Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please helpwith htj log, Several issues, even after antimalware.


  • This topic is locked This topic is locked
2 replies to this topic

#1 jennyceklind

jennyceklind

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:03:27 AM

Posted 04 August 2015 - 05:39 AM

I think it has control over my phones also. And I can´t backup anything. Shold I maybe ad this as a file instead of writing here? Please help fast, it´s critickle!
 
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 11:34:56, on 2015-08-04
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17910)
 
 
Boot mode: Normal
Windows folder: C:\Windows
System folder: C:\Windows\system32
Hosts file: C:\Windows\System32\drivers\etc\hosts
 
Running processes:
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Users\Familjen Eklind\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Familjen Eklind\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE
 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/redirectdomain?brand=SVED&bmod=EU01
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.msn.com/?pc=AV01
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: SafeSearchBHO - {690EF1CF-5775-4CB3-A5B8-85A63FD0262B} - C:\Program Files (x86)\F-Secure\SAFE\apps\SafeSearch\IE\FSSafeSearch.dll (file missing)
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll (filesize 460384 bytes, MD5 8EB9D38B606438B57905BB52B183DCA0)
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (filesize 441216 bytes, MD5 CF39A105CD553EED31E2255AFF4C6742)
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (filesize 393600 bytes, MD5 8513A7BB078A669E75F2ADC3FB007B24)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (filesize 194504 bytes, MD5 0C9482B13CA66D9F4A30BFBC730A35B8)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (filesize 1724032 bytes, MD5 53A9FA09033C08D6CF19EC2389554B7E)
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (filesize 562904 bytes, MD5 E04A1418B6CAA33EF61F7B4AE826FC94)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll (filesize 172640 bytes, MD5 F52D98E9964A14BA534AFC5AF0E43BE0)
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (filesize 194504 bytes, MD5 0C9482B13CA66D9F4A30BFBC730A35B8)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun (filesize 98304 bytes, MD5 4EC4260D778FB923BA1AB697AFF6C0E3)
O4 - HKLM\..\Run: [NortonOnlineBackupReminder] "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED (filesize 538472 bytes, MD5 323402CA932682F8E698BE9695BCAE15)
O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exeC:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun (filesize 2670592 bytes, MD5 C5B1EE448BBA2BC81F43E01BF86EF081)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" (filesize 334896 bytes, MD5 4F9DD96AECDC12373D4203253D665C6D)
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (filesize 1475584 bytes, MD5 E3BF29CED96790CDAAFA981FFDDF53A3)
O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" (filesize 39408 bytes, MD5 5D61BE7DB55B026A5D61A3EED09D0EAD)
O4 - HKCU\..\Run: [Sony PC Companion] "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background (filesize 445624 bytes, MD5 D6236D82FA5A8315C302888F22B1EA40)
O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
O4 - HKCU\..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exeC:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Familjen Eklind\AppData\Local\Google\Update\GoogleUpdate.exe" /c (filesize 116648 bytes, MD5 506708142BC63DABA64F2D3AD1DCD5BF)
O4 - HKCU\..\Run: [Google Photos Backup] "C:\Users\Familjen Eklind\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart (filesize 3791176 bytes, MD5 1186D70450081BF2DBEDD479C5F94A90)
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background (filesize 402632 bytes, MD5 EADC02F7D3B46E152704BA64D7CB90FA)
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64" (filesize 302592 bytes, MD5 AD7B9C14083B52BC532FBA5948342B98)
O4 - HKCU\..\RunOnce: [Uninstall C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1] C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1" (filesize 302592 bytes, MD5 AD7B9C14083B52BC532FBA5948342B98)
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=12291" /build:7601 (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=1229" /build:7601 (User 'Default user')
O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (filesize 228552 bytes, MD5 C64E9B1C9EA057DCECDCB98F34377811)
O4 - Global Startup: Bluetooth.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (filesize 393600 bytes, MD5 8513A7BB078A669E75F2ADC3FB007B24)
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (filesize 188256 bytes, MD5 A9B4DB69B89B9D1EFA9040FB8D4A17BE)
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (filesize 188256 bytes, MD5 A9B4DB69B89B9D1EFA9040FB8D4A17BE)
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (filesize 645328 bytes, MD5 42494FFECB4C0083B8A61D08B57D4F5B)
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (filesize 645328 bytes, MD5 42494FFECB4C0083B8A61D08B57D4F5B)
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (filesize 498376 bytes, MD5 40E1F615AC4DF7A476F340E12DEF53AA)
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (filesize 498376 bytes, MD5 40E1F615AC4DF7A476F340E12DEF53AA)
O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (filesize 1724032 bytes, MD5 53A9FA09033C08D6CF19EC2389554B7E)
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (filesize 4037 bytes, MD5 517B320E791B215E729FC723FB1066AA)
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm (filesize 4037 bytes, MD5 517B320E791B215E729FC723FB1066AA)
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://telia-telemote-eng.webex.com/client/T29L10NSP11EP11/webex/ieatgpc1.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = FE
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = FE
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = FE
O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (filesize 1724032 bytes, MD5 53A9FA09033C08D6CF19EC2389554B7E)
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (filesize 42864 bytes, MD5 F70D4A14AB747BAC68B559C046D6FBFF)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (filesize 49776 bytes, MD5 2BFF31508A58EA3F82CA8D6620AE6E13)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exeC:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exeC:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour-tjänst (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exeC:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service (ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exeC:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Tjänsten Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exeC:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exeC:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exeC:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: McAfee Security Scan Component Host Service for Sony (McComponentHostServiceSony) - McAfee, Inc. - C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exeC:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exeC:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exeC:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exeC:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Registry Helper Service - SafeApp Software, LLC - C:\Program Files (x86)\Registry Helper\RegistryHelperservice.exeC:\Program Files (x86)\Registry Helper\RegistryHelperservice.exe
O23 - Service: Roxio UPnP Renderer 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exeC:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
O23 - Service: Roxio Upnp Server 10 - Sonic Solutions - C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exeC:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exeC:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: VAIO Media plus Content Importer (SOHCImp) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exeC:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
O23 - Service: VAIO Media plus Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exeC:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: VAIO Media plus Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exeC:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exeC:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: User Energy Server Service (USER_ESRV_SVC) - Intel Corporation - C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exeC:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
O23 - Service: VAIO Entertainment TV Device Arbitration Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exeC:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation - C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exeC:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Power Management - Sony Corporation - C:\Program Files\Sony\VAIO Power Management\SPMService.exeC:\Program Files\Sony\VAIO Power Management\SPMService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: VAIO Content Folder Watcher (VCFw) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exeC:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
O23 - Service: VAIO Content Metadata Intelligent Analyzing Manager (VcmIAlzMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exeC:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
O23 - Service: VAIO Content Metadata Intelligent Network Service Manager (VcmINSMgr) - Sony Corporation - C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exeC:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
O23 - Service: VAIO Content Metadata XML Interface (VcmXmlIfHelper) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exeC:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
O23 - Service: VCService - Sony Corporation - C:\Program Files\Sony\VAIO Care\VCService.exeC:\Program Files\Sony\VAIO Care\VCService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: VSNService - Sony Corporation - C:\Program Files\Sony\VAIO Smart Network\VSNService.exeC:\Program Files\Sony\VAIO Smart Network\VSNService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: VUAgent - Sony Corporation - C:\Program Files\Sony\VAIO Update\vuagent.exeC:\Program Files\Sony\VAIO Update\vuagent.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
 
--
End of file - 22157 bytes
 
StartupList report, 2015-08-04, 12:44:12
StartupList version: 1.52.2
Started from : C:\Users\Familjen Eklind\HijackThis.EXE
Detected: Windows 7 SP1 (WinNT 6.00.3505)
Detected: Internet Explorer v11.0 (11.00.9600.17910)
* Using default options
* Including empty and uninteresting sections
* Showing rarely important sections
==================================================
 
Running processes:
 
C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe
C:\Users\Familjen Eklind\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe
C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Familjen Eklind\HijackThis.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
--------------------------------------------------
 
Listing of startup folders:
 
Shell folders Startup:
[C:\Users\Familjen Eklind\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
 
Shell folders AltStartup:
*Folder not found*
 
User shell folders Startup:
*Folder not found*
 
User shell folders AltStartup:
*Folder not found*
 
Shell folders Common Startup:
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
Bluetooth.lnk = ?
 
