-6E9B-42F2-9D91-C07A90BD8FA3} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2014-01-16] (Sony Corporation) Task: {D7ACCB95-B891-4197-9004-DBE8993D39C3} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {DA554793-C27C-434D-AAC7-A36545B721C5} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs" Task: {DCBE709D-E0DA-4C37-827C-7F5B02F4E348} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-02-28] (Sony Corporation) Task: {E1C9339A-65D0-4DF7-BF57-99890B2BBA5F} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2014-12-03] (Sony Corporation) Task: {E668F37A-18E5-41FD-A057-64044E9F0A4A} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {F1D0BE98-CD09-42BE-944E-4C0B40C2ED1A} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {F4AEA0DD-9168-4E7A-BF58-55D625632F2B} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2014-12-03] (Sony Corporation) Task: {F98BF843-B1DC-48FD-B109-43AA828F21E0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-07] (Google Inc.) Task: {FBF4A743-2AD6-4D40-98A9-A0F706638CB9} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2014-07-04] (Sony Corporation) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001Core.job => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-770957529-1316470831-3961421521-1001UA.job => C:\Users\MrHappyGoLucky12\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Loaded Modules (whitelisted) ============== 2015-01-06 22:41 - 2014-05-20 14:01 - 00054784 _____ () C:\WINDOWS\System32\sdtnpm.dll 2014-12-02 16:52 - 2014-12-02 16:52 - 00029184 _____ () C:\WINDOWS\System32\ssm4mlm.dll 2015-02-05 04:12 - 2012-07-20 14:39 - 02469888 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll 2014-12-02 16:52 - 2014-12-02 16:52 - 01199104 _____ () C:\WINDOWS\system32\spool\DRIVERS\x64\3\ssm4mdu.dll 2015-02-05 18:57 - 2015-02-04 03:53 - 01450312 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll 2015-02-05 18:57 - 2015-02-04 03:53 - 00205128 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll 2015-02-05 18:57 - 2015-02-04 03:53 - 10864456 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll 2013-11-19 13:21 - 2013-11-19 13:21 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe 2015-02-05 18:57 - 2015-02-04 03:53 - 26771784 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll 2015-02-08 16:42 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-02-08 16:42 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-02-08 16:42 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-02-08 16:42 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-02-08 16:42 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-01-04 11:14 - 2012-06-07 22:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2012-06-08 14:34 - 2012-06-08 14:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2014-03-06 03:10 - 2014-03-06 03:10 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2015-01-04 10:41 - 2012-07-24 21:52 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll 2013-11-19 13:21 - 2013-11-19 13:21 - 00347136 _____ () C:\Program Files\Sony\VAIO Care\Iolo\vosges.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Registry Areas ===================== (Currently there is no automatic fix for this section.) HKU\S-1-5-21-770957529-1316470831-3961421521-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img2 Wallpaper 1600x900.jpg ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run: => "IgfxTray" HKLM\...\StartupApproved\Run: => "HotKeysCmds" HKLM\...\StartupApproved\Run: => "Persistence" HKLM\...\StartupApproved\Run: => "StartCCC" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKLM\...\StartupApproved\Run32: => "Acrobat Assistant 8.0" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKLM\...\StartupApproved\Run32: => "StartCCC" HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher" HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_193928417959A0B74D1B60975331D7B6" HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "Google Update" HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-770957529-1316470831-3961421521-1001\...\StartupApproved\Run: => "SUPERAntiSpyware" ==================== Accounts: ============================= Administrator (S-1-5-21-770957529-1316470831-3961421521-500 - Administrator - Disabled) Guest (S-1-5-21-770957529-1316470831-3961421521-501 - Limited - Disabled) MrHappyGoLucky12 (S-1-5-21-770957529-1316470831-3961421521-1001 - Administrator - Enabled) => C:\Users\MrHappyGoLucky12 ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (02/09/2015 04:57:06 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Error: (02/09/2015 01:44:25 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Error: (02/08/2015 05:36:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffeae9eb291 Faulting process id: 0x1734 Faulting application start time: 0xVCAgent.exe0 Faulting application path: VCAgent.exe1 Faulting module path: VCAgent.exe2 Report Id: VCAgent.exe3 Faulting package full name: VCAgent.exe4 Faulting package-relative application ID: VCAgent.exe5 Error: (02/08/2015 05:36:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: VCAgent.