Is JAVA gone? ... and general check-up

[JDBush61]

Hi Corrine,

As mentioned in my reply to your post regarding JAVA, would you please check these logs to verify that JAVA is now gone from my computer, as well as to let me know if everything else looks on the up-and-up? I know you're busy, so no rush. My computers have never run better than since following your advice here at Landzdown.

By the way, I noticed that the second DDS file states that there is no system restore point saved on this computer. Is that a mistake? I routinely make restore points.

Anyway, here are the three log files:

Results of screen317's Security Check version 0.99.85 
Windows 7 Service Pack 1 x64 (UAC is enabled) 
Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````[/u]
Windows Firewall Enabled! 
Norton 360   
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````[/u]
SpywareBlaster 5.0   
Secunia PSI (3.0.0.7011)   
Adobe Flash Player 14.0.0.145 
Adobe Reader XI 
Mozilla Firefox 29.0.1 Firefox out of Date! 
````````Process Check: objlist.exe by Laurent````````[/u] 
Malwarebytes Anti-Exploit mbae-svc.exe   
Malwarebytes Anti-Exploit mbae.exe   
`````````````````System Health check`````````````````[/u]
Total Fragmentation on Drive C: 1%
````````````````````End of Log``````````````````````[/u]

DDS (Ver_2012-11-20.01) - NTFS_AMD64 MINIMAL
Internet Explorer: 11.0.9600.17207
Run by Administrator Bush at 9:35:12 on 2014-07-17
Microsoft Windows 7 Home Premium [GMT 9:00]
.
AV: Norton 360 *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 *Enabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============


BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\ips\ipsbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll
uRun: [WinPatrol] C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe -expressboot
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [Malwarebytes Anti-Exploit] C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} - hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.6.2.logging.cab
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
TCP: NameServer = 172.16.130.1 172.16.130.8
TCP: Interfaces\{DA0A0532-503B-470A-A8C8-4526E107F05C} : DHCPNameServer = 172.16.130.1 172.16.130.8
TCP: Interfaces\{DA0A0532-503B-470A-A8C8-4526E107F05C}\642554543505F44533 : DHCPNameServer = 143.90.130.165 143.90.130.39
TCP: Interfaces\{DA0A0532-503B-470A-A8C8-4526E107F05C}\A4F686E67237027596D2649602E4564777F627B6 : DHCPNameServer = 192.168.131.1 163.139.21.197 163.139.230.164 210.196.191.66
TCP: Interfaces\{DA0A0532-503B-470A-A8C8-4526E107F05C}\D656469616E69687 : DHCPNameServer = 192.168.0.1
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Notify: VESWinlogon - VESWinlogon.dll
SSODL: WebCheck - <orphaned>
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - <orphaned>
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Administrator Bush\AppData\Roaming\Mozilla\Firefox\Profiles\ywmg8h0l.default\

FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-5-1 55280]
R0 shpf;Sony HDD Protection Filter Driver;C:\Windows\System32\drivers\shpf.sys [2009-11-27 25120]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1504000.00D\symds64.sys [2014-7-8 493656]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1504000.00D\symefa64.sys [2014-7-8 1148120]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-5-20 148280]
R2 rimspci;rimspci;C:\Windows\System32\drivers\rimssne64.sys [2009-11-27 93696]
R2 risdsnpe;risdsnpe;C:\Windows\System32\drivers\risdsne64.sys [2009-11-27 76800]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-11-27 56344]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2009-11-27 11392]
S1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys [2014-7-9 1530160]
S1 ccSet_N360;N360 Settings Manager;C:\Windows\System32\drivers\N360x64\1504000.00D\ccsetx64.sys [2014-7-8 162392]
S1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [2014-6-13 62392]
S1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140716.001\IDSviA64.sys [2014-7-17 525016]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-23 14928]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368]
S1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1504000.00D\ironx64.sys [2014-7-8 264280]
S1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1504000.00D\symnets.sys [2014-7-8 593112]
S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;C:\Program Files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [2009-9-6 169312]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 ESRV_SVC;Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-1 377768]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2009-11-27 13336]
S2 MbaeSvc;Malwarebytes Anti-Exploit Service;C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [2014-6-13 360592]
S2 N360;Norton 360;C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe [2014-7-8 265040]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\SONY\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-2-12 39568]
S2 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-3-24 1141336]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-2-12 23552]