Shell folders Common AltStartup:
*Folder not found*
 
User shell folders Common Startup:
*Folder not found*
 
User shell folders Alternate Common Startup:
*Folder not found*
 
--------------------------------------------------
 
Checking Windows NT UserInit:
 
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = userinit.exe,
 
[HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
 
[HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
*Registry value not found*
 
[HKCU\Software\Microsoft\Windows\CurrentVersion\Winlogon]
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
 
StartCCC = "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
NortonOnlineBackupReminder = "C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe" UNATTENDED
KiesTrayAgent = C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
PMBVolumeWatcher = C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
SunJavaUpdateSched = "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
 
*No values found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
 
Sidebar = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
swg = "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
Sony PC Companion = "C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe" /Background
KiesAirMessage = C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
KiesPDLR = C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
Google Update = "C:\Users\Familjen Eklind\AppData\Local\Google\Update\GoogleUpdate.exe" /c
Google Photos Backup = "C:\Users\Familjen Eklind\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe" /autostart
OneDrive = "C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
 
Uninstall C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1\amd64"
Uninstall C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1 = C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\17.3.5860.0512_1"
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
*No subkeys found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
*No subkeys found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnceEx
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries in Registry subkeys of:
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Run
*Registry key not found*
 
--------------------------------------------------
 
File association entry for .EXE:
HKEY_CLASSES_ROOT\exefile\shell\open\command
 
(Default) = "%1" %*
 
--------------------------------------------------
 
File association entry for .COM:
HKEY_CLASSES_ROOT\comfile\shell\open\command
 
(Default) = "%1" %*
 
--------------------------------------------------
 
File association entry for .BAT:
HKEY_CLASSES_ROOT\batfile\shell\open\command
 
(Default) = "%1" %*
 
--------------------------------------------------
 
File association entry for .PIF:
HKEY_CLASSES_ROOT\piffile\shell\open\command
 
(Default) = "%1" %*
 
--------------------------------------------------
 
File association entry for .SCR:
HKEY_CLASSES_ROOT\scrfile\shell\open\command
 
(Default) = "%1" /S
 
--------------------------------------------------
 
File association entry for .HTA:
HKEY_CLASSES_ROOT\htafile\shell\open\command
 
(Default) = C:\Windows\SysWOW64\mshta.exe "%1" %*
 
--------------------------------------------------
 
File association entry for .TXT:
HKEY_CLASSES_ROOT\txtfile\shell\open\command
 
(Default) = %SystemRoot%\system32\NOTEPAD.EXE %1
 
--------------------------------------------------
 
Enumerating Active Setup stub paths:
HKLM\Software\Microsoft\Active Setup\Installed Components
(* = disabled by HKCU twin)
 
[>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}]
StubPath = %SystemRoot%\system32\unregmp2.exe /ShowWMP
 
[{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] *
StubPath = %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
 
[{2D46B6DC-2207-486B-B523-A557E6D54B47}] *
StubPath = C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
 
[{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] *
StubPath = "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
 
[{6BF52A52-394A-11d3-B153-00C04F79FAA6}] *
StubPath = %SystemRoot%\system32\unregmp2.exe /FirstLogon /Shortcuts /RegBrowsers /ResetMUI
 
[{89820200-ECBD-11cf-8B85-00AA005B4340}] *
StubPath = regsvr32.exe /s /n /i:U shell32.dll
 
[{89B4C1CD-B018-4511-B0A1-5476DBF70820}] *
StubPath = C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
 
[{8A69D345-D564-463c-AFF1-A69D9E530F96}]
StubPath = "C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
 
--------------------------------------------------
 
Enumerating ICQ Agent Autostart apps:
HKCU\Software\Mirabilis\ICQ\Agent\Apps
 
*Registry key not found*
 
--------------------------------------------------
 
Load/Run keys from C:\Windows\WIN.INI:
 
load=*INI section not found*
run=*INI section not found*
 
Load/Run keys from Registry:
 
HKLM\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKLM\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKLM\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\WinLogon: run=*Registry value not found*
HKCU\..\Windows\CurrentVersion\WinLogon: load=*Registry key not found*
HKCU\..\Windows\CurrentVersion\WinLogon: run=*Registry key not found*
HKCU\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKCU\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: load=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: run=*Registry value not found*
HKLM\..\Windows NT\CurrentVersion\Windows: AppInit_DLLs=
 
--------------------------------------------------
 
Shell & screensaver key from C:\Windows\SYSTEM.INI:
 
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
 
Shell & screensaver key from Registry:
 
Shell=explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
 
Policies Shell key:
 
HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*
 
--------------------------------------------------
 
Checking for EXPLORER.EXE instances:
 
C:\Windows\Explorer.exe: PRESENT!
 
C:\Explorer.exe: not present
C:\Windows\Explorer\Explorer.exe: not present
C:\Windows\System\Explorer.exe: not present
C:\Windows\System32\Explorer.exe: not present
C:\Windows\Command\Explorer.exe: not present
C:\Windows\Fonts\Explorer.exe: not present
 
--------------------------------------------------
 
Checking for superhidden extensions:
 
.lnk: HIDDEN! (arrow overlay: yes)
.pif: HIDDEN! (arrow overlay: yes)
.exe: not hidden
.com: not hidden
.bat: not hidden
.hta: not hidden
.scr: not hidden
.shs: *Registry key not found*
.shb: *Registry key not found*
.vbs: not hidden
.vbe: not hidden
.wsh: not hidden
.scf: HIDDEN! (arrow overlay: NO!)
.url: HIDDEN! (arrow overlay: yes)
.js: not hidden
.jse: not hidden
 
--------------------------------------------------
 
Verifying REGEDIT.EXE integrity:
 
- Regedit.exe found in C:\Windows
- .reg open command is normal (regedit.exe %1)
- Company name OK: 'Microsoft Corporation'
- Original filename NOT OK: 'REGEDIT.EXE.MUI'
- File description: 'Registereditorn'
 
Registry check failed!
 
--------------------------------------------------
 
Enumerating Browser Helper Objects:
 
SafeSearchBHO - C:\Program Files (x86)\F-Secure\SAFE\apps\SafeSearch\IE\FSSafeSearch.dll (file missing) - {690EF1CF-5775-4CB3-A5B8-85A63FD0262B}
(no name) - C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll - {9FDDE16B-836F-4806-AB1F-1455CBEFF289}
(no name) - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll - {AA58ED58-01DD-4d91-8333-CF10577473F7}
SkypeIEPluginBHO - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
URLRedirectionBHO - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL - {B4F3A835-0E21-4959-BA22-42B3008E02FF}
(no name) - C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll - {DBC80044-A445-435b-BC74-9C25C1C588A9}
 
--------------------------------------------------
 
Enumerating Task Scheduler jobs:
 
Adobe Flash Player Updater.job
GoogleUpdateTaskMachineCore.job
GoogleUpdateTaskMachineUA.job
GoogleUpdateTaskUserS-1-5-21-4190664580-616784828-3825689836-1000Core.job
GoogleUpdateTaskUserS-1-5-21-4190664580-616784828-3825689836-1000UA.job
 
--------------------------------------------------
 
Enumerating Download Program Files:
 
[Java Plug-in 11.51.2]
InProcServer32 = C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2iexp.dll
 
[Java Plug-in 1.6.0_20]
InProcServer32 = C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2iexp.dll
 
[Java Plug-in 11.51.2]
InProcServer32 = C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2iexp.dll
 
[GpcContainer Class]
InProcServer32 = C:\Windows\Downloaded Program Files\ieatgpc.dll
 
--------------------------------------------------
 
Enumerating Winsock LSP files:
 
NameSpace #1: C:\Windows\system32\NLAapi.dll
NameSpace #2: C:\Windows\system32\napinsp.dll
NameSpace #3: C:\Windows\system32\pnrpnsp.dll
NameSpace #4: C:\Windows\system32\pnrpnsp.dll
NameSpace #5: C:\Windows\system32\wshbth.dll
NameSpace #6: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #7: C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
NameSpace #8: C:\Windows\System32\mswsock.dll
NameSpace #9: C:\Windows\System32\winrnr.dll
NameSpace #10: C:\Program Files (x86)\Bonjour\mdnsNSP.dll
Protocol #1: C:\Windows\system32\mswsock.dll
Protocol #2: C:\Windows\system32\mswsock.dll
Protocol #3: C:\Windows\system32\mswsock.dll
Protocol #4: C:\Windows\system32\mswsock.dll
Protocol #5: C:\Windows\system32\mswsock.dll
Protocol #6: C:\Windows\system32\mswsock.dll
Protocol #7: C:\Windows\system32\mswsock.dll
Protocol #8: C:\Windows\system32\mswsock.dll
Protocol #9: C:\Windows\system32\mswsock.dll
Protocol #10: C:\Windows\system32\mswsock.dll
Protocol #11: C:\Windows\system32\mswsock.dll
 