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunInternal(System.Windows.Window) at System.Windows.Application.Run() at VCAgent.App.Main() Error: (02/08/2015 00:32:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: VCAgent.exe, version: 8.4.2.12030, time stamp: 0x5476d099 Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000 Exception code: 0xc0000005 Fault offset: 0x00007ffe5c74b0c1 Faulting process id: 0x1a30 Faulting application start time: 0xVCAgent.exe0 Faulting application path: VCAgent.exe1 Faulting module path: VCAgent.exe2 Report Id: VCAgent.exe3 Faulting package full name: VCAgent.exe4 Faulting package-relative application ID: VCAgent.exe5 Error: (02/08/2015 00:32:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: VCAgent.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunInternal(System.Windows.Window) at System.Windows.Application.Run() at VCAgent.App.Main() Error: (02/08/2015 04:29:10 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Error: (02/07/2015 02:47:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: startpoint.exe, version: 1.1.0.2, time stamp: 0x549aff45 Faulting module name: ntdll.dll, version: 6.3.9600.17476, time stamp: 0x54516af9 Exception code: 0xc0000374 Fault offset: 0x000e5be4 Faulting process id: 0x2330 Faulting application start time: 0xstartpoint.exe0 Faulting application path: startpoint.exe1 Faulting module path: startpoint.exe2 Report Id: startpoint.exe3 Faulting package full name: startpoint.exe4 Faulting package-relative application ID: startpoint.exe5 Error: (02/07/2015 09:28:40 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. Error: (02/07/2015 03:57:53 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest2" on line C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest3. A component version required by the application conflicts with another component version already active. Conflicting components are:. Component 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifest. Component 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifest. System errors: ============= Error: (02/09/2015 04:58:03 AM) (Source: DCOM) (EventID: 10010) (User: JOHN-PC-VAIO) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (02/09/2015 04:57:33 AM) (Source: DCOM) (EventID: 10010) (User: JOHN-PC-VAIO) Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} Error: (02/09/2015 01:42:40 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the afcdpsrv service. Error: (02/09/2015 01:42:00 AM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the afcdpsrv service. Error: (02/09/2015 01:08:45 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO) Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (02/09/2015 00:48:59 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO) Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (02/09/2015 00:47:50 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO) Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (02/09/2015 00:47:35 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO) Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (02/09/2015 00:42:35 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO) Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable Error: (02/09/2015 00:41:37 AM) (Source: DCOM) (EventID: 10016) (User: JOHN-PC-VAIO) Description: machine-defaultLocalActivation{000C101C-0000-0000-C000-000000000046}{000C101C-0000-0000-C000-000000000046}JOHN-PC-VAIOMrHappyGoLucky12S-1-5-21-770957529-1316470831-3961421521-1001LocalHost (Using LRPC)UnavailableUnavailable Microsoft Office Sessions: ========================= Error: (02/09/2015 04:57:06 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe Error: (02/09/2015 01:44:25 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe Error: (02/08/2015 05:36:26 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffeae9eb291173401d043c82e81d5dcC:\Program Files\Sony\VAIO Care\VCAgent.exeunknownea7bccd2-afe2-11e4-be90-083e8ecc3af2 Error: (02/08/2015 05:36:26 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: VCAgent.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunInternal(System.Windows.Window) at System.Windows.Application.Run() at VCAgent.App.Main() Error: (02/08/2015 00:32:12 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: VCAgent.exe8.4.2.120305476d099unknown0.0.0.000000000c000000500007ffe5c74b0c11a3001d04121126cdfa7C:\Program Files\Sony\VAIO Care\VCAgent.exeunknown6a23c293-afb8-11e4-be8f-083e8ecc3af2 Error: (02/08/2015 00:32:12 PM) (Source: .NET Runtime) (EventID: 1026) (User: ) Description: Application: VCAgent.exe Framework Version: v4.0.30319 Description: The process was terminated due to an unhandled exception. Exception Info: System.NullReferenceException Stack: at VCAgent.View.MainWindow.WindowProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at