Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

BITCOIN MINING Trojan keeps on coming back and I don't know how to deal with it.


  • This topic is locked This topic is locked
15 replies to this topic

#1 Mitch358

Mitch358

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 19 June 2013 - 07:39 AM

Help! I can't seem to get rid of the Win32:BitCoinMiner Trojan in my laptop. Tried deleting them but they just keep on coming back. If i don't get rid of this soon, what will most likely to happen with my PC? 

 

Hope someone might be able to reply to this asap.

Attached Files



BC AdBot (Login to Remove)

 


#2 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 19 June 2013 - 07:42 AM

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.06.17.05
 
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16599
Mitzi :: MITZI [administrator]
 
Protection: Enabled
 
6/18/2013 9:04:09 AM
MBAM-log-2013-06-18 (09-24-14).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237437
Time elapsed: 14 minute(s), 27 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 1
C:\Users\Rey\AppData\Local\Temp\iswizard\iswizard.7z (Trojan.BitcoinMiner) -> No action taken.
 
(end)


DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.16537  BrowserJavaVersion: 10.5.0
Run by Mitzi at 8:15:18 on 2013-06-18
Microsoft Windows 8  6.2.9200.0.1252.1.1033.18.8064.4969 [GMT 8:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\dwm.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\dashost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files (x86)\Globe Tattoo\AssistantServices.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Microsoft Encarta\Encarta Premium DVD 2009\EDICT.EXE
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Users\Rey\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Rey\AppData\Roaming\Search Protection\SearchProtection.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
C:\Users\Rey\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Globe Tattoo\UIExec.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\INet\BackgroundService\ModemListener.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Sony\VAIO Improvement\vim.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Sony\VAIO Improvement\vim.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCWebServer.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
C:\Windows\syswow64\wwahost.exe
C:\Users\Rey\AppData\Local\Temp\~nsu.tmp\Au_.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.bing.com
uDefault_Page_URL = hxxp://sony13.msn.com
mWinlogon: Userinit = userinit.exe
BHO: privitize Helper Object: {1ACB5ABE-4890-4747-952C-F13BDB93FB75} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\bh\privitize.dll
BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: avast! EasyPass Toolbar: {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - 
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: privitize Toolbar: {1C46A0DD-D53E-46C4-A435-CA11103E255E} - C:\Program Files (x86)\Industriya\privitize\1.8.21.6\privitizeTlbr.dll
uRun: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
uRun: [AdobeBridge] <no file>
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
mRun: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [UIExec] "C:\Program Files (x86)\Globe Tattoo\UIExec.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
mRun: [Alcatel Limo ModemListener] C:\Program Files (x86)\INet\BackgroundService\ModemListener.exe start
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
mExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
StartupFolder: C:\Users\Rey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Rey\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Rey\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DisableCAD = dword:1
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Customize Menu - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Fill Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Save Forms - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Show avast! EasyPass Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
TCP: NameServer = 124.106.4.2 124.106.5.2 192.168.1.1
TCP: Interfaces\{40B7F4D9-D2E4-4FD8-8397-A9733A49E0AB} : DHCPNameServer = 10.100.10.1
TCP: Interfaces\{85D10839-4D70-4B17-9BCA-B542DD2AAFCD} : DHCPNameServer = 124.106.4.2 124.106.5.2 192.168.1.1
TCP: Interfaces\{85D10839-4D70-4B17-9BCA-B542DD2AAFCD}\2616A656471637479676 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{85D10839-4D70-4B17-9BCA-B542DD2AAFCD}\57E6479647C65646 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{85D10839-4D70-4B17-9BCA-B542DD2AAFCD}\D4943575966496 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{85D10839-4D70-4B17-9BCA-B542DD2AAFCD}\D4943575966496D27657563747 : DHCPNameServer = 172.31.97.244
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\27.0.1453.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO 