--------------------------------------------------
 
Enumerating Windows NT/2000/XP services
 
1394 OHCI Compliant Host Controller: \SystemRoot\system32\drivers\1394ohci.sys (manual start)
ArcSoft Connect Daemon: C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (manual start)
Microsoft ACPI Driver: system32\drivers\ACPI.sys (system)
ACPI Power Meter Driver: \SystemRoot\system32\drivers\acpipmi.sys (manual start)
Adobe Acrobat Update Service: "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe" (autostart)
Adobe Flash Player Update Service: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (manual start)
adp94xx: \SystemRoot\system32\drivers\adp94xx.sys (manual start)
adpahci: \SystemRoot\system32\drivers\adpahci.sys (manual start)
adpu320: \SystemRoot\system32\drivers\adpu320.sys (manual start)
@%SystemRoot%\system32\aelupsvc.dll,-1: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\drivers\afd.sys,-1000: \SystemRoot\system32\drivers\afd.sys (system)
Intel AGP Bus Filter: \SystemRoot\system32\drivers\agp440.sys (manual start)
@%SystemRoot%\system32\Alg.exe,-112: %SystemRoot%\System32\alg.exe (manual start)
aliide: \SystemRoot\system32\drivers\aliide.sys (manual start)
AMD External Events Utility: %SystemRoot%\system32\atiesrxx.exe (autostart)
amdide: \SystemRoot\system32\drivers\amdide.sys (manual start)
AMD K8 Processor Driver: \SystemRoot\system32\drivers\amdk8.sys (manual start)
amdkmdag: system32\DRIVERS\atipmdag.sys (manual start)
amdkmdap: system32\DRIVERS\atikmpag.sys (manual start)
AMD Processor Driver: \SystemRoot\system32\drivers\amdppm.sys (manual start)
amdsata: system32\drivers\amdsata.sys (system)
amdsbs: \SystemRoot\system32\drivers\amdsbs.sys (manual start)
amdxata: system32\drivers\amdxata.sys (system)
amd_sata: system32\DRIVERS\amd_sata.sys (system)
amd_xata: system32\DRIVERS\amd_xata.sys (system)
Alps Pointing-device Filter Driver: \SystemRoot\system32\drivers\Apfiltr.sys (manual start)
@%systemroot%\system32\appidsvc.dll,-102: \SystemRoot\system32\drivers\appid.sys (manual start)
@%systemroot%\system32\appidsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%systemroot%\system32\appinfo.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Apple Mobile Device: "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" (autostart)
arc: \SystemRoot\system32\drivers\arc.sys (manual start)
arcsas: \SystemRoot\system32\drivers\arcsas.sys (manual start)
ArcSoft Magic-I Visual Effect: system32\DRIVERS\ArcSoftKsUFilter.sys (manual start)
ASP.NET tillståndstjänst: %SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe (manual start)
@%systemroot%\system32\rascfg.dll,-32000: system32\DRIVERS\asyncmac.sys (manual start)
IDE-kanal: system32\drivers\atapi.sys (system)
Atheros Extensible Wireless LAN device driver: system32\DRIVERS\athrx.sys (manual start)
atikmdag: system32\DRIVERS\atikmdag.sys (manual start)
AMD PCI Express (3GIO) Filter: system32\drivers\AtiPcie.sys (system)
@%SystemRoot%\system32\audiosrv.dll,-204: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\audiosrv.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
AVFSFilter: system32\DRIVERS\avfsfilter.sys (manual start)
@%SystemRoot%\system32\AxInstSV.dll,-103: %SystemRoot%\system32\svchost.exe -k AxInstSVGroup (manual start)
Broadcom NetXtreme II VBD: \SystemRoot\system32\drivers\bxvbda.sys (manual start)
Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0: system32\DRIVERS\b57nd60a.sys (manual start)
@%SystemRoot%\system32\bdesvc.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\bfe.dll,-1001: %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%SystemRoot%\system32\qmgr.dll,-1000: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
blbdrive: \SystemRoot\system32\drivers\blbdrive.sys (system)
Bonjour-tjänst: "C:\Program Files\Bonjour\mDNSResponder.exe" (autostart)
@%systemroot%\system32\browser.dll,-102: system32\DRIVERS\bowser.sys (manual start)
Brother USB Mass-Storage Lower Filter Driver: \SystemRoot\system32\drivers\BrFiltLo.sys (manual start)
Brother USB Mass-Storage Upper Filter Driver: \SystemRoot\system32\drivers\BrFiltUp.sys (manual start)
@%systemroot%\system32\browser.dll,-100: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Brother MFC Serial Port Interface Driver (WDM): \SystemRoot\System32\Drivers\Brserid.sys (manual start)
Brother WDM Serial driver: \SystemRoot\System32\Drivers\BrSerWdm.sys (manual start)
Brother MFC USB Fax Only Modem: \SystemRoot\System32\Drivers\BrUsbMdm.sys (manual start)
Brother MFC USB Serial WDM Driver: \SystemRoot\System32\Drivers\BrUsbSer.sys (manual start)
Bluetooth Request Block Driver: \SystemRoot\system32\drivers\BthEnum.sys (manual start)
Bluetooth Serial Communications Driver: \SystemRoot\system32\drivers\bthmodem.sys (manual start)
Bluetooth Device (Personal Area Network): system32\DRIVERS\bthpan.sys (manual start)
Bluetooth Port Driver: \SystemRoot\System32\Drivers\BTHport.sys (manual start)
@%SystemRoot%\System32\bthserv.dll,-101: %SystemRoot%\system32\svchost.exe -k bthsvcs (manual start)
Bluetooth Radio USB Driver: \SystemRoot\System32\Drivers\BTHUSB.sys (manual start)
Bluetooth AVDT: \SystemRoot\system32\drivers\btwavdt.sys (manual start)
Bluetooth Service: C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (disabled)
btwrchid: \SystemRoot\system32\drivers\btwrchid.sys (manual start)
Skype Click to Call Updater: "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service (autostart)
Skype Click to Call PNR Service: "C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe" /service (autostart)
CD/DVD File System Reader: system32\DRIVERS\cdfs.sys (disabled)
CD-ROM-drivrutin: system32\DRIVERS\cdrom.sys (system)
@%SystemRoot%\System32\certprop.dll,-11: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
Consumer IR Devices: \SystemRoot\system32\drivers\circlass.sys (manual start)
@%SystemRoot%\system32\clfs.sys,-100: System32\CLFS.sys (system)
Microsoft .NET Framework NGEN v2.0.50727_X86: %systemroot%\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (manual start)
Microsoft .NET Framework NGEN v2.0.50727_X64: %systemroot%\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (manual start)
Microsoft .NET Framework NGEN v4.0.30319_X86: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (autostart)
Microsoft .NET Framework NGEN v4.0.30319_X64: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe (autostart)
Microsoft ACPI Control Method Battery Driver: \SystemRoot\system32\drivers\CmBatt.sys (manual start)
cmdide: \SystemRoot\system32\drivers\cmdide.sys (manual start)
: System32\Drivers\cng.sys (system)
Microsoft Composite Battery Driver: system32\drivers\compbatt.sys (system)
Composite Bus Enumerator Driver: \SystemRoot\system32\drivers\CompositeBus.sys (manual start)
@comres.dll,-947: %SystemRoot%\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} (manual start)
Crcdisk Filter Driver: \SystemRoot\system32\drivers\crcdisk.sys (disabled)
@%SystemRoot%\system32\cryptsvc.dll,-1001: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
Client Virtualization Handler: "C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE" (autostart)
@oleres.dll,-5012: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%SystemRoot%\system32\defragsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k defragsvc (manual start)
@%systemroot%\system32\drivers\dfsc.sys,-101: System32\Drivers\dfsc.sys (system)
dgderdrv: System32\drivers\dgderdrv.sys (manual start)
SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.): system32\DRIVERS\ssudbus.sys (manual start)
@%SystemRoot%\system32\dhcpcore.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%SystemRoot%\system32\UtcResources.dll,-3001: %SystemRoot%\System32\svchost.exe -k utcsvc (autostart)
@%systemroot%\system32\drivers\discache.sys,-102: System32\drivers\discache.sys (system)