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe [2009-8-31 362992]
S2 SampleCollector;Intel(R) System Behavior Tracker Collector Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2013-11-1 266168]
S2 Secunia Update Agent;Secunia Update Agent;C:\Program Files (x86)\Secunia\PSI\sua.exe [2013-7-3 660184]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-8-29 414496]
S2 uCamMonitor;CamMonitor;C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [2010-5-1 104960]
S2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-11-27 2314240]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2011-12-21 550128]
S2 VSNService;VSNService;C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [2010-9-7 845312]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;C:\Windows\System32\drivers\ArcSoftKsUFilter.sys [2010-5-1 19968]
S3 btusbflt;Bluetooth USB Filter;C:\Windows\System32\drivers\btusbflt.sys [2009-11-27 52264]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2009-11-27 35104]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-7-16 142128]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2010-10-21 48488]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-7-9 111616]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2009-11-27 151936]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2009-11-27 244736]
S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;C:\Windows\System32\drivers\L1C62x64.sys [2011-11-15 111216]
S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2009-9-16 6952960]
S3 PSI;PSI;C:\Windows\System32\drivers\psi_mf_amd64.sys [2013-7-3 18456]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-10-25 19456]
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;C:\Program Files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [2009-8-31 313840]
S3 Secunia PSI Agent;Secunia PSI Agent;C:\Program Files (x86)\Secunia\PSI\psia.exe [2013-7-3 1228504]
S3 semav6thermal64ro;semav6thermal64ro;C:\Windows\System32\drivers\semav6thermal64ro.sys [2014-4-3 13792]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2011-11-3 138392]
S3 SOHDms;VAIO Media plus Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2010-10-12 423280]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2011-11-3 74904]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-9-23 289952]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-14 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 USER_ESRV_SVC;User Energy Server Service;C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [2013-11-1 377768]
S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-5-1 571248]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2011-12-29 960160]
S3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2011-9-8 381488]
S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2011-8-26 101600]
S3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2014-2-20 60504]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2014-5-29 1642544]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-4-30 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-07-08 01:37:03   875736   ----a-w-   C:\Windows\System32\drivers\N360x64\1504000.00D\srtsp64.sys
2014-07-08 01:37:03   593112   ----a-w-   C:\Windows\System32\drivers\N360x64\1504000.00D\symnets.sys
2014-07-08 01:37:03   493656   ----a-r-   C:\Windows\System32\drivers\N360x64\1504000.00D\symds64.sys
2014-07-08 01:37:03   36952   ----a-r-   C:\Windows\System32\drivers\N360x64\1504000.00D\srtspx64.sys
2014-07-08 01:37:03   264280   ----a-r-   C:\Windows\System32\drivers\N360x64\1504000.00D\ironx64.sys
2014-07-08 01:37:03   23568   ----a-r-   C:\Windows\System32\drivers\N360x64\1504000.00D\symelam.sys
2014-07-08 01:37:03   1148120   ----a-w-   C:\Windows\System32\drivers\N360x64\1504000.00D\symefa64.sys
2014-07-08 01:37:02   162392   ----a-r-   C:\Windows\System32\drivers\N360x64\1504000.00D\ccsetx64.sys
2014-07-08 01:36:46   --------   d-----w-   C:\Windows\System32\drivers\N360x64\1504000.00D
2014-07-08 01:26:34   --------   d-----w-   C:\Users\Administrator Bush\AppData\Local\Adobe
2014-06-26 15:30:51   --------   d-----w-   C:\ProgramData\Foolish IT
2014-06-26 14:05:33   --------   d-----w-   C:\Program Files\paint.net
2014-06-26 14:04:49   --------   d-----w-   C:\Users\Administrator Bush\AppData\Local\paint.net
2014-06-26 11:50:27   122584   ----a-w-   C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-06-26 11:50:17   91352   ----a-w-   C:\Windows\System32\drivers\mbamchameleon.sys
2014-06-26 11:50:17   63704   ----a-w-   C:\Windows\System32\drivers\mwac.sys
2014-06-26 11:50:17   25816   ----a-w-   C:\Windows\System32\drivers\mbam.sys
2014-06-26 11:50:17   --------   d-----w-   C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-24 00:52:04   --------   d-----w-   C:\Program Files (x86)\SystemRequirementsLab
.
==================== Find3M  ====================
.
2014-07-09 01:47:02   71344   ----a-w-   C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-09 01:47:02   699056   ----a-w-   C:\Windows\SysWow64\FlashPlayerApp.exe