x64-Run: [BtPreLoad] "C:\Program Files (x86)\Bluetooth Suite\BtPreLoad.exe"
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-ExplorerRun: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-mPolicies-System: DisableCAD = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll
x64-IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - {552781AF-37E4-4FEE-920A-CED9E648EADD}
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;aswRvrt;C:\Windows\System32\Drivers\aswRvrt.sys [2013-5-21 65336]
R0 aswVmm;aswVmm;C:\Windows\System32\Drivers\aswVmm.sys [2013-5-21 189936]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2012-10-28 645952]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\Drivers\PxHlpa64.sys [2013-3-11 56208]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-3-11 1025808]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswSP.sys [2013-3-11 378432]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\Drivers\CLVirtualDrive.sys [2012-10-28 92536]
R2 Alcatel Limo Modem Device Helper;Alcatel Limo Modem Device Helper;C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe -start --> C:\Program Files (x86)\INet\BackgroundService\ServiceManager.exe -start [?]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-3-11 33400]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-3-11 80816]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2012-12-28 226944]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-21 46808]
R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-21 635104]
R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-10-28 128896]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-10-28 165760]
R2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
R3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;C:\Windows\System32\Drivers\btath_flt.sys [2013-4-3 89320]
R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.EXE [2012-6-11 240208]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\Drivers\btath_a2dp.sys [2013-4-3 345832]
R3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;C:\Windows\System32\Drivers\btath_avdt.sys [2013-4-3 115432]
R3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;C:\Windows\System32\Drivers\btath_bus.sys [2013-4-3 33944]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\Drivers\btath_hcrp.sys [2013-4-3 179432]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\Drivers\btath_lwflt.sys [2013-4-3 77464]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\Drivers\btath_rcp.sys [2013-4-3 136424]
R3 BTATH_VDP;Bluetooth VDP Driver;C:\Windows\System32\Drivers\btath_vdp.sys [2013-4-3 428008]
R3 BtFilter;BtFilter;C:\Windows\System32\Drivers\btfilter.sys [2013-4-3 578792]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-26 202752]
R3 BthMtpEnum;Bluetooth MTP Device Enumerator;C:\Windows\System32\Drivers\BthMtpEnum.sys [2012-7-26 64512]
R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\Drivers\IntcDAud.sys [2012-8-24 342528]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\Drivers\mbam.sys [2013-6-18 25928]
R3 rimssne;rimssne;C:\Windows\System32\Drivers\rimssne64.sys [2012-8-23 103424]
R3 risdsnxc;risdsnxc;C:\Windows\System32\Drivers\risdsnxc64.sys [2012-8-24 104960]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-7-26 683664]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\Drivers\SFEP.sys [2012-7-17 14336]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\Drivers\Smb_driver_Intel.sys [2012-8-24 43832]
R3 SOWS;Sony Wireless State Device;C:\Windows\System32\Drivers\sows.sys [2012-7-5 24280]
S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.EXE [2012-6-11 193616]
S3 AlcatelOTnet;AlcatelOT USB-NDIS miniport;C:\Windows\System32\Drivers\AlcatelOTUsbnet.sys [2013-4-21 138752]
S3 e1yexpress;Intel® Gigabit Network Connections Driver;C:\Windows\System32\Drivers\e1y60x64.sys [2012-6-2 283136]
S3 jrdusbser;Modem Interface Device for Legacy Serial Communication;C:\Windows\System32\Drivers\jrdusbser.sys [2013-4-21 120832]
S3 massfilter;ZTE Mass Storage Filter Driver;C:\Windows\System32\Drivers\massfilter.sys [2013-3-28 11776]
S3 NetworkSupport;NetworkSupport;C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2012-10-28 623784]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\Drivers\wdcsam64.sys [2008-5-6 14464]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-26 198656]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
FileExt: .js: jsfile="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-06-17 23:59:50 -------- d-----w- C:\Users\Rey\AppData\Roaming\Malwarebytes
2013-06-17 23:59:37 -------- d-----w- C:\ProgramData\Malwarebytes
2013-06-17 23:59:33 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-06-17 23:59:33 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-06-17 12:30:52 78200 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-17 12:30:51 693112 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-06-15 11:21:03 888320 ----a-w- C:\Windows\System32\autochk.exe