Diskdrivrutin: system32\drivers\disk.sys (system)
@%SystemRoot%\System32\dnsapi.dll,-101: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@%systemroot%\system32\dot3svc.dll,-1102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\dps.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (autostart)
Betrodda ljuddrivrutiner: \SystemRoot\system32\drivers\drmkaud.sys (manual start)
LDDM Graphics Subsystem: \SystemRoot\System32\drivers\dxgkrnl.sys (manual start)
@%systemroot%\system32\eapsvc.dll,-1: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Broadcom NetXtreme II 10 GigE VBD: \SystemRoot\system32\drivers\evbda.sys (manual start)
@%SystemRoot%\system32\efssvc.dll,-100: %SystemRoot%\System32\lsass.exe (manual start)
@%SystemRoot%\ehome\ehrecvr.exe,-101: %systemroot%\ehome\ehRecvr.exe (manual start)
@%SystemRoot%\ehome\ehsched.exe,-101: %systemroot%\ehome\ehsched.exe (manual start)
elxstor: \SystemRoot\system32\drivers\elxstor.sys (manual start)
Microsoft Hardware Error Device Driver: \SystemRoot\system32\drivers\errdev.sys (manual start)
@%SystemRoot%\system32\wevtsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@comres.dll,-2450: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
HUAWEI USB-NDIS miniport: system32\DRIVERS\ewusbnet.sys (manual start)
Huawei MobileBroadband USB PNP Device: system32\DRIVERS\ew_hwusbdev.sys (manual start)
huawei_CompositeFilter: system32\DRIVERS\ew_usbenumfilter.sys (manual start)
@%systemroot%\system32\fxsresm.dll,-118: %systemroot%\system32\fxssvc.exe (manual start)
Floppy Disk Controller Driver: \SystemRoot\system32\drivers\fdc.sys (manual start)
@%systemroot%\system32\fdPHost.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\fdrespub.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\drivers\fileinfo.sys,-100: system32\drivers\fileinfo.sys (system)
@%SystemRoot%\system32\drivers\filetrace.sys,-10001: system32\drivers\filetrace.sys (manual start)
Floppy Disk Driver: \SystemRoot\system32\drivers\flpydisk.sys (manual start)
@%SystemRoot%\system32\drivers\fltmgr.sys,-10001: system32\drivers\fltmgr.sys (system)
@%systemroot%\system32\FntCache.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\PresentationHost.exe,-3309: %systemroot%\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (manual start)
@%SystemRoot%\system32\drivers\fsdepends.sys,-10001: System32\drivers\FsDepends.sys (manual start)
FssFltr: system32\DRIVERS\fssfltr.sys (autostart)
Windows Live Family Safety Service: "C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe" (autostart)
@%SystemRoot%\system32\drivers\fvevol.sys,-100: System32\DRIVERS\fvevol.sys (system)
Microsoft Generic AGPv3.0 Filter for K8 Processor Platforms: \SystemRoot\system32\drivers\gagp30kx.sys (manual start)
GEAR ASPI Filter Driver: system32\DRIVERS\GEARAspiWDM.sys (manual start)
@gpapi.dll,-112: %windir%\system32\svchost.exe -k GPSvcGroup (autostart)
Google Update Service (gupdate): "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc (autostart)
Tjänsten Google Update (gupdatem): "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc (manual start)
Google Software Updater: "C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe" (manual start)
Hauppauge Consumer Infrared Receiver: \SystemRoot\system32\drivers\hcw85cir.sys (manual start)
Microsoft 1.1 UAA Function Driver for High Definition Audio Service: \SystemRoot\system32\drivers\HdAudio.sys (manual start)
Microsoft UAA Bus Driver for High Definition Audio: \SystemRoot\system32\drivers\HDAudBus.sys (manual start)
HID UPS Battery Driver: \SystemRoot\system32\drivers\HidBatt.sys (manual start)
Microsoft Bluetooth HID Miniport: \SystemRoot\system32\drivers\hidbth.sys (manual start)
Microsoft Infrared HID Driver: \SystemRoot\system32\drivers\hidir.sys (manual start)
@%SystemRoot%\System32\hidserv.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
Microsoft HID-klassdrivrutin: system32\DRIVERS\hidusb.sys (manual start)
@%SystemRoot%\system32\kmsvc.dll,-6: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\ListSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\System32\provsvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
HpSAMD: \SystemRoot\system32\drivers\HpSAMD.sys (manual start)
HTC Device Driver: System32\Drivers\ANDROIDUSB.sys (manual start)
HTC NDIS Protocol Driver: system32\DRIVERS\htcnprot.sys (manual start)
@%SystemRoot%\system32\drivers\http.sys,-1: system32\drivers\HTTP.sys (manual start)
huawei_enumerator: system32\DRIVERS\ew_jubusenum.sys (manual start)
Huawei DataCard USB Modem and USB Serial: system32\DRIVERS\ewusbmdm.sys (manual start)
@%systemroot%\system32\drivers\hwpolicy.sys,-101: System32\drivers\hwpolicy.sys (system)
Drivrutin för i8042-tangentbord och PS/2-musport: \SystemRoot\system32\drivers\i8042prt.sys (manual start)
Intel RAID Controller Windows 7: \SystemRoot\system32\drivers\iaStorV.sys (manual start)
@%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll,-8193: "%systemroot%\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe" (manual start)
@%SystemRoot%\system32\ieetwcollectorres.dll,-1000: %SystemRoot%\system32\IEEtwCollector.exe /V (manual start)
iirsp: \SystemRoot\system32\drivers\iirsp.sys (manual start)
@%SystemRoot%\system32\ikeext.dll,-501: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
Service for Realtek HD Audio (WDM): system32\drivers\RTKVHD64.sys (manual start)
intelide: \SystemRoot\system32\drivers\intelide.sys (manual start)
Intel Processor Driver: \SystemRoot\system32\drivers\intelppm.sys (manual start)
@%systemroot%\system32\IPBusEnum.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\rascfg.dll,-32013: system32\DRIVERS\ipfltdrv.sys (manual start)
@%SystemRoot%\system32\iphlpsvc.dll,-500: %SystemRoot%\System32\svchost.exe -k NetSvcs (autostart)
IPMIDRV: \SystemRoot\system32\drivers\IPMIDrv.sys (manual start)
IP Network Address Translator: System32\drivers\ipnat.sys (manual start)
iPod Service: "C:\Program Files\iPod\bin\iPodService.exe" (manual start)
@%SystemRoot%\system32\drivers\irenum.sys,-100: system32\drivers\irenum.sys (manual start)
isapnp: \SystemRoot\system32\drivers\isapnp.sys (manual start)
iScsiPort Driver: \SystemRoot\system32\drivers\msiscsi.sys (manual start)
Keyboard Class Driver: system32\DRIVERS\kbdclass.sys (manual start)
Keyboard HID Driver: system32\DRIVERS\kbdhid.sys (manual start)
@keyiso.dll,-100: %SystemRoot%\system32\lsass.exe (manual start)
: System32\Drivers\ksecdd.sys (system)
: System32\Drivers\ksecpkg.sys (system)
Kernel Streaming Thunks: \SystemRoot\system32\drivers\ksthunk.sys (manual start)
@comres.dll,-2946: %SystemRoot%\System32\svchost.exe -k NetworkServiceAndNoImpersonation (manual start)
@%systemroot%\system32\srvsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\wkssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Link-Layer Topology Discovery Mapper I/O Driver: system32\DRIVERS\lltdio.sys (autostart)
@%SystemRoot%\system32\lltdres.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\lmhsvc.dll,-101: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
LSI_FC: \SystemRoot\system32\drivers\lsi_fc.sys (manual start)
LSI_SAS: \SystemRoot\system32\drivers\lsi_sas.sys (manual start)
LSI_SAS2: \SystemRoot\system32\drivers\lsi_sas2.sys (manual start)
LSI_SCSI: \SystemRoot\system32\drivers\lsi_scsi.sys (manual start)
@%systemroot%\system32\drivers\luafv.sys,-100: \SystemRoot\system32\drivers\luafv.sys (autostart)
mbamchameleon: \??\C:\Windows\system32\drivers\mbamchameleon.sys (system)
MBAMProtector: \??\C:\Windows\system32\drivers\mbam.sys (manual start)
MBAMScheduler: "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe" (autostart)
MBAMService: "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe" (autostart)
MBAMSwissArmy: \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys (manual start)