2014-06-30 02:09:33   519168   ----a-w-   C:\Windows\System32\aepdu.dll
2014-06-30 02:04:49   424448   ----a-w-   C:\Windows\System32\aeinv.dll
2014-06-19 01:06:55   2724864   ----a-w-   C:\Windows\System32\mshtml.tlb
2014-06-19 01:06:24   4096   ----a-w-   C:\Windows\System32\ieetwcollectorres.dll
2014-06-19 00:42:57   548352   ----a-w-   C:\Windows\System32\vbscript.dll
2014-06-19 00:42:49   66048   ----a-w-   C:\Windows\System32\iesetup.dll
2014-06-19 00:41:52   48640   ----a-w-   C:\Windows\System32\ieetwproxystub.dll
2014-06-19 00:41:16   83968   ----a-w-   C:\Windows\System32\MshtmlDac.dll
2014-06-19 00:24:30   139264   ----a-w-   C:\Windows\System32\ieUnatt.exe
2014-06-19 00:24:12   111616   ----a-w-   C:\Windows\System32\ieetwcollector.exe
2014-06-19 00:23:53   752640   ----a-w-   C:\Windows\System32\jscript9diag.dll
2014-06-19 00:14:28   940032   ----a-w-   C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-18 23:59:04   38400   ----a-w-   C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-06-18 23:56:37   2724864   ----a-w-   C:\Windows\SysWow64\mshtml.tlb
2014-06-18 23:51:38   5721088   ----a-w-   C:\Windows\System32\jscript9.dll
2014-06-18 23:38:40   455168   ----a-w-   C:\Windows\SysWow64\vbscript.dll
2014-06-18 23:37:23   61952   ----a-w-   C:\Windows\SysWow64\iesetup.dll
2014-06-18 23:36:35   51200   ----a-w-   C:\Windows\SysWow64\ieetwproxystub.dll
2014-06-18 23:35:55   62464   ----a-w-   C:\Windows\SysWow64\MshtmlDac.dll
2014-06-18 23:27:45   1249280   ----a-w-   C:\Windows\System32\mshtmlmedia.dll
2014-06-18 23:27:07   2040832   ----a-w-   C:\Windows\System32\inetcpl.cpl
2014-06-18 23:23:27   112128   ----a-w-   C:\Windows\SysWow64\ieUnatt.exe
2014-06-18 23:22:40   592896   ----a-w-   C:\Windows\SysWow64\jscript9diag.dll
2014-06-18 23:06:10   32256   ----a-w-   C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-06-18 22:58:27   2266112   ----a-w-   C:\Windows\System32\wininet.dll
2014-06-18 22:52:18   4254720   ----a-w-   C:\Windows\SysWow64\jscript9.dll
2014-06-18 22:46:23   1068032   ----a-w-   C:\Windows\SysWow64\mshtmlmedia.dll
2014-06-18 22:45:59   1964544   ----a-w-   C:\Windows\SysWow64\inetcpl.cpl
2014-06-18 22:13:59   1791488   ----a-w-   C:\Windows\SysWow64\wininet.dll
2014-06-18 02:18:30   692736   ----a-w-   C:\Windows\System32\osk.exe
2014-06-18 01:51:32   646144   ----a-w-   C:\Windows\SysWow64\osk.exe
2014-06-18 01:10:36   3157504   ----a-w-   C:\Windows\System32\win32k.sys
2014-06-06 10:10:34   624128   ----a-w-   C:\Windows\System32\qedit.dll
2014-06-06 09:44:17   509440   ----a-w-   C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15   1460736   ----a-w-   C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58   22016   ----a-w-   C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49   96768   ----a-w-   C:\Windows\SysWow64\sspicli.dll
2014-06-04 06:29:47   53248   ----a-w-   C:\Windows\SysWow64\zlib.dll
2014-06-04 00:54:50   285208   ----a-w-   C:\Windows\System32\drivers\tmcomm.sys
2014-05-30 08:08:52   210944   ----a-w-   C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49   86528   ----a-w-   C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47   340992   ----a-w-   C:\Windows\System32\schannel.dll
2014-05-30 08:08:41   314880   ----a-w-   C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41   307200   ----a-w-   C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36   728064   ----a-w-   C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31   22016   ----a-w-   C:\Windows\System32\credssp.dll
2014-05-30 07:52:51   172032   ----a-w-   C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49   65536   ----a-w-   C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45   247808   ----a-w-   C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41   220160   ----a-w-   C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40   259584   ----a-w-   C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36   550912   ----a-w-   C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30   17408   ----a-w-   C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52   497152   ----a-w-   C:\Windows\System32\drivers\afd.sys
2014-05-10 00:13:17   29014160   ----a-w-   C:\Firefox Setup 29.0.1.exe
2014-05-08 09:32:11   3178496   ----a-w-   C:\Windows\System32\rdpcorets.dll
2014-05-08 09:32:11   16384   ----a-w-   C:\Windows\System32\RdpGroupPolicyExtension.dll
2014-04-25 02:34:59   801280   ----a-w-   C:\Windows\System32\usp10.dll
2014-04-25 02:06:17   626688   ----a-w-   C:\Windows\SysWow64\usp10.dll
.
============= FINISH:  9:36:50.71 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 4/30/2010 12:13:48 PM
System Uptime: 7/17/2014 9:33:53 AM (0 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel(R) Core(TM) i5 CPU       M 520  @ 2.40GHz | N/A | 2394/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 284 GiB total, 195.34 GiB free.
D: is Removable
E: is CDROM ()
F: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Security Processor Loader Driver
Device ID: ROOT\LEGACY_SPLDR\0000
Manufacturer:
Name: Security Processor Loader Driver
PNP Device ID: ROOT\LEGACY_SPLDR\0000
Service: spldr
.