2013-06-15 11:21:03 793088 ----a-w- C:\Windows\SysWow64\autochk.exe
2013-06-15 11:21:03 542208 ----a-w- C:\Windows\System32\untfs.dll
2013-06-15 11:21:03 482816 ----a-w- C:\Windows\SysWow64\untfs.dll
2013-06-15 11:21:01 1300992 ----a-w- C:\Windows\System32\gdi32.dll
2013-06-15 11:21:01 1022464 ----a-w- C:\Windows\SysWow64\gdi32.dll
2013-06-15 11:19:57 120736 ----a-w- C:\Windows\System32\AuthHost.exe
2013-06-13 11:50:04 -------- d-----w- C:\Program Files (x86)\DownLite
2013-06-13 11:49:51 -------- d-----w- C:\Program Files (x86)\Industriya
2013-06-13 11:49:47 -------- d-----w- C:\Users\Rey\AppData\Roaming\Industriya
2013-06-13 10:21:36 -------- d-----w- C:\Users\Rey\AppData\Roaming\YourFileDownloader
2013-06-12 02:25:26 -------- d-----w- C:\Windows\Hewlett-Packard
2013-06-12 01:05:04 -------- d-----w- C:\ProgramData\Solidshield
2013-06-12 00:50:59 24920 ----a-w- C:\Windows\System32\X3DAudio1_6.dll
2013-06-12 00:20:23 189248 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2013-06-12 00:20:21 75136 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2013-06-12 00:20:20 -------- d-----w- C:\Users\Rey\AppData\Roaming\PunkBuster
2013-06-12 00:17:59 28168 ----a-w- C:\Windows\System32\X3DAudio1_4.dll
2013-06-11 11:29:56 -------- d-----w- C:\Users\Rey\AppData\Roaming\ExpressFiles
2013-06-11 09:59:22 264880 ----a-w- C:\ProgramData\Microsoft\Windows\Sqm\Manifest\Sqm10206.bin
2013-06-08 09:32:45 -------- d-----w- C:\Users\Rey\.thumbnails
2013-06-07 12:48:57 -------- d-----w- C:\Program Files (x86)\Foxit Software
2013-06-05 04:40:09 -------- d-----w- C:\Users\Rey\AppData\Local\fontconfig
2013-06-05 04:40:08 -------- d-----w- C:\Users\Rey\AppData\Local\gegl-0.2
2013-06-05 04:40:08 -------- d-----w- C:\Users\Rey\.gimp-2.8
2013-06-05 04:37:23 -------- d-----w- C:\Program Files\GIMP 2
2013-05-27 12:03:13 -------- d-----w- C:\Users\Rey\AppData\Roaming\Search Protection
2013-05-27 11:57:27 108448 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2013-05-27 11:06:54 -------- d-----w- C:\Users\Rey\AppData\Roaming\NCdownloader
2013-05-27 10:58:59 -------- d-----w- C:\ProgramData\InstallMate
2013-05-27 09:45:17 -------- dc----w- C:\Users\Rey\AppData\Local\MigWiz
2013-05-24 00:33:06 -------- d-----w- C:\Users\Rey\AppData\Roaming\calibre
2013-05-21 22:34:25 -------- d-----w- C:\Program Files (x86)\Siber Systems
2013-05-21 03:35:10 65336 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-05-21 03:35:10 189936 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
.
==================== Find3M  ====================
.
2013-05-27 11:57:23 971680 ----a-w- C:\Windows\System32\deployJava1.dll
2013-05-27 11:57:23 1092512 ----a-w- C:\Windows\System32\npDeployJava1.dll
2013-05-15 22:37:03 44032 ----a-w- C:\Windows\SysWow64\UXInit.dll
2013-05-15 22:35:49 53760 ----a-w- C:\Windows\System32\UXInit.dll
2013-05-14 13:14:01 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2013-05-14 09:23:31 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2013-05-09 08:59:07 72016 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-05-09 08:59:07 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-05-09 08:59:06 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-05-09 08:58:37 41664 ----a-w- C:\Windows\avastSS.scr
2013-05-04 07:45:29 2233600 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2013-05-04 07:34:17 446720 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2013-05-04 07:34:17 213248 ----a-w- C:\Windows\System32\drivers\UCX01000.SYS
2013-05-04 07:34:15 284416 ----a-w- C:\Windows\System32\drivers\spaceport.sys
2013-05-04 06:59:56 39424 ----a-w- C:\Windows\System32\wuapp.exe
2013-05-04 06:59:51 1483776 ----a-w- C:\Windows\System32\VSSVC.exe
2013-05-04 06:59:36 812544 ----a-w- C:\Windows\System32\Magnify.exe
2013-05-04 06:59:25 98304 ----a-w- C:\Windows\System32\wudriver.dll
2013-05-04 06:59:25 251904 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2013-05-04 06:59:25 141824 ----a-w- C:\Windows\System32\wuwebv.dll
2013-05-04 06:59:24 1619968 ----a-w- C:\Windows\System32\wucltux.dll
2013-05-04 06:59:08 13644288 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2013-05-04 06:58:54 328192 ----a-w- C:\Windows\System32\ubpm.dll
2013-05-04 06:58:54 10116096 ----a-w- C:\Windows\System32\twinui.dll
2013-05-04 06:58:49 173568 ----a-w- C:\Windows\System32\storewuauth.dll
2013-05-04 06:58:49 1332736 ----a-w- C:\Windows\System32\sysmain.dll
2013-05-04 06:58:48 330240 ----a-w- C:\Windows\System32\stobject.dll
2013-05-04 06:58:28 93696 ----a-w- C:\Windows\System32\psmsrv.dll
2013-05-04 06:58:02 470528 ----a-w- C:\Windows\System32\netprofmsvc.dll
2013-05-04 06:58:02 151552 ----a-w- C:\Windows\System32\netprofm.dll
2013-05-04 06:58:01 169984 ----a-w- C:\Windows\System32\netplwiz.dll
2013-05-04 06:57:59 17408 ----a-w- C:\Windows\System32\muifontsetup.dll