System.Windows.Interop.HwndSource.PublicHooksFilterMessage(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef) at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object) at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32) at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate) at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.DefWndProcWrapper(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.CallWindowProc(IntPtr, IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at MS.Win32.UnsafeNativeMethods.IntGetMessageW(System.Windows.Interop.MSG ByRef, System.Runtime.InteropServices.HandleRef, Int32, Int32) at System.Windows.Threading.Dispatcher.GetMessage(System.Windows.Interop.MSG ByRef, IntPtr, Int32, Int32) at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame) at System.Windows.Application.RunInternal(System.Windows.Window) at System.Windows.Application.Run() at VCAgent.App.Main() Error: (02/08/2015 04:29:10 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe Error: (02/07/2015 02:47:55 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: startpoint.exe1.1.0.2549aff45ntdll.dll6.3.9600.1747654516af9c0000374000e5be4233001d041796f56aef4C:\Users\MrHappyGoLucky12\AppData\Local\StartPoint\startpoint\1.3.18.7\startpoint.exeC:\WINDOWS\SYSTEM32\ntdll.dll355173c8-af02-11e4-be8f-083e8ecc3af2 Error: (02/07/2015 09:28:40 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe Error: (02/07/2015 03:57:53 AM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_a9ed7f470139b3c1.manifestC:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17415_none_6240486fecbd8abb.manifestC:\Program Files\CCleaner\CCleaner.exe CodeIntegrity Errors: =================================== Date: 2015-02-09 01:43:59.096 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-05 14:39:36.928 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-04 01:04:34.739 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-02-03 18:01:36.812 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-30 04:19:12.774 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-30 04:19:12.617 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-30 04:19:12.414 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-30 04:19:12.258 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-30 04:15:57.908 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-01-30 04:15:57.736 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel® Core i7-3632QM CPU @ 2.20GHz Percentage of memory in use: 45% Total physical RAM: 8064.39 MB Available physical RAM: 4382.45 MB Total Pagefile: 16256.39 MB Available Pagefile: 11096.96 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:235.57 GB) (Free:144.13 GB) NTFS Drive d: (Duck Dynasty - Season 1) (CDROM) (Total:5.06 GB) (Free:0 GB) UDF Drive e: (Libraries) (Fixed) (Total:656.83 GB) (Free:191.55 GB) NTFS Drive f: (Contacts) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive g: (Documents) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive h: (Favorites) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive i: (Music) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive j: (Pictures) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive k: (Software) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive l: (Videos) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive w: (Work) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive x: (School) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive y: (Public) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS Drive z: (Personal) (Network) (Total:1851.39 GB) (Free:1064.22 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 14786A41) Partition: GPT Partition Type. ==================== End Of Log ============================ Share this post Link to post Share on other sites
Juliet Report post Posted February 9, 2015 Just a little bit found. Open notepad. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. save it to the Desktop as fixlist.txt NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work. It needs to be saved Next to the "Farbar Recovery Scan Tool" (If asked to overwrite existing one please allow) start CloseProcesses: SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpo...archTerms}&r=25 Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION EmptyTemp: End Open FRST/FRST64 and press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. ~~~~~~~~~~~~~~~~~~~~~~~~~~` Please run a Threat Scan with Malwarebytes' Anti-Malware. Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware. Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply. ~~~~~~~~~~~~~~` AdwCleaner Please download AdwCleaner and save the file to your Desktop. Right-Click AdwCleaner.exe and select Run as administrator to run the programme. Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply. -- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner.txt. Please post fixlist.txt Malwarebytes log AdwCleaner.txt Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 Malwarebytes Anti-Malware www.malwarebytes.org Update, 2/9/2015 3:35:51 PM, SYSTEM, JOHN-PC-VAIO, Manual, Malware Database, 2015.2.7.3, 2015.2.9.9, Scan, 2/9/2015 3:58:23 PM, SYSTEM, JOHN-PC-VAIO, Manual, Start:2/9/2015 3:36:01 PM, Duration:22 min 22 sec, Threat Scan, Completed, 0 Malware Detections, 0 Non-Malware Detections, (end) Share this post Link to post Share on other sites