Class GUID: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Description: USB Video Device
Device ID: USB\VID_05CA&PID_18B7&MI_00\7&71D3624&0&0000
Manufacturer: Microsoft
Name: Sony Visual Communication Camera
PNP Device ID: USB\VID_05CA&PID_18B7&MI_00\7&71D3624&0&0000
Service: usbvideo
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
Activate Norton Online Backup
Adblock Plus for IE
Adblock Plus for IE (32-bit and 64-bit)
Adobe Acrobat XI Pro
Adobe AIR
Adobe Flash Player 14 ActiveX
Adobe Flash Player 14 Plugin
Adobe Photoshop Elements 8.0
Adobe Premiere Elements 8.0
Adobe Reader XI (11.0.07)
Adobe Shockwave Player 12.1
AmpliTube 3 version 3.10.0
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcSoft Magic-i Visual Effects 2
ArcSoft WebCam Companion 3
Audacity 2.0.3
Bonjour
CCleaner
CryptoPrevent v5.2.1
Custom Shop version 1.1.0
D3DX10
Google Earth
Google Update Helper
iCloud
IE Java Block 32bit Shim
IE Java Block 64bit Shim
Intel PROSet Wireless
Intel(R) Control Center
Intel(R) Management Engine Components
Intel(R) PROSet/Wireless WiFi Software
Intel(R) Rapid Storage Technology
Intel(R) Turbo Boost Technology Driver
iTunes
Junk Mail filter update
Malwarebytes Anti-Exploit version 1.03.1.1220
Malwarebytes Anti-Malware version 2.0.2.1012
Media Gallery
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Mouse and Keyboard Center
Microsoft Office 2003 Web Components
Microsoft Office 2007 Primary Interop Assemblies
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Live Add-in 1.5
Microsoft Office Office 64-bit Components 2007
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business Connectivity Components
Microsoft Office Suite Activation Assistant
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Native Client
Microsoft SQL Server Setup Support Files (English)
Microsoft SQL Server VSS Writer
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MobileMe Control Panel
Mozilla Firefox 29.0.1 (x86 en-US)
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Norton 360
NVIDIA 3D Vision Driver 327.02
NVIDIA Control Panel 327.02
NVIDIA Graphics Driver 327.02
NVIDIA Install Application
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 1.14.17
NVIDIA Update Components
paint.net
Pale Moon 24.6.2 (x86 en-US)
PlayMemories Home Plug-in
PlayMemories Home/PMB VAIO Edition Plug-in 3D Theme Data
PlayMemories Home/PMB VAIO Edition Plug-in Ver.2.2 Upgrade Program
PMB
PMB VAIO Edition Guide
QuickTime 7
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
Realtek High Definition Audio Driver
RealUpgrade 1.1
Recuva
Remote Keyboard
Roxio Central Audio
Roxio Central Copy
Roxio Central Core
Roxio Central Data
Roxio Central Tools
Roxio Easy Media Creator 10 LJ
Roxio Easy Media Creator Home
Secunia PSI (3.0.0.7011)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition
Setting Utility Series
Setup_msm_VCMS_x64
Setup_msm_VOFS_x64
Setup_VEP_x64
SmartSound Quicktracks for Premiere Elements 8.0
SOHLib Merge Module
Sony Home Network Library
SpywareBlaster 5.0
SQLite_3_7_8_x64
SUPERAntiSpyware
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883030) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
UpdateService
VAIO - Media Gallery
VAIO - PlayMemories Home Plug-in
VAIO - PMB VAIO Edition Guide
VAIO - Remote Keyboard
VAIO Care
VAIO Care Recovery
VAIO Content Metadata Intelligent Analyzing Manager
VAIO Content Metadata Intelligent Network Service Manager
VAIO Content Metadata Manager Settings
VAIO Content Metadata XML Interface Library
VAIO Content Monitoring Settings
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Entertainment Platform
VAIO Event Service
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Manual
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Movie Story Template Data
VAIO Original Function Settings
VAIO Personalization Manager
VAIO Platform Update Program
VAIO Power Management
VAIO Smart Network
VAIO Transfer Support
VAIO Update
VAIO Wallpaper Contents
VGClientX64
VGClientX86
VU5x64
VU5x86
WIDCOMM Bluetooth Software
Windows Driver Package - Broadcom Bluetooth  (09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
7/17/2014 9:34:47 AM, Error: Service Control Manager [7001]  - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:  The dependency service or group failed to start.
7/17/2014 9:34:45 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
7/17/2014 9:34:45 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
7/17/2014 9:34:43 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
7/17/2014 9:34:43 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E}
7/17/2014 9:34:41 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
7/17/2014 9:34:33 AM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
7/17/2014 9:34:24 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD BHDrvx64 ccSet_N360 DfsC discache eeCtrl ESProtectionDriver IDSVia64 NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr SRTSPX SymIM SymIRON SymNetS tdx vwififlt Wanarpv6 WfpLwf ws2ifsl
7/17/2014 9:34:24 AM, Error: Service Control Manager [7001]  - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error:  A device attached to the system is not functioning.
7/17/2014 9:34:24 AM, Error: Service Control Manager [7001]  - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
7/17/2014 9:34:24 AM, Error: Service Control Manager [7001]  - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error:  The dependency service or group failed to start.
7/17/2014 9:34:24 AM, Error: Service Control Manager [7001]  - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
7/17/2014 9:34:24 AM, Error: Service Control Manager [7001]  - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
7/17/2014 9:34:20 AM, Error: Service Control Manager [7001]  - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error:  The dependency service or group failed to start.
7/17/2014 9:34:19 AM, Error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
7/17/2014 9:34:19 AM, Error: Service Control Manager [7001]  - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error:  A device attached to the system is not functioning.
7/17/2014 9:34:19 AM, Error: Service Control Manager [7001]  - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
7/17/2014 9:34:19 AM, Error: Service Control Manager [7001]  - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error:  A device attached to the system is not functioning.
7/17/2014 9:22:54 AM, Error: Service Control Manager [7009]  - A timeout was reached (30000 milliseconds) while waiting for the Roxio Upnp Server 10 service to connect.
7/17/2014 1:51:47 AM, Error: volsnap [14]  - The shadow copies of volume C: were aborted because of an IO failure on volume C:.
7/16/2014 2:06:24 PM, Error: Microsoft-Windows-HAL [12]  - The platform firmware has corrupted memory across the previous system power transition.  Please check for updated firmware for your system.
.
==== End Of File ===========================

[Corrine]

Hi, John.

I know you are using Pale Moon now.  If you decide to use Firefox, remember to install the latest update since it included security fixes.

Regarding System Restore, please do the following:

• Go to Control Panel\All Control Panel Items\Recovery
  
• Click the "Open System Restore" button. 