2013-05-04 06:57:46 560640 ----a-w- C:\Windows\System32\mfmp4srcsnk.dll
2013-05-04 06:57:15 501760 ----a-w- C:\Windows\System32\DevicePairing.dll
2013-05-04 06:57:05 179712 ----a-w- C:\Windows\System32\bisrv.dll
2013-05-04 06:57:05 122368 ----a-w- C:\Windows\System32\biwinrt.dll
2013-05-04 06:57:04 389120 ----a-w- C:\Windows\System32\BCP47Langs.dll
2013-05-04 06:57:04 2305024 ----a-w- C:\Windows\System32\authui.dll
2013-05-04 06:57:00 708096 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.dll
2013-05-04 06:57:00 1131520 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2013-05-04 06:56:53 419840 ----a-w- C:\Windows\System32\intl.cpl
2013-05-04 04:58:34 34304 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-05-04 04:58:14 758784 ----a-w- C:\Windows\SysWow64\Magnify.exe
2013-05-04 04:58:02 83968 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-05-04 04:58:02 125952 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-05-04 04:57:49 10788864 ----a-w- C:\Windows\SysWow64\Windows.UI.Xaml.dll
2013-05-04 04:57:39 8857088 ----a-w- C:\Windows\SysWow64\twinui.dll
2013-05-04 04:57:39 247296 ----a-w- C:\Windows\SysWow64\ubpm.dll
2013-05-04 04:57:35 303616 ----a-w- C:\Windows\SysWow64\stobject.dll
2013-05-04 04:57:16 18432 ----a-w- C:\Windows\SysWow64\npmproxy.dll
2013-05-04 04:57:04 151040 ----a-w- C:\Windows\SysWow64\netplwiz.dll
2013-05-04 04:57:04 115712 ----a-w- C:\Windows\SysWow64\netprofm.dll
2013-05-04 04:57:02 14336 ----a-w- C:\Windows\SysWow64\muifontsetup.dll
2013-05-04 04:56:48 411136 ----a-w- C:\Windows\SysWow64\mfmp4srcsnk.dll
2013-05-04 04:56:14 449536 ----a-w- C:\Windows\SysWow64\DevicePairing.dll
2013-05-04 04:56:06 92160 ----a-w- C:\Windows\SysWow64\biwinrt.dll
2013-05-04 04:56:05 309760 ----a-w- C:\Windows\SysWow64\BCP47Langs.dll
2013-05-04 04:56:05 2035712 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-04 04:55:58 389632 ----a-w- C:\Windows\SysWow64\intl.cpl
2013-05-04 04:51:38 14848 ----a-w- C:\Windows\System32\rars.rs
2013-05-04 04:48:33 83968 ----a-w- C:\Windows\System32\drivers\hidclass.sys
2013-05-04 04:48:26 27648 ----a-w- C:\Windows\System32\drivers\hidusb.sys
2013-05-04 04:47:02 427520 ----a-w- C:\Windows\System32\drivers\rdbss.sys
2013-05-04 04:10:47 14848 ----a-w- C:\Windows\SysWow64\rars.rs
2013-04-28 22:30:55 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-04-28 22:30:12 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-04-28 22:28:33 2241024 ----a-w- C:\Windows\System32\wininet.dll
2013-04-28 22:28:29 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-04-28 22:28:00 3958784 ----a-w- C:\Windows\System32\jscript9.dll
2013-04-27 05:20:12 733184 ----a-w- C:\Windows\System32\win32spl.dll
2013-04-23 23:13:53 1013248 ----a-w- C:\Windows\SysWow64\certutil.exe
2013-04-23 23:12:44 1569792 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-04-23 23:12:44 109056 ----a-w- C:\Windows\SysWow64\cryptnet.dll
2013-04-23 22:56:35 1255936 ----a-w- C:\Windows\System32\certutil.exe
2013-04-23 22:55:48 68096 ----a-w- C:\Windows\System32\cryptsvc.dll
2013-04-23 22:55:48 1889280 ----a-w- C:\Windows\System32\crypt32.dll
2013-04-23 22:55:48 141312 ----a-w- C:\Windows\System32\cryptnet.dll
2013-04-16 02:34:44 1455368 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2013-04-13 05:56:35 444416 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-11 06:40:48 6987528 ----a-w- C:\Windows\System32\ntoskrnl.exe
2013-04-09 05:33:02 489576 ----a-w- C:\Windows\System32\AudioEng.dll
2013-04-09 05:33:02 446792 ----a-w- C:\Windows\System32\AudioSes.dll
2013-04-09 05:33:02 253544 ----a-w- C:\Windows\System32\audiodg.exe
2013-04-09 05:20:02 86280 ----a-w- C:\Windows\System32\kdnet.dll
2013-04-09 05:20:02 306952 ----a-w- C:\Windows\System32\kd_02_10ec.dll
2013-04-09 05:18:05 77960 ----a-w- C:\Windows\System32\kdvm.dll
2013-04-09 05:17:57 1829408 ----a-w- C:\Windows\System32\ntdll.dll
2013-04-09 04:52:07 816128 ----a-w- C:\Windows\System32\SearchIndexer.exe
2013-04-09 04:52:07 373760 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2013-04-09 04:52:07 197120 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2013-04-09 04:52:07 126464 ----a-w- C:\Windows\System32\Robocopy.exe
2013-04-09 04:52:06 804352 ----a-w- C:\Windows\System32\RecoveryDrive.exe
2013-04-09 04:51:51 367616 ----a-w- C:\Windows\System32\conhost.exe
2013-04-09 04:51:45 523264 ----a-w- C:\Windows\System32\XpsGdiConverter.dll
2013-04-09 04:51:41 99840 ----a-w- C:\Windows\System32\wscsvc.dll
2013-04-09 04:51:41 456704 ----a-w- C:\Windows\System32\wpncore.dll
2013-04-09 04:51:17 595456 ----a-w- C:\Windows\System32\Windows.Networking.dll
2013-04-09 04:51:17 391168 ----a-w- C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2013-04-09 04:51:03 3552768 ----a-w- C:\Windows\System32\tquery.dll
2013-04-09 04:50:53 414720 ----a-w- C:\Windows\System32\GenuineCenter.dll
.
============= FINISH:  8:18:40.72 ===============