MBAMWebAccessControl: \??\C:\Windows\system32\drivers\mwac.sys (manual start)
McAfee Security Scan Component Host Service for Sony: "C:\Program Files (x86)\Sony\MSS\3.8.130\McCHSvc.exe" (manual start)
@%SystemRoot%\ehome\ehres.dll,-15501: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (disabled)
megasas: \SystemRoot\system32\drivers\megasas.sys (manual start)
MegaSR: \SystemRoot\system32\drivers\MegaSR.sys (manual start)
@%systemroot%\system32\mmcss.dll,-100: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
: system32\drivers\modem.sys (manual start)
Microsoft Monitor Class Function Driver Service: system32\DRIVERS\monitor.sys (manual start)
Musklassdrivrutin: system32\DRIVERS\mouclass.sys (manual start)
HID-drivrutin för mus: system32\DRIVERS\mouhid.sys (manual start)
@%SystemRoot%\system32\drivers\mountmgr.sys,-100: System32\drivers\mountmgr.sys (system)
Microsoft Malware Protection Driver: system32\DRIVERS\MpFilter.sys (system)
Microsoft Multi-Path Bus Driver: \SystemRoot\system32\drivers\mpio.sys (manual start)
@%SystemRoot%\system32\FirewallAPI.dll,-23092: System32\drivers\mpsdrv.sys (manual start)
@%SystemRoot%\system32\FirewallAPI.dll,-23090: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
@%systemroot%\system32\webclnt.dll,-104: \SystemRoot\system32\drivers\mrxdav.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1002: system32\DRIVERS\mrxsmb.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1004: system32\DRIVERS\mrxsmb10.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1006: system32\DRIVERS\mrxsmb20.sys (manual start)
msahci: \SystemRoot\system32\drivers\msahci.sys (manual start)
Microsoft Multi-Path Device Specific Module: \SystemRoot\system32\drivers\msdsm.sys (manual start)
@comres.dll,-2797: %SystemRoot%\System32\msdtc.exe (manual start)
@%SystemRoot%\system32\drivers\mshidkmdf.sys,-100: \SystemRoot\System32\drivers\mshidkmdf.sys (manual start)
msisadrv: system32\drivers\msisadrv.sys (system)
@%SystemRoot%\system32\iscsidsc.dll,-5000: %systemroot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\msimsg.dll,-27: %systemroot%\system32\msiexec.exe /V (manual start)
Microsoft Streaming Service Proxy: system32\drivers\MSKSSRV.sys (manual start)
Microsoft Antimalware Service: "c:\Program Files\Microsoft Security Client\MsMpEng.exe" (autostart)
Microsoft Streaming Clock Proxy: system32\drivers\MSPCLOCK.sys (manual start)
Microsoft Streaming Quality Manager Proxy: system32\drivers\MSPQM.sys (manual start)
Microsoft System Management BIOS Driver: \SystemRoot\system32\drivers\mssmbios.sys (system)
Microsoft Streaming Tee/Sink-to-Sink Converter: system32\drivers\MSTEE.sys (manual start)
Microsoft Input Configuration Driver: \SystemRoot\system32\drivers\MTConfig.sys (manual start)
@%systemroot%\system32\drivers\mup.sys,-101: System32\Drivers\mup.sys (system)
@%SystemRoot%\system32\qagentrt.dll,-6: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
NativeWiFi Filter: system32\DRIVERS\nwifi.sys (manual start)
@%SystemRoot%\system32\drivers\ndis.sys,-200: system32\drivers\ndis.sys (system)
NDIS Capture LightWeight Filter: system32\DRIVERS\ndiscap.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32001: system32\DRIVERS\ndistapi.sys (manual start)
NDIS Usermode I/O Protocol: system32\DRIVERS\ndisuio.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32002: system32\DRIVERS\ndiswan.sys (manual start)
NetBIOS Interface: system32\DRIVERS\netbios.sys (system)
@%SystemRoot%\system32\drivers\netbt.sys,-2: System32\DRIVERS\netbt.sys (system)
@%SystemRoot%\System32\netlogon.dll,-102: %systemroot%\system32\lsass.exe (manual start)
@%SystemRoot%\system32\netman.dll,-109: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195: "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe" -NetMsmqActivator (disabled)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (disabled)
@%SystemRoot%\system32\netprofm.dll,-202: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (disabled)
@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8201: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (disabled)
nfrd960: \SystemRoot\system32\drivers\nfrd960.sys (manual start)
Microsoft Network Inspection System: system32\DRIVERS\NisDrvWFP.sys (autostart)
@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243: "c:\Program Files\Microsoft Security Client\NisSrv.exe" (manual start)
@%SystemRoot%\System32\nlasvc.dll,-1: %SystemRoot%\System32\svchost.exe -k NetworkService (autostart)
Norton Online Backup: "C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe" SERVICE (autostart)
@%SystemRoot%\system32\nsisvc.dll,-200: %systemroot%\system32\svchost.exe -k LocalService (autostart)
@%SystemRoot%\system32\drivers\nsiproxy.sys,-2: system32\drivers\nsiproxy.sys (system)
nvraid: \SystemRoot\system32\drivers\nvraid.sys (manual start)
nvstor: \SystemRoot\system32\drivers\nvstor.sys (manual start)
NVIDIA nForce AGP Bus Filter: \SystemRoot\system32\drivers\nv_agp.sys (manual start)
1394 OHCI Compliant Host Controller (Legacy): \SystemRoot\system32\drivers\ohci1394.sys (manual start)
Office  Source Engine: "C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE" (manual start)
Office Software Protection Platform: "C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE" (manual start)
@%SystemRoot%\system32\pnrpsvc.dll,-8004: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
@%SystemRoot%\system32\p2psvc.dll,-8006: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
Parallel port driver: \SystemRoot\system32\drivers\parport.sys (manual start)
@%SystemRoot%\system32\drivers\partmgr.sys,-100: System32\drivers\partmgr.sys (system)
Internet Pass-Through Service: C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe (autostart)
@%SystemRoot%\system32\pcasvc.dll,-1: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
PCI Bus Driver: system32\drivers\pci.sys (system)
pciide: system32\drivers\pciide.sys (system)
pcmcia: \SystemRoot\system32\drivers\pcmcia.sys (manual start)
Performance Counters for Windows Driver: System32\drivers\pcw.sys (system)
PEAUTH: system32\drivers\peauth.sys (autostart)
@%systemroot%\sysWow64\perfhost.exe,-2: %SystemRoot%\SysWow64\perfhost.exe (manual start)
@%systemroot%\system32\pla.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalServiceNoNetwork (manual start)
@%SystemRoot%\system32\umpnpmgr.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
PMBDeviceInfoProvider: "C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe" (autostart)
@%SystemRoot%\system32\pnrpauto.dll,-8002: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
@%SystemRoot%\system32\pnrpsvc.dll,-8000: %SystemRoot%\System32\svchost.exe -k LocalServicePeerNet (manual start)
@%SystemRoot%\System32\polstore.dll,-5010: %SystemRoot%\system32\svchost.exe -k NetworkServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\umpo.dll,-100: %SystemRoot%\system32\svchost.exe -k DcomLaunch (autostart)
@%systemroot%\system32\rascfg.dll,-32006: system32\DRIVERS\raspptp.sys (manual start)
Processor Driver: \SystemRoot\system32\drivers\processr.sys (manual start)
@%systemroot%\system32\profsvc.dll,-300: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\psbase.dll,-300: %SystemRoot%\system32\lsass.exe (manual start)
@%SystemRoot%\System32\drivers\pacer.sys,-101: system32\DRIVERS\pacer.sys (system)
PxHlpa64: System32\Drivers\PxHlpa64.sys (system)
ql2300: \SystemRoot\system32\drivers\ql2300.sys (manual start)
ql40xx: \SystemRoot\system32\drivers\ql40xx.sys (manual start)
@%SystemRoot%\system32\qwave.dll,-1: %windir%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\drivers\qwavedrv.sys,-1: \SystemRoot\system32\drivers\qwavedrv.sys (manual start)
Remote Access Auto Connection Driver: System32\DRIVERS\rasacd.sys (manual start)
WAN Miniport (IKEv2): system32\DRIVERS\AgileVpn.sys (manual start)