  
• Wait while System Restore opens and then click Next. 
  
• Is a restore point listed?  If not, click Cancel.
  
  • If no restore points are shown, please create a new restore point.  Shutdown/restart and follow the steps above to check that the restore point is listed.
    
  • If the last restore point created is shown, check the box at the bottom to "Show more restore points" to confirm other restore points are shown.
• Click cancel and close the Control Panel.

Please let me know the results of your findings.  Although I didn't see anything relating to Oracle Java in the logs, there are other orphaned entries but I don't want to make changes until confirming the results of System Restore.

Note:  Although the last System Restore point is grayed out with CCleaner, have you used CCleaner to cleaR SR? The setting is in Tools > System Restore. 

[JDBush61]

Hi Corrine, thanks for your quick reply.

As for Firefox, I actually never use it as Pale Moon seems to work great. I should probably just uninstall FF, yes? I currently have it installed merely as a backup browser.

As for the System Restore Point, I followed your instructions and it only showed the restore point that I created yesterday (7/18/2014) after I posted my logs. It's quite strange, as I don't remember deleting the previous restore points. Just out of curiosity, I created another restore point (7/19/14) after reading your reply, and now both appear to be saved.

I never use CCleaner to cleaR SR. I just use the most basic aspect of the program to clean cookies, history, etc. I checked Tools > System Restore (for the first time ever), and it shows both restore points, with today's restore point grayed out (disabled).

What do you suggest I do next? I'd like to clean out those orphaned entries, and do anything else you think will be a good tune-up.

Best, John

[Corrine]

Hi, John. 

That is good news about System Restore.  I wanted to have you use ComboFix to clear out the orphaned entries but, even though it creates a restore point, if SR was corrupt, I didn't want to take that step until we figured out what was happening.

Please follow these instructions carefully.  Download ComboFix from the following location:  Link 1

!!! IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your antivirus and anti-malware security applications. If not disabled, these programs will likely interfere with cleanup process. This can usually be accomplished by a right-click on the icon in the System Tray. 
  
  Note:  If you are unsure how to disable your security software, see the instructions in this topic at Tech Support Forum:  How to disable your security applications.
  
  
• If infections are found, ComboFix will automatically reboot the machine to complete the removal process.  Please ensure all opened windows are closed before proceeding.
  
• Double-click ComboFix.exe on your desktop and follow the prompts. 
  
• Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal.
  
• When finished, a log will be produced. Please copy C:\ComboFix.txt in your next reply.
  

[JDBush61]

Hi, Corrine.

Here is the Combofix log. By the way, it appears that Norton 360 SP (spyware?) was "enabled" during the Combofix scan. Did I do something wrong; i.e., did I fail to disable Norton correctly?

ComboFix 14-07-17.03 - Administrator Bush 07/19/2014  11:16:48.1.4 - x64
Microsoft Windows 7 Home Premium   [GMT 9:00]
Running from: c:\users\Administrator Bush\Desktop\ComboFix.exe
AV: Norton 360 *Disabled/Updated* {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
FW: Norton 360 *Disabled* {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
SP: Norton 360 *Enabled/Updated* {631E4324-D31C-783F-EC5C-35AD42B18466}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((   Files Created from 2014-06-19 to 2014-07-19  )))))))))))))))))))))))))))))))
.
.
2014-07-19 01:01 . 2014-07-19 01:01   --------   d-----w-   c:\program files (x86)\Mozilla Maintenance Service
2014-07-19 01:01 . 2014-06-06 04:39   46704   ----a-w-   c:\program files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
2014-07-09 01:58 . 2014-07-09 01:58   --------   d-----w-   c:\program files (x86)\Common Files\Adobe AIR
2014-07-08 01:36 . 2014-07-18 21:24   --------   d-----w-   c:\windows\system32\drivers\N360x64\1504000.00D
2014-07-08 01:26 . 2014-07-08 20:57   --------   d-----w-   c:\users\Administrator Bush\AppData\Local\Adobe
2014-06-26 15:30 . 2014-06-26 15:30   --------   d-----w-   c:\programdata\Foolish IT
2014-06-26 14:05 . 2014-06-26 14:05   --------   d-----w-   c:\program files\paint.net
2014-06-26 14:04 . 2014-06-26 14:08   --------   d-----w-   c:\users\Administrator Bush\AppData\Local\paint.net
2014-06-26 11:50 . 2014-07-15 06:37   122584   ----a-w-   c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-26 11:50 . 2014-06-26 11:50   --------   d-----w-   c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-26 11:50 . 2014-05-11 22:26   63704   ----a-w-   c:\windows\system32\drivers\mwac.sys
2014-06-26 11:50 . 2014-05-11 22:26   91352   ----a-w-   c:\windows\system32\drivers\mbamchameleon.sys
2014-06-26 11:50 . 2014-05-11 22:25   25816   ----a-w-   c:\windows\system32\drivers\mbam.sys
2014-06-24 00:52 . 2014-06-24 00:52   --------   d-----w-   c:\program files (x86)\SystemRequirementsLab
2014-06-24 00:51 . 2014-06-24 00:51   --------   d-----w-   c:\users\Administrator Bush\AppData\Roaming\SystemRequirementsLab
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-09 01:47 . 2012-04-03 01:29   699056   ----a-w-   c:\windows\SysWow64\FlashPlayerApp.exe
2014-07-09 01:47 . 2011-06-06 05:52   71344   ----a-w-   c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-07-08 21:34 . 2010-04-30 03:40   96441528   ----a-w-   c:\windows\system32\MRT.exe
2014-06-04 06:29 . 2014-06-04 06:29   53248   ----a-w-   c:\windows\SysWow64\zlib.dll
2014-06-04 00:54 . 2014-06-04 00:54   285208   ----a-w-   c:\windows\system32\drivers\tmcomm.sys
2014-05-10 00:13 . 2014-05-10 00:13   29014160   ----a-w-   C:\Firefox Setup 29.0.1.exe
2014-05-08 09:32 . 2014-06-10 19:35   3178496   ----a-w-   c:\windows\system32\rdpcorets.dll
2014-05-08 09:32 . 2014-06-10 19:35   16384   ----a-w-   c:\windows\system32\RdpGroupPolicyExtension.dll
2014-04-25 02:34 . 2014-06-10 19:35   801280   ----a-w-   c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-10 19:35   626688   ----a-w-   c:\windows\SysWow64\usp10.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinPatrol"="c:\program files (x86)\BillP Studios\WinPatrol\winpatrol.exe" [2014-06-03 1128000]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2009-08-27 320880]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2009-11-20 284696]