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume3
Install Date: 1/2/2013 9:23:53 AM
System Uptime: 6/18/2013 6:53:15 AM (2 hours ago)
.
Motherboard: Sony Corporation |  | VAIO
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz | N/A | 1200/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 661 GiB total, 523.373 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
 toolbar  
µTorrent
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Reader X (10.1.7) MUI
Adobe Shockwave Player 11.6
Adobe Widget Browser
ArtRage Studio
Assassin's Creed Brotherhood
avast! EasyPass
avast! Free Antivirus
Bing Bar
bl
ComicRack v0.9.160
CyberLink Power2Go 8
CyberLink PowerDVD
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dolby Home Theater v4
Dropbox
Encarta Search Bar (64-bit)
FDUx86
Foxit Reader
GIMP 2.8.4
Globe Tattoo
Google Chrome
Google Drive
Google Update Helper
HP Deskjet Ink Adv 2060 K110 Basic Device Software
HP Deskjet Ink Adv 2060 K110 Help
HP Deskjet Ink Adv 2060 K110 Product Improvement Study
HP Photo Creations
HP Update
HPDiagnosticAlert
INet
Intel® Management Engine Components
Intel® Processor Graphics
Intel® Rapid Storage Technology
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
Java 7 Update 21 (64-bit)
Java Auto Updater
Java™ 7 Update 5
K-Lite Codec Pack 9.4.0 (Full)
KUx86
Malwarebytes Anti-Malware version 1.75.0.1300
Microsoft Encarta Premium 2009
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
PDF Settings CS6
ph
PlayMemories Home
PunkBuster Services
Qualcomm Atheros Bluetooth Suite (64)
Realtek High Definition Audio Driver
Restore
SCS Shortcut
Search Protection
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition
Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
SSLx64
SSLx86
swMSM
Synaptics Pointing Device Driver
Ubisoft Game Launcher
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VAIO - Xperia Link
VAIO Care
VAIO Control Center
VAIO CPU Fan Diagnostic
VAIO Data Restore Tool
VAIO Easy Connect
VAIO Gate
VAIO Gate Default
VAIO Gesture Control
VAIO Image Optimizer
VAIO Improvement
VAIO Manual
VAIO Media Server Settings
VAIO Movie Creator Template Data
VAIO Transfer Support
VAIO Update
VCCx64
VCCx86
VGClientX64
VHD
VIx64
VIx86
VLC media player 2.0.6
VMLx86
VPMx64
VSSTx64
VSSTx86
VU5x64
VU5x86
VUx64
VUx86
VWSTx86
WinRAR 5.00 beta 4 (64-bit)
XperiaLinkx86
YTD Video Downloader 4.1
.
==== Event Viewer Messages From Past Week ========
.
6/18/2013 6:53:20 AM, Error: Microsoft-Windows-Kernel-General [6]  - An I/O operation initiated by the Registry failed unrecoverably.The Registry could not flush hive (file): ''.
6/17/2013 8:39:33 PM, Error: Service Control Manager [7031]  - The avast! Antivirus service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 5000 milliseconds: Restart the service.
6/17/2013 8:34:43 PM, Error: Service Control Manager [7022]  - The VAIO Care Performance Service service hung on starting.
6/17/2013 8:28:32 PM, Error: Service Control Manager [7011]  - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the FontCache3.0.0.0 service.
6/17/2013 8:03:51 PM, Error: volsnap [36]  - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
6/17/2013 7:16:32 PM, Error: NetBT [4321]  - The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.124. The computer with the IP address 192.168.1.123 did not allow the name to be claimed by this computer.
6/12/2013 2:12:25 PM, Error: MTConfig [1]  - An attempt to configure the input mode of a multitouch device failed.
.
==== End Of File ===========================