Juliet Report post Posted February 9, 2015 Able to run ? fixlist.txt AdwCleaner.txt Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-02-2015 Ran by MrHappyGoLucky12 at 2015-02-09 15:24:22 Run:1 Running from C:\Users\MrHappyGoLucky12\Desktop Loaded Profiles: MrHappyGoLucky12 (Available profiles: MrHappyGoLucky12) Boot Mode: Normal ============================================== Content of fixlist: ***************** start CloseProcesses: SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpo...archTerms}&r=25 Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION EmptyTemp: End ***************** Processes closed successfully. "HKU\S-1-5-21-770957529-1316470831-3961421521-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C125A386-E11C-446D-94D8-25011520D962}" => Key deleted successfully. HKCR\CLSID\{C125A386-E11C-446D-94D8-25011520D962} => Key not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6EB2B437-ECFC-4929-912D-B1A7E361AF3C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6EB2B437-ECFC-4929-912D-B1A7E361AF3C}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartPoint" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{959793F8-000E-4196-AE1C-F56D26C1FAF4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{959793F8-000E-4196-AE1C-F56D26C1FAF4}" => Key deleted successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\StartPoint Updater" => Key deleted successfully. EmptyTemp: => Removed 422.1 MB temporary data. The system needed a reboot. ==== End of Fixlog 15:24:27 ==== Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 # AdwCleaner v4.110 - Logfile created 09/02/2015 at 17:20:56 # Updated 05/02/2015 by Xplode # Database : 2015-02-09.1 [server] # Operating system : Windows 8.1 (x64) # Username : MrHappyGoLucky12 - JOHN-PC-VAIO # Running from : C:\Users\MrHappyGoLucky12\Desktop\AdwCleaner.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\MrHappyGoLucky12\AppData\Local\StartPoint ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Classes\keepmysearch Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02} ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17416 -\\ Google Chrome v40.0.2214.111 ************************* AdwCleaner[R0].txt - [1053 bytes] - [09/02/2015 17:10:02] AdwCleaner[s0].txt - [990 bytes] - [09/02/2015 17:20:56] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1048 bytes] ########## Share this post Link to post Share on other sites
Juliet Report post Posted February 9, 2015 Tell me whats happening now? What we can do now is run an online scan with Eset, for the time being it is our most trusted scanner. Most reliable and thorough. The settings I suggest will show us items located in quarantine folders so don't be alarmed with this, also, in case of a false positive I ask that you not allow it to delete what it does find. This scanner can take quite a bit of time to run, depending of course how full your computer is. ESET Online Scan Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled. Please download ESET Online Scan and save the file to your Desktop. Temporarily disable your anti-virus software. For instructions, please refer to the following link. Double-click esetsmartinstaller_enu.exe to run the programme. Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start. Agree to the Terms of Use once more and click Start. Allow components to download. Place a checkmark next to Enable detection of potentially unwanted applications. Click Advanced settings. Place a checkmark next to:Scan archives Scan for potentially unsafe applications Enable Anti-Stealth technology Ensure Remove found threats is unchecked. Click Start. Wait for the scan to finish. Please be patient as this can take some time. Upon completion, click . If no threats were found, skip the next two bullet points. Click and save the file to your Desktop, naming it something such as "MyEsetScan". Push the Back button. Place a checkmark next to and click . Re-enable your anti-virus software. Copy the contents of the log and paste in your next reply. ====================================================== Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 I didn't try your post above, but both items are still in the notifications area like the original image I posted. Share this post Link to post Share on other sites
Juliet Report post Posted February 9, 2015 right click on the icons one at a time, select properties, let's see if we can find some info that way. Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 right click on the icons one at a time, select properties, let's see if we can find some info that way. It's not displayed in the tray, but just shows in the Notification Area Icons settings in Control Panel like in the original picture. Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 Did you see this? https://forums.malwarebytes.org/index.php?/topic/163117-removal-instructions-for-startpoint/ Share this post Link to post Share on other sites