"Malwarebytes Anti-Exploit"="c:\program files (x86)\Malwarebytes Anti-Exploit\mbae.exe" [2014-06-04 382608]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-07-07 152392]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon]
2009-12-01 02:20   98304   ----a-w-   c:\windows\System32\VESWinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

• 
  R2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
• 
  R2 Roxio Upnp Server 10;Roxio Upnp Server 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUpnpService10.exe
• 
  R3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys
• 
  R3 aswArKrn;aswArKrn;c:\users\ADMINI~1\AppData\Local\Temp\aswArKrn.sys;c:\users\ADMINI~1\AppData\Local\Temp\aswArKrn.sys
• 
  R3 ATRK;ATRK;c:\users\Administrator Bush\Desktop\TrendMicro AntiThreat Toolkit\hc_attk\atrk64.sys;c:\users\Administrator Bush\Desktop\TrendMicro AntiThreat Toolkit\hc_attk\atrk64.sys
• 
  R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys
• 
  R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys
• 
  R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe
• 
  R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys
• 
  R3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys
• 
  R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys
• 
  R3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe;c:\program files (x86)\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe
• 
  R3 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe
• 
  R3 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
• 
  R3 SOHDms;VAIO Media plus Digital Media Server;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
• 
  R3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
• 
  R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys
• 
  R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys
• 
  R3 USER_ESRV_SVC;User Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe
• 
  R3 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
• 
  R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
• 
  R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
• 
  R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe
• 
  R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe
• 
  S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys
• 
  S0 shpf;Sony HDD Protection Filter Driver;c:\windows\system32\DRIVERS\shpf.sys;c:\windows\SYSNATIVE\DRIVERS\shpf.sys
• 
  S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\N360x64\1504000.00D\SYMDS64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMDS64.SYS
• 
  S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\N360x64\1504000.00D\SYMEFA64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\SYMEFA64.SYS
• 
  S1 BHDrvx64;BHDrvx64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140703.001\BHDrvx64.sys
• 
  S1 ccSet_N360;N360 Settings Manager;c:\windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\ccSetx64.sys
• 
  S1 ESProtectionDriver;Malwarebytes Anti-Exploit;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae64.sys
• 
  S1 IDSVia64;IDSVia64;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys;c:\program files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140718.001\IDSvia64.sys
• 
  S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS
• 
  S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS
• 
  S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS;c:\windows\SYSNATIVE\drivers\N360x64\1504000.00D\Ironx64.SYS
• 
  S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\N360x64\1504000.00D\SYMNETS.SYS
• 
  S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE
• 
  S2 AdobeActiveFileMonitor8.0;Adobe Active File Monitor V8;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
• 
  S2 ESRV_SVC;Energy Server Service;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1;c:\program files\Sony\VAIO Care\ESRV\esrv_svc.exe --AUTO_START --start --address 127.0.0.1
• 
  S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
• 
  S2 MbaeSvc;Malwarebytes Anti-Exploit Service;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe;c:\program files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
• 
  S2 N360;Norton 360;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe;c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
• 
  S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
• 
  S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
• 
  S2 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe
• 
  S2 rimspci;rimspci;c:\windows\system32\drivers\rimssne64.sys;c:\windows\SYSNATIVE\drivers\rimssne64.sys
• 
  S2 risdsnpe;risdsnpe;c:\windows\system32\drivers\risdsne64.sys;c:\windows\SYSNATIVE\drivers\risdsne64.sys
• 
  S2 SampleCollector;Intel(R) System Behavior Tracker Collector Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe
• 
  S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe
• 
  S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
• 
  S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
• 
  S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
• 
  S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
• 
  S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe
• 
  S3 dc3d;MS Hardware Device Detection Driver;c:\windows\system32\DRIVERS\dc3d.sys;c:\windows\SYSNATIVE\DRIVERS\dc3d.sys
• 
  S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
• 
  S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys;c:\windows\SYSNATIVE\drivers\HECIx64.sys
• 
  S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys;c:\windows\SYSNATIVE\drivers\Impcd.sys
• 
  S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys
• 
  S3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys;c:\windows\SYSNATIVE\DRIVERS\NETw5s64.sys
• 
  S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys
• 
  S3 semav6thermal64ro;semav6thermal64ro;c:\windows\system32\drivers\semav6thermal64ro.sys;c:\windows\SYSNATIVE\drivers\semav6thermal64ro.sys
• 
  S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys
• 
  S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
• 
  S3 VAIO Power Management;VAIO Power Management;c:\program files\Sony\VAIO Power Management\SPMService.exe;c:\program files\Sony\VAIO Power Management\SPMService.exe
• 
  S3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe
• 
  S3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\vuagent.exe;c:\program files\Sony\VAIO Update\vuagent.exe
• 
  .