@%Systemroot%\system32\rasauto.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\rascfg.dll,-32005: system32\DRIVERS\rasl2tp.sys (manual start)
@%Systemroot%\system32\rasmans.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%systemroot%\system32\rascfg.dll,-32007: system32\DRIVERS\raspppoe.sys (manual start)
@%systemroot%\system32\sstpsvc.dll,-202: system32\DRIVERS\rassstp.sys (manual start)
@%systemroot%\system32\wkssvc.dll,-1000: system32\DRIVERS\rdbss.sys (system)
Remote Desktop Device Redirector Bus Driver: \SystemRoot\system32\drivers\rdpbus.sys (manual start)
@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100: System32\DRIVERS\RDPCDD.sys (system)
@%systemroot%\system32\drivers\RDPENCDD.sys,-101: system32\drivers\rdpencdd.sys (system)
@%systemroot%\system32\drivers\RdpRefMp.sys,-101: system32\drivers\rdprefmp.sys (system)
Remote Desktop Video Miniport Driver: System32\drivers\rdpvideominiport.sys (manual start)
ReadyBoost: System32\drivers\rdyboost.sys (system)
Registry Helper Service: C:\Program Files (x86)\Registry Helper\RegistryHelperservice.exe (autostart)
@%Systemroot%\system32\mprdim.dll,-200: %SystemRoot%\System32\svchost.exe -k netsvcs (disabled)
@regsvc.dll,-1: %SystemRoot%\system32\svchost.exe -k regsvc (manual start)
Bluetooth Device (RFCOMM Protocol TDI): system32\DRIVERS\rfcomm.sys (manual start)
Roxio UPnP Renderer 10: "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" (manual start)
Roxio Upnp Server 10: "C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe" (autostart)
@%windir%\system32\RpcEpMap.dll,-1001: %SystemRoot%\system32\svchost.exe -k RPCSS (autostart)
@%systemroot%\system32\Locator.exe,-2: %SystemRoot%\system32\locator.exe (manual start)
@oleres.dll,-5010: %SystemRoot%\system32\svchost.exe -k rpcss (autostart)
Link-Layer Topology Discovery Responder: system32\DRIVERS\rspndr.sys (autostart)
RtsUStor.Sys Realtek USB Card Reader: System32\Drivers\RtsUStor.sys (manual start)
Service for HDMI: system32\drivers\RtHDMIVX.sys (manual start)
Realtek 8167 NT Driver: system32\DRIVERS\Rt64win7.sys (manual start)
@%SystemRoot%\system32\samsrv.dll,-1: %SystemRoot%\system32\lsass.exe (autostart)
SBP-2 Transport/Protocol Bus Driver: \SystemRoot\system32\drivers\sbp2port.sys (manual start)
@%SystemRoot%\System32\SCardSvr.dll,-1: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\System32\drivers\scfilter.sys,-11: System32\DRIVERS\scfilter.sys (manual start)
@%SystemRoot%\system32\schedsvc.dll,-100: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\certprop.dll,-13: %SystemRoot%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\sdrsvc.dll,-107: %SystemRoot%\system32\svchost.exe -k SDRSVC (manual start)
@%SystemRoot%\system32\seclogon.dll,-7001: %windir%\system32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\system32\Sens.dll,-200: %SystemRoot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\System32\sensrsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
Serenum Filter Driver: \SystemRoot\system32\drivers\serenum.sys (manual start)
Serial: \SystemRoot\system32\drivers\serial.sys (manual start)
Serial Mouse Driver: \SystemRoot\system32\drivers\sermouse.sys (manual start)
@%SystemRoot%\System32\SessEnv.dll,-1026: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
Sony Firmware Extension Parser: \SystemRoot\system32\drivers\SFEP.sys (manual start)
SFF Storage Class Driver: \SystemRoot\system32\drivers\sffdisk.sys (manual start)
SFF Storage Protocol Driver for MMC: \SystemRoot\system32\drivers\sffp_mmc.sys (manual start)
SFF Storage Protocol Driver for SDBus: \SystemRoot\system32\drivers\sffp_sd.sys (manual start)
High-Capacity Floppy Disk Drive: \SystemRoot\system32\drivers\sfloppy.sys (manual start)
Sftfs: system32\DRIVERS\Sftfslh.sys (manual start)
Application Virtualization Client: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe" (autostart)
Sftplay: system32\DRIVERS\Sftplaylh.sys (manual start)
Sftredir: system32\DRIVERS\Sftredirlh.sys (manual start)
Sftvol: system32\DRIVERS\Sftvollh.sys (manual start)
Application Virtualization Service Agent: "C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe" (manual start)
@%SystemRoot%\system32\ipnathlp.dll,-106: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\shsvcs.dll,-12288: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
SiSRaid2: \SystemRoot\system32\drivers\SiSRaid2.sys (manual start)
SiSRaid4: \SystemRoot\system32\drivers\sisraid4.sys (manual start)
Skype Updater: "C:\Program Files (x86)\Skype\Updater\Updater.exe" (autostart)
@%SystemRoot%\system32\tcpipcfg.dll,-50005: system32\DRIVERS\smb.sys (manual start)
@%SystemRoot%\system32\snmptrap.exe,-3: %SystemRoot%\System32\snmptrap.exe (manual start)
VAIO Media plus Content Importer: "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe" (manual start)
VAIO Media plus Digital Media Server: "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe" (manual start)
VAIO Media plus Device Searcher: "C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe" (manual start)
VAIO Entertainment Common Service: "C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe" (manual start)
@%systemroot%\system32\spoolsv.exe,-1: %SystemRoot%\System32\spoolsv.exe (autostart)
@%SystemRoot%\system32\sppsvc.exe,-101: %SystemRoot%\system32\sppsvc.exe (autostart)
@%SystemRoot%\system32\sppuinotify.dll,-103: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\srvsvc.dll,-102: System32\DRIVERS\srv.sys (manual start)
@%systemroot%\system32\srvsvc.dll,-104: System32\DRIVERS\srv2.sys (manual start)
: System32\DRIVERS\srvnet.sys (manual start)
SAMSUNG Android USB Composite Device driver (WDM): system32\DRIVERS\ssadbus.sys (manual start)
SAMSUNG Android USB Modem (Filter): system32\DRIVERS\ssadmdfl.sys (manual start)
SAMSUNG Android USB Modem Drivers: system32\DRIVERS\ssadmdm.sys (manual start)
@%systemroot%\system32\ssdpsrv.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\sstpsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.): system32\DRIVERS\ssudmdm.sys (manual start)
stexstor: \SystemRoot\system32\drivers\stexstor.sys (manual start)
@%SystemRoot%\system32\wiaservc.dll,-9: %SystemRoot%\system32\svchost.exe -k imgsvc (autostart)
Software Bus Driver: \SystemRoot\system32\drivers\swenum.sys (manual start)
@%SystemRoot%\System32\swprv.dll,-103: %SystemRoot%\System32\svchost.exe -k swprv (manual start)
@%SystemRoot%\system32\sysmain.dll,-1000: %systemroot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\system32\TabSvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\system32\tapisrv.dll,-10100: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\system32\tbssvc.dll,-100: %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50003: System32\drivers\tcpip.sys (system)
Microsoft IPv6 Protocol Driver: system32\DRIVERS\tcpip.sys (manual start)
TCP/IP Registry Compatibility: System32\drivers\tcpipreg.sys (autostart)
TDPIPE: system32\drivers\tdpipe.sys (manual start)
TDTCP: system32\drivers\tdtcp.sys (manual start)
@%SystemRoot%\system32\tcpipcfg.dll,-50004: system32\DRIVERS\tdx.sys (system)
Terminal Device Driver: \SystemRoot\system32\drivers\termdd.sys (system)
@%SystemRoot%\System32\termsrv.dll,-268: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
@%SystemRoot%\System32\themeservice.dll,-8192: %SystemRoot%\System32\svchost.exe -k netsvcs (autostart)
@%systemroot%\system32\mmcss.dll,-102: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\trkwks.dll,-1: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
@%SystemRoot%\servicing\TrustedInstaller.exe,-100: %SystemRoot%\servicing\TrustedInstaller.exe (manual start)
@%SystemRoot%\System32\DRIVERS\tssecsrv.sys,-101: System32\DRIVERS\tssecsrv.sys (manual start)
: system32\drivers\tsusbflt.sys (manual start)
Microsoft Tunnel Miniport Adapter Driver: system32\DRIVERS\tunnel.sys (manual start)
Microsoft AGPv3.5 Filter: \SystemRoot\system32\drivers\uagp35.sys (manual start)