Juliet Report post Posted February 9, 2015 Yes I did SearchScopes: HKU\S-1-5-21-770957529-1316470831-3961421521-1001 -> {C125A386-E11C-446D-94D8-25011520D962} URL = http://search.strtpo...archTerms}&r=25 Task: {6EB2B437-ECFC-4929-912D-B1A7E361AF3C} - \StartPoint No Task File <==== ATTENTION Task: {959793F8-000E-4196-AE1C-F56D26C1FAF4} - \StartPoint Updater No Task File <==== ATTENTION we ran the script for that using FRST and that was the only items found at that time, then we ran a scan using MBAM that came up clean. the only thing we haven't done was reset the browsers or manage addons http://windows.microsoft.com/en-us/internet-explorer/manage-add-ons#ie=ie-11 We can take it a step further and set browsers back to default. Instructions on how to backup your Favourites/Bookmarks and other data can be found below. Backup Internet Explorer Favourites Backup Firefox Bookmarks Backup Chrome Bookmarks Backup Opera Bookmarks (scroll down) Proceed with the reset once done. Internet Explorer: How to reset Internet Explorer settings Firefox: Reset Firefox Chrome: Chrome - Reset browser settings Opera: How to perform a clean reinstall of Opera ~~~~~~~~~~~~~~~~~~~ http://windows.microsoft.com/en-us/windows-vista/remove-icons-from-the-notification-area-system-tray Share this post Link to post Share on other sites
Juliet Report post Posted February 9, 2015 Please download SystemLook from one of the links below and save it to your Desktop. Download Mirror #1 Download Mirror #2 Double-click SystemLook.exe to run it. Copy the content of the following codebox into the main textfield: :folderfind StartPoint :filefind StartPoint :regfind StartPoint Click the Look button to start the scan. When finished, a notepad window will open with the results of the scan. Please post this log in your next reply. Note: The log can also be found on your Desktop entitled SystemLook.txt Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 9, 2015 (edited) We can take it a step further and set browsers back to default. Instructions on how to backup your Favourites/Bookmarks and other data can be found below. Backup Internet Explorer Favourites Backup Firefox Bookmarks Backup Chrome Bookmarks Backup Opera Bookmarks (scroll down) I don't have to backup Chrome Bookmarks, do I? What about Chrome extensions? https://support.google.com/chrome/answer/3296214?hl=en . I don't ever use IE so I don't care about it. Edited February 9, 2015 by MrHappyGoLucky12 Share this post Link to post Share on other sites
Juliet Report post Posted February 10, 2015 I don't have to backup Chrome Bookmarks, do I? What about Chrome extensions? https://support.google.com/chrome/answer/3296214?hl=en . I don't ever use IE so I don't care about it. Thats your choice can you run SystemLook? Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 10, 2015 Hang on; you're giving me too many tasks at once. I'm still on the ESET Online Scan. I made a big mistake. I ran it but skipped one of your directions: Ensure Remove found threats is unchecked.So, it did remove the threats it found. The file log is below. Luckily, I use SyncToy regularly to backup my files to a NAS. Would you recommend I get my deleted files re-established/synced again before we continue? Do any of the files below look malicious? I think they are all legit. E:\Music\Solo Downloader__3687_i868202625_il5993467.exe a variant of Win32/Amonetize.AW potentially unwanted application deleted - quarantined E:\Software\Application Files\BriskAlbumCreatorSetup.exe a variant of Win32/Agent.SZW trojan cleaned by deleting - quarantined E:\Software\Application Files\cbsi-10064069.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined E:\Software\Application Files\cbsidlm-tr1_10a-Akram_Media_Creator-BP-10335566.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined E:\Software\Application Files\cbsidlm-tr1_11-Escaro-ORG-75324425.exe Win32/DownloadAdmin.G potentially unwanted application deleted - quarantined E:\Software\Application Files\dsktopnow.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined E:\Software\Application Files\Flash_Setup.exe a variant of Win32/AirAdInstaller.A potentially unwanted application deleted - quarantined E:\Software\Application Files\FreeVideoToFlashConverter.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined E:\Software\Application Files\iLividSetup.exe Win32/Toolbar.SearchSuite potentially unwanted application deleted - quarantined E:\Software\Application Files\JustCloud_Setup.exe MSIL/MyPCBackup.D potentially unwanted application deleted - quarantined E:\Software\Application Files\MediaPlayerClassic.exe a variant of Win32/Verti.B potentially unwanted application deleted - quarantined E:\Software\Application Files\MediaPlayerClassic_RocketFuelInstaller.exe a variant of Win32/Verti.G potentially unwanted application deleted - quarantined E:\Software\Application Files\mlsetup.exe a variant of Win32/Toolbar.Conduit.H potentially unwanted application deleted - quarantined E:\Software\Application Files\mplayer_Setup.exe a variant of Win32/Adware.iBryte.G application cleaned by deleting - quarantined E:\Software\Application Files\siw-setup.exe Win32/InstallMonetizer.AF potentially unwanted application deleted - quarantined E:\Software\Application Files\SoftonicDownloader_for_biblio.exe a variant of Win32/SoftonicDownloader.G potentially unwanted application deleted - quarantined E:\Software\Application Files\SoftonicDownloader_for_esyplanner.exe Win32/SoftonicDownloader.E potentially unwanted application deleted - quarantined E:\Software\Application Files\SoftonicDownloader_for_mac-os-x-lion-skin-pack.exe Win32/SoftonicDownloader.D potentially unwanted application deleted - quarantined E:\Software\Application Files\UBCD4WinV360.