  .
  Contents of the 'Scheduled Tasks' folder
  .
  2014-07-19 c:\windows\Tasks\Adobe Flash Player Updater.job
  - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 01:47]
  .
  2014-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 06:07]
  .
  2014-07-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
  - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-12 06:07]
  .
  .
  --------- X64 Entries -----------
  .
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-12-07 9636896]
  "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
  .
  ------- Supplementary Scan -------
  .
  uLocal Page = c:\windows\system32\blank.htm
  uStart Page = https://www.yahoo.com/
  mLocal Page = c:\windows\SysWOW64\blank.htm
  uInternet Settings,ProxyServer = cache.kpu-m.ac.jp:3128
  uInternet Settings,ProxyOverride = *.local
  TCP: DhcpNameServer = 192.168.131.1 163.139.21.197 163.139.230.164 210.196.191.66
  FF - ProfilePath - c:\users\Administrator Bush\AppData\Roaming\Mozilla\Firefox\Profiles\ywmg8h0l.default\
  FF - prefs.js: browser.startup.homepage - hxxps://www.yahoo.com/
  FF - prefs.js: network.proxy.http - cache.kpu-m.ac.jp
  FF - prefs.js: network.proxy.http_port - 3128
  FF - prefs.js: network.proxy.type - 1
  .
  - - - - ORPHANS REMOVED - - - -
  .
  Wow6432Node-HKLM-Run-<NO NAME> - (no file)
  SafeBoot-mcmscsvc
  SafeBoot-MCODS
  SafeBoot-SolutoService
  HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
  ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
  ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
  ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
  ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
  HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
  AddRemove-InstallShield_{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3} - c:\program files (x86)\InstallShield Installation Information\{B25563A0-41F4-4A81-A6C1-6DBC0911B1F3}\setup.exe
  .
  .
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\N360]
  "ImagePath"="\"c:\program files (x86)\Norton 360\Engine\21.4.0.13\N360.exe\" /s \"N360\" /m \"c:\program files (x86)\Norton 360\Engine\21.4.0.13\diMaster.dll\" /prefetch:1"
  --
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
  "ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
  "ImagePath"="\SystemRoot\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS"
  "TrustedImagePaths"="c:\program files (x86)\Norton 360\Engine\21.4.0.13;c:\program files (x86)\Norton 360\Engine64\21.4.0.13"
  .
  --------------------- LOCKED REGISTRY KEYS ---------------------
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe,-101"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
  "Enabled"=dword:00000001
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
  @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_145_ActiveX.exe"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="IFlashBroker5"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
  @="{00020424-0000-0000-C000-000000000046}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  "Version"="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JNLPFile]
  @DACL=(02 0000)
  @="JNLP File"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="FlashBroker"
  "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe,-101"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
  "Enabled"=dword:00000001
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_145_ActiveX.exe"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Shockwave Flash Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
  @="0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
  @="ShockwaveFlash.ShockwaveFlash.14"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="ShockwaveFlash.ShockwaveFlash"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
  @Denied: (A 2) (Everyone)
  @="Macromedia Flash Factory Object"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx"
  "ThreadingModel"="Apartment"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
  @="FlashFactory.FlashFactory.1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
  @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_145.ocx, 1"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
  @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
  @="1.0"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
  @="FlashFactory.FlashFactory"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
  @Denied: (A 2) (Everyone)
  @="IFlashBroker5"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
  @="{00020424-0000-0000-C000-000000000046}"
  .
  [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
  @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
  "Version"="1.0"
  .
  [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
  @Denied: (Full) (Everyone)
  .
  Completion time: 2014-07-19  11:26:10
  ComboFix-quarantined-files.txt  2014-07-19 02:26
  ComboFix2.txt  2014-03-28 01:08
  .
  Pre-Run: 207,848,427,520 bytes free
  Post-Run: 207,282,462,720 bytes free
  .
  - - End Of File - - 65C73F3A4A54C74F4BE5B09B212A8E54
  

[Corrine]

Hi, John.

Yes, you are correct.  Norton 360 SP is the anti-spyware feature. 

ComboFix took care of the orphans that were in your log.  If everything is working properly, please do the following to take care of removing the tools used:

Please download Delfix from here.

Ensure the following boxes are checked:

• Remove disinfection tools
  
• Create registry backup
  
• Purge system restore
  
  
• Click Run
  

The program will run for a few moments and then notepad will open with a log.   Please paste the log in your next reply.

[JDBush61]

If everything is working properly, please do the following to take care of removing the tools used:

Hi, Corrine.