CamMonitor: C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe (disabled)
udfs: system32\DRIVERS\udfs.sys (disabled)
@%SystemRoot%\system32\ui0detect.exe,-101: %SystemRoot%\system32\UI0Detect.exe (manual start)
Uli AGP Bus Filter: \SystemRoot\system32\drivers\uliagpkx.sys (manual start)
UMBus Enumerator Driver: \SystemRoot\system32\drivers\umbus.sys (manual start)
Microsoft UMPass Driver: \SystemRoot\system32\drivers\umpass.sys (manual start)
@%systemroot%\system32\upnphost.dll,-213: %SystemRoot%\system32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
Apple Mobile USB Driver: System32\Drivers\usbaapl64.sys (manual start)
Microsoft USB Generic Parent Driver: system32\DRIVERS\usbccgp.sys (manual start)
eHome Infrared Receiver (USBCIR): \SystemRoot\system32\drivers\usbcir.sys (manual start)
Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32\DRIVERS\usbehci.sys (manual start)
AMD USB Filter Driver: system32\DRIVERS\usbfilter.sys (manual start)
Drivrutin för Microsoft USB-standardnav (hub): system32\DRIVERS\usbhub.sys (manual start)
Microsoft USB Open Host Controller Miniport Driver: system32\DRIVERS\usbohci.sys (manual start)
Microsoft USB PRINTER Class: system32\DRIVERS\usbprint.sys (manual start)
USB Mass Storage Driver: system32\DRIVERS\USBSTOR.SYS (manual start)
Microsoft USB Universal Host Controller Miniport Driver: \SystemRoot\system32\drivers\usbuhci.sys (manual start)
USB-videoenhet (WDM): \SystemRoot\System32\Drivers\usbvideo.sys (manual start)
USB RNDIS Adapter: \SystemRoot\system32\drivers\usb8023x.sys (manual start)
User Energy Server Service: "C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe" "--run_as_user_process"  (manual start)
@%SystemRoot%\system32\dwm.exe,-2000: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
VAIO Entertainment TV Device Arbitration Service: "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Entertainment Platform\VzHardwareResourceManager\VzHardwareResourceManager\VzHardwareResourceManager.exe" (manual start)
VAIO Event Service: "C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe" (autostart)
VAIO Power Management: "C:\Program Files\Sony\VAIO Power Management\SPMService.exe" (manual start)
@%SystemRoot%\system32\vaultsvc.dll,-1003: %SystemRoot%\system32\lsass.exe (manual start)
VAIO Content Folder Watcher: "C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe" (manual start)
VAIO Content Metadata Intelligent Analyzing Manager: "C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe" (autostart)
VAIO Content Metadata Intelligent Network Service Manager: "C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe" (autostart)
VAIO Content Metadata XML Interface: "C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe" (manual start)
VCService: "C:\Program Files\Sony\VAIO Care\VCService.exe" (manual start)
Microsoft Virtual Drive Enumerator Driver: system32\drivers\vdrvroot.sys (system)
@%SystemRoot%\system32\vds.exe,-100: %SystemRoot%\System32\vds.exe (manual start)
vga: system32\DRIVERS\vgapnp.sys (manual start)
: \SystemRoot\System32\drivers\vga.sys (system)
vhdmp: \SystemRoot\system32\drivers\vhdmp.sys (manual start)
viaide: \SystemRoot\system32\drivers\viaide.sys (manual start)
Volume Manager Driver: system32\drivers\volmgr.sys (system)
@%SystemRoot%\system32\drivers\volmgrx.sys,-100: System32\drivers\volmgrx.sys (system)
Lagringsvolymer: system32\drivers\volsnap.sys (system)
vsmraid: \SystemRoot\system32\drivers\vsmraid.sys (manual start)
VSNService: "C:\Program Files\Sony\VAIO Smart Network\VSNService.exe" (autostart)
@%systemroot%\system32\vssvc.exe,-102: %systemroot%\system32\vssvc.exe (manual start)
VUAgent: "C:\Program Files\Sony\VAIO Update\vuagent.exe" (manual start)
Virtual WiFi Bus Driver: system32\DRIVERS\vwifibus.sys (manual start)
Virtual WiFi Filter Driver: system32\DRIVERS\vwififlt.sys (system)
Microsoft Virtual WiFi Miniport Service: system32\DRIVERS\vwifimp.sys (manual start)
@%SystemRoot%\system32\w32time.dll,-200: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
Wacom Serial Pen HID Driver: \SystemRoot\system32\drivers\wacompen.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32011: system32\DRIVERS\wanarp.sys (manual start)
@%systemroot%\system32\rascfg.dll,-32012: system32\DRIVERS\wanarp.sys (system)
@%SystemRoot%\system32\Wat\WatUX.exe,-601: %SystemRoot%\system32\Wat\WatAdminSvc.exe (manual start)
@%systemroot%\system32\wbengine.exe,-104: "%systemroot%\system32\wbengine.exe" (manual start)
@%systemroot%\system32\wbiosrvc.dll,-100: %SystemRoot%\system32\svchost.exe -k WbioSvcGroup (manual start)
@%SystemRoot%\system32\wcncsvc.dll,-3: %SystemRoot%\System32\svchost.exe -k LocalServiceAndNoImpersonation (manual start)
@%SystemRoot%\system32\WcsPlugInService.dll,-200: %SystemRoot%\system32\svchost.exe -k wcssvc (manual start)
Wd: \SystemRoot\system32\drivers\wd.sys (manual start)
@%SystemRoot%\system32\drivers\Wdf01000.sys,-1000: system32\drivers\Wdf01000.sys (system)
@%systemroot%\system32\wdi.dll,-502: %SystemRoot%\System32\svchost.exe -k LocalService (manual start)
@%systemroot%\system32\wdi.dll,-500: %SystemRoot%\System32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\system32\webclnt.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%SystemRoot%\system32\wecsvc.dll,-200: %SystemRoot%\system32\svchost.exe -k NetworkService (autostart)
@%SystemRoot%\System32\wercplsupport.dll,-101: %SystemRoot%\System32\svchost.exe -k netsvcs (manual start)
@%SystemRoot%\System32\wersvc.dll,-100: %SystemRoot%\System32\svchost.exe -k WerSvcGroup (manual start)
WFP Lightweight Filter: system32\DRIVERS\wfplwf.sys (system)
WIMMount: system32\drivers\wimmount.sys (manual start)
@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103: %SystemRoot%\System32\svchost.exe -k secsvcs (manual start)
@%SystemRoot%\system32\winhttp.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalService (manual start)
@%Systemroot%\system32\wbem\wmisvc.dll,-205: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%Systemroot%\system32\wsmsvc.dll,-101: %SystemRoot%\System32\svchost.exe -k NetworkService (manual start)
Sony Ericsson sa0102 ADB Interface: system32\DRIVERS\WinUsb.sys (manual start)
@%SystemRoot%\System32\wlansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (autostart)
Windows Live Mesh remote connections service: "C:\Program Files\Windows Live\Mesh\wlcrasvc.exe" (disabled)
Windows Live ID Sign-in Assistant: "C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE" (autostart)
Microsoft Windows Management Interface for ACPI: \SystemRoot\system32\drivers\wmiacpi.sys (manual start)
@%Systemroot%\system32\wbem\wmiapsrv.exe,-110: %systemroot%\system32\wbem\WmiApSrv.exe (manual start)
@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101: "%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe" (autostart)
@%SystemRoot%\system32\wpcsvc.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted (manual start)
@%SystemRoot%\system32\wpdbusenum.dll,-100: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%systemroot%\System32\drivers\ws2ifsl.sys,-1000: \SystemRoot\system32\drivers\ws2ifsl.sys (disabled)
@%SystemRoot%\System32\wscsvc.dll,-200: %SystemRoot%\System32\svchost.exe -k LocalServiceNetworkRestricted (autostart)
@%systemroot%\system32\SearchIndexer.exe,-103: %systemroot%\system32\SearchIndexer.exe /Embedding (autostart)
Windows Update: %systemroot%\system32\svchost.exe -k netsvcs (autostart)
@%SystemRoot%\system32\drivers\Wudfpf.sys,-1000: system32\drivers\WudfPf.sys (manual start)
WUDFRd: system32\DRIVERS\WUDFRd.sys (manual start)
@%SystemRoot%\system32\wudfsvc.dll,-1000: %SystemRoot%\system32\svchost.exe -k LocalSystemNetworkRestricted (manual start)
@%SystemRoot%\System32\wwansvc.dll,-257: %SystemRoot%\system32\svchost.exe -k LocalServiceNoNetwork (autostart)
 