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted application deleted - quarantined E:\Software\Application Files\4,001 Business, Sales & Personal Letters (new)\4001Letters.exe Win32/TrojanDownloader.Autoit.NDV trojan cleaned by deleting - quarantined E:\Software\Application Files\Computer Maintenance\FreeVideoToFlashConverter.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined E:\Software\Bootable OS\UBCD4Win.exe a variant of Win32/Toolbar.Conduit.I potentially unwanted application deleted - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\vncdll.dll Win32/Gimmiv.AA trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\.svn\text-base\vncdll.dll.svn-base Win32/Gimmiv.AA trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\templates\template_x86_darwin.bin OSX/Getshell.B.Gen trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\data\templates\.svn\text-base\template_x86_darwin.bin.svn-base OSX/Getshell.B.Gen trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\external\source\vncdll\output\vncdll.dll Win32/Gimmiv.AA trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\external\source\vncdll\output\.svn\text-base\vncdll.dll.svn-base Win32/Gimmiv.AA trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\firefox_queryinterface.rb JS/Exploit.CVE-2006-0295.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\mozilla_navigatorjava.rb JS/Exploit.CVE-2006-3677.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\.svn\text-base\firefox_queryinterface.rb.svn-base JS/Exploit.CVE-2006-0295.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\multi\browser\.svn\text-base\mozilla_navigatorjava.rb.svn-base JS/Exploit.CVE-2006-3677.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms09_072_style_object.rb JS/Exploit.CVE-2009-3672.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_002_aurora.rb JS/Exploit.CVE-2010-0249 trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_018_ie_behaviors.rb JS/Exploit.CVE-2010-0806.NAH trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\ms10_042_helpctr_xss_cmd_exec.rb HTML/Exploit.CVE-2010-1885.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms09_072_style_object.rb.svn-base JS/Exploit.CVE-2009-3672.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_002_aurora.rb.svn-base JS/Exploit.CVE-2010-0249 trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_018_ie_behaviors.rb.svn-base JS/Exploit.CVE-2010-0806.NAH trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Katana\PortableApps\Metasploit\Metasploit\msf3\modules\exploits\windows\browser\.svn\text-base\ms10_042_helpctr_xss_cmd_exec.rb.svn-base HTML/Exploit.CVE-2010-1885.A trojan cleaned by deleting - quarantined E:\Software\Bootable OS\Win7PE\Projects\Tools\Win7PE_SE\x64\hiderun_x64.exe Win64/HideRun.A potentially unwanted application deleted - quarantined E:\Software\Bootable OS\Win7PE\Projects\Tools\Win7PE_SE\x86\hiderun_x86.exe Win32/HideRun.A potentially unwanted application deleted - quarantined Share this post Link to post Share on other sites
Juliet Report post Posted February 10, 2015 Would you recommend I get my deleted files re-established/synced again before we continue? Up to you Share this post Link to post Share on other sites
Juliet Report post Posted February 10, 2015 Do you use Word Press for blogs/websites?, "Start Point" is a Word Press application. It's possible the install62894.exe is also a Word Press application. check your Word Press control panel to see if you have installed these applications. Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 12, 2015 (edited) I do use WordPress, and I contacted PressCoders, the company i buy my themes from, and they said, "I've not seen those files before so can't say for sure. If in doubt I would Google it and see if anything flags up." Edited February 12, 2015 by MrHappyGoLucky12 Share this post Link to post Share on other sites
Juliet Report post Posted February 12, 2015 We can run other malware scans to try and find something but not sure your computer is infected. What we can do is allow windows updates to install for this cycle and see if that one has to do with anything in windows. Share this post Link to post Share on other sites
MrHappyGoLucky12 Report post Posted February 12, 2015 I'm going to reset browsers and try SystemLook. Share this post Link to post Share on other sites