I'm not quite sure if "everything is working properly", yet the computer seems mostly OK. The reason I say "mostly" is because yesterday Scotty alerted me that Internet Explorer was attempting to change the homepage (redirect, like a virus or something), and I told Scotty to "not allow". Then, when I tried to shut down the computer to go out for the evening, I got this strange message:

"2 programs still need to close:

(Waiting for) VCSystemTray.e
This program is preventing Windows from shutting down."

Then the following warning box popped up:

"VCSystemTray.exe - Application Error

(Red warning X) This exception unknown software exception (0xe0434352) occurred in
the application at location 0xfd909440d.                  [OK check box]"

So, do I have viruses on this box? Or is someone hacking me through a backdoor? Oh, also. Before reading your message I dragged the red Combofix file from the desktop to the trash and deleted it. Was I wrong in doing that?

Here is the Delfix.txt file log that you requested.
I did check Remove disinfection tool,  Create registry backup, and Purge system restore:

# DelFix v10.7 - Logfile created 20/07/2014 at 07:39:42
# Updated 27/04/2014 by Xplode
# Username : Administrator Bush - BUSHVAIO-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Removing disinfection tools ...

Deleted : C:\Qoobox
Deleted : C:\AdwCleaner
Deleted : C:\ComboFix.txt
Deleted : C:\sc-cleaner.txt
Deleted : C:\Users\Administrator Bush\Desktop\AdwCleaner.exe
Deleted : C:\Users\Administrator Bush\Desktop\AdwCleaner[R9]140630.txt
Deleted : C:\Users\Administrator Bush\Desktop\combofix log 140719.txt
Deleted : C:\Users\Administrator Bush\Desktop\HijackThis.exe
Deleted : C:\Users\Administrator Bush\Desktop\sc-cleaner.exe
Deleted : C:\Windows\grep.exe
Deleted : C:\Windows\PEV.exe
Deleted : C:\Windows\NIRCMD.exe
Deleted : C:\Windows\MBR.exe
Deleted : C:\Windows\SED.exe
Deleted : C:\Windows\SWREG.exe
Deleted : C:\Windows\SWSC.exe
Deleted : C:\Windows\SWXCACLS.exe
Deleted : C:\Windows\Zip.exe
Deleted : HKLM\SOFTWARE\AdwCleaner
Deleted : HKLM\SOFTWARE\Swearware
Deleted : HKLM\SOFTWARE\TrendMicro\Hijackthis
Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #465 [Restore Point Created 140718 | 07/18/2014 04:01:03]
Deleted : RP #466 [System Restore Point 140718 | 07/19/2014 00:27:20]
Deleted : RP #467 [Restore point after new FF install 140719 | 07/19/2014 01:04:33]

New restore point created !

########## - EOF - ##########

[Corrine]

Hi, John.

Isn't Scotty the best!  Had you run AdwCleaner?  It resets the home/start page to Google.

The vcsystemtray.exe is part of Sony's Vaio Care program.   It isn't unusual to receive the "programs need to close" message at shutdown.  If you use Vaio Care and receive the error again, you can reinstall it from VAIO Care 8.1 has been released - Sony's Community Site.

[JDBush61]

Hi, Corrine. Sorry for this belated reply. I had previously downloaded AdwCleaner to my desktop and had actually ran it a few times prior to posting this thread. However, I haven't touched it for over a week or more. Now, post running Combofix and Delfix, the AdwCleaner icon is missing from the desktop and the program is also missing from the installed programs list.

So, I suppose Combofix or Delfix for some reason deleted AdwCleaner?

As for WinPatrol, I actually don't know how to set it up and use it effectively. Will soon have to get around to reading the user instructions. I'm reading with interest the WinPatrol update thread that you started, and am kind of waiting for the dust to settle before updating to the new version.

Also, I just ran a Malwarebytes Threat Scan which found two potential threats.

Broken.OpenCommand       Registry Data       Quarantine     HKCR \piffile\shell\open \command
Broken.OpenCommand       Registry Data       Quarantine     HKCR \scrfile\shell\open \command


Are these false positives related to the CryptoPrevent program that I installed, or are these real threats?

[Corrine]

Hi, John.

Yes, as part of the cleanup of tools used, Delfix removed AdwCleaner.  You can download the most recent version from here:  Downloads - AdwCleaner - ToolsLib.  Do note that Xplode does update AdwCleaner fairly regularly.  It isn't a tool you need to keep onboard and run regularly.

You're also correct about the Malwarebytes findings.  See ky331's explanation and my reply here:  CryptoLocker Ransomware

[JDBush61]

Corrine, thanks a bunch for taking your time to look through my log files. It's always refreshing for me to know that my computers are clean and tuned up. Also, thanks for your advice regarding AdwCleaner.  Many times I wonder to myself if I am going overboard playing around with all these security programs/tools, especially since I don't completely understand what they are doing or how they might conflict with one another.

My goal over the coming week is to try and learn what WinPatrol actually does and how to set it up properly. Hmmmm, let's see now... how many years now have I had WinPatrol installed? (  :wink: )

[Corrine]

You are, as always, most welcome, John.

Regarding WinPatrol, you might want to watch this short video which nicely highlights the features of WinPatrol:  http://youtu.be/vLvALORtSEw

Please feel free to start a new thread (or threads if you prefer) in the LzD WinPatrol Help & Information forum with questions you may have about WinPatrol features and settings.