 
--------------------------------------------------
 
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
 
Windows NT checkdisk command:
BootExecute = autocheck autochk *
 
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\Users\FAMILJ~1\AppData\Local\Temp\~nsu.tmp\Au_.exe||C:\Users\FAMILJ~1\AppData\Local\Temp\~nsu.tmp||C:\Users\FAMILJ~1\AppData\Local\Temp\nsc4752.tmp\|||p
 
--------------------------------------------------
 
Enumerating ShellServiceObjectDelayLoad items:
 
WebCheck: *Registry key not found*
 
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
 
*Registry key not found*
 
--------------------------------------------------
 
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run
 
*Registry key not found*
 
--------------------------------------------------
 
End of report, 63 185 bytes
Report generated in 2,745 seconds
 
Command line options:
   /verbose  - to add additional info on each section
   /complete - to include empty sections and unsuspicious data
   /full     - to include several rarely-important sections
   /force9x  - to include Win9x-only startups even if running on WinNT
   /forcent  - to include WinNT-only startups even if running on Win9x
   /forceall - to include all Win9x and WinNT startups, regardless of platform
   /history  - to list version history only
 
Process list saved on 12:51:50, on 2015-08-04
Platform: Windows 7 SP1 (WinNT 6.00.3505)
 
[pid] [full path to filename] [file version] [company name]
4104 C:\Program Files (x86)\Windows Live\Family Safety\fsui.exe 15.4.3555.308 Microsoft Corporation
5088 C:\Users\Familjen Eklind\AppData\Local\Programs\Google\Google Photos Backup\Google Photos Backup.exe 1.1.0.239 Google, Inc
268 C:\Users\Familjen Eklind\AppData\Local\Microsoft\OneDrive\OneDrive.exe 17.3.5907.716 Microsoft Corporation
964 C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe 2.0.0.130 Samsung Electronics Co., Ltd.
3216 C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE 14.0.7104.5000 Microsoft Corporation
4300 C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe 9.3.1.6011 Sony Corporation
5084 C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 2.8.51.16 Oracle Corporation
7736 C:\Users\Familjen Eklind\HijackThis.exe 2.0.0.5 Trend Micro Inc.
6028 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7656 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7864 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
5588 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
5932 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7956 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7856 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
6372 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7232 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7036 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
6076 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
5236 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
6652 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
6096 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
4536 C:\Program Files (x86)\Windows Live\Mail\wlmail.exe 15.4.3555.308 Microsoft Corporation
4000 C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe 15.4.3555.308 Microsoft Corporation
7380 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7960 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
8164 C:\PROGRA~2\MICROS~1\Office14\WINWORD.EXE 14.0.7153.5002 Microsoft Corporation
5912 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
6192 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
6336 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
7884 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
8176 C:\Program Files (x86)\Google\Chrome\Application\chrome.exe 44.0.2403.125 Google Inc.
 
 
DLLs loaded by process C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe:
 
[full path to filename] [file version] [company name]
C:\Windows\SysWOW64\ntdll.dll 6.1.7601.18869 Microsoft Corporation
C:\Windows\syswow64\kernel32.dll 6.1.7601.18869 Microsoft Corporation
C:\Windows\syswow64\KERNELBASE.dll 6.1.7601.18869 Microsoft Corporation
C:\Windows\syswow64\USER32.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\GDI32.dll 6.1.7601.18898 Microsoft Corporation
C:\Windows\syswow64\LPK.dll 6.1.7601.18923 Microsoft Corporation
C:\Windows\syswow64\USP10.dll 1.626.7601.18454 Microsoft Corporation
C:\Windows\syswow64\msvcrt.dll 7.0.7601.17744 Microsoft Corporation
C:\Windows\syswow64\ADVAPI32.dll 6.1.7601.18869 Microsoft Corporation
C:\Windows\SysWOW64\sechost.dll 6.1.7601.18869 Microsoft Corporation
C:\Windows\syswow64\RPCRT4.dll 6.1.7601.18912 Microsoft Corporation
C:\Windows\syswow64\SspiCli.dll 6.1.7601.18912 Microsoft Corporation
C:\Windows\syswow64\CRYPTBASE.dll 6.1.7601.18912 Microsoft Corporation
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll 6.10.7601.18837 Microsoft Corporation
C:\Windows\syswow64\SHLWAPI.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\CFGMGR32.dll 6.1.7601.17621 Microsoft Corporation
C:\Windows\syswow64\SETUPAPI.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\OLEAUT32.dll 6.1.7601.18679 Microsoft Corporation
C:\Windows\syswow64\ole32.dll 6.1.7601.18915 Microsoft Corporation
C:\Windows\syswow64\DEVOBJ.dll 6.1.7601.17621 Microsoft Corporation
C:\Windows\syswow64\SHELL32.dll 6.1.7601.18762 Microsoft Corporation
C:\Windows\system32\VERSION.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\MSIMG32.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\oledlg.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18852_none_72d5ba7586659cb4\gdiplus.dll 6.1.7601.18852 Microsoft Corporation
C:\Windows\syswow64\WININET.dll 11.0.9600.17909 Microsoft Corporation
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\syswow64\normaliz.DLL 6.1.7600.16385 Microsoft Corporation
C:\Windows\syswow64\iertutil.dll 11.0.9600.17924 Microsoft Corporation
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\syswow64\USERENV.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\profapi.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\syswow64\IMM32.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\MSCTF.dll 6.1.7601.18731 Microsoft Corporation
C:\Windows\system32\WINMM.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\system32\WINSPOOL.DRV 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\COMDLG32.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\system32\uxtheme.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\dwmapi.dll 6.1.7601.18796 Microsoft Corporation
C:\Windows\syswow64\WINTRUST.dll 6.1.7601.18839 Microsoft Corporation
C:\Windows\syswow64\CRYPT32.dll 6.1.7601.18839 Microsoft Corporation
C:\Windows\syswow64\MSASN1.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\CLBCatQ.DLL 2001.12.8530.16385 Microsoft Corporation
C:\Windows\system32\CRYPTSP.dll 6.1.7601.18741 Microsoft Corporation
C:\Windows\system32\rsaenh.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\RpcRtRemote.dll 6.1.7601.17514 Microsoft Corporation
C:\Program Files (x86)\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll 6.0.6000.16384 Windows ® Codename Longhorn DDK provider
C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\MSVCR90.dll 9.0.30729.6161 Microsoft Corporation
C:\Windows\syswow64\urlmon.dll 11.0.9600.17924 Microsoft Corporation
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\system32\Secur32.dll 6.1.7601.18912 Microsoft Corporation
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 6.2.9200.16492 Microsoft Corporation
C:\Windows\system32\upnphost.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\SSDPAPI.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\propsys.dll 7.0.7601.17514 Microsoft Corporation
C:\Windows\system32\ntmarta.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\syswow64\WLDAP32.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\WS2_32.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\syswow64\NSI.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\mswsock.dll 6.1.7601.18254 Microsoft Corporation
C:\Windows\System32\wship6.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\IPHLPAPI.DLL 6.1.7601.17514 Microsoft Corporation
C:\Windows\system32\WINNSI.DLL 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\dhcpcsvc.DLL 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\dhcpcsvc6.DLL 6.1.7601.17970 Microsoft Corporation
C:\Windows\system32\DNSAPI.dll 6.1.7601.17570 Microsoft Corporation
C:\Windows\System32\wshtcpip.dll 6.1.7600.16385 Microsoft Corporation
C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL 7.250.4232.0 Microsoft Corp.
C:\Windows\syswow64\PSAPI.DLL 6.1.7600.16385 Microsoft Corporation
C:\Program Files (x86)\Bonjour\mdnsNSP.dll 3.0.0.10 Apple Inc.
C:\Windows\system32\rasadhlp.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\System32\netprofm.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\System32\nlaapi.dll 6.1.7601.18685 Microsoft Corporation
C:\Windows\System32\npmproxy.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\System32\fwpuclnt.dll 6.1.7601.18283 Microsoft Corporation
C:\Windows\system32\apphelp.dll 6.1.7601.18777 Microsoft Corporation
C:\Windows\system32\ntshrui.dll 6.1.7601.17755 Microsoft Corporation
C:\Windows\system32\srvcli.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\system32\cscapi.dll 6.1.7601.17514 Microsoft Corporation
C:\Windows\system32\slc.dll 6.1.7600.16385 Microsoft Corporation
C:\Windows\system32\netutils.dll 6.1.7601.17514 Microsoft Corporation
 

Edited by jennyceklind@gmail.c, 04 August 2015 - 05:55 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:27 PM

Posted 04 August 2015 - 08:46 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===


How is the computer running now?
Wait for further instructions.

===

p.s.
HijackThis is no longer supported.
I suggest your remove it Using the Add/Remove programs applet.
Use the Farbar tool from now on to report problems.
<<<>>>

#3 nasdaq

nasdaq

  • Malware Response Team
  • 39,523 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:09:27 PM

Posted 09 August 2015 - 07:42 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users