#3 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:55 PM

Posted 20 June 2013 - 03:46 AM

Hi there,
my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Please download Gmer from here by clicking on the "Download EXE" Button.

  • Double click on the randomly named GMER.exe. If asked to allow gmer.sys driver to load, please consent.
  • If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  • In the right panel, you will see several boxes that have been checked. Uncheck the following ...
    • Sections
    • IAT/EAT
    • Show All ( should be unchecked by default )
  • Leave everything else as it is.
  • Close all other running programs as well as your Browser.
  • Click the Scan button & wait for it to finish.
  • Once done click on the Save.. button, and in the File name area, type in "ark.txt" or it will save as a .log file which cannot be uploaded to your post.
  • Save it where you can easily find it, such as your desktop.
  • Please post the content of the ark.txt here.

**Caution**
Rootkit scans often produce false positives. Do NOT take any action on any "<--- ROOKIT" entries


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#4 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 20 June 2013 - 06:35 AM

Hi. I've uninstalled utorrent and the unfamiliar program named "toolbar" before I got the chance to read your post. Should I then make a set of new logs?



Hi. I've uninstalled utorrent and the unfamiliar program named "toolbar" before I got the chance to read your post. Should I then make a set of new logs?



#5 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:55 PM

Posted 20 June 2013 - 07:01 AM

No, just go on with gmer as we need the log.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#6 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 20 June 2013 - 07:04 AM

Hi Marius. Thanks for assissting. Unfortunately I uninstalled "utorrent" and an unfamiliar program named "toolbar" before I got the chance to read your reply. Should I then do another set of logs?



Hi Marius. Thanks for assisting. Unfortunately I uninstalled "utorrent" and an unfamiliar program named "toolbar" before I got the chance to read your reply. Should I then do another set of logs?



#7 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:55 PM

Posted 20 June 2013 - 07:04 AM

No, you dont have to create no logs but we need the log of gmer in addition.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#8 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 20 June 2013 - 08:39 AM

Downloaded it but the app can't run in my PC's version. 



#9 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:55 PM

Posted 20 June 2013 - 08:41 AM

Then try something else:

 

 

 

Please download Malwarebytes Anti-Rootkit from here Malwarebytes : Malwarebytes Anti-Rootkit and save it to your desktop.

Be sure to print out and follow the instructions provided on that same page.

Caution: This is a beta version so please be sure to read the disclaimer and back up any important data before using.

  • Double click the mbar.zip file to open it, then 'Extract all files'.
  • Double click the mbar folder to open it, then double click mbar.exe to start the tool.

Check for Updates, then Scan your system for malware

If malware is found, do NOT press the Cleanup button yet. Click EXIT.

I'd like to see the log first so I can see what it sees. You'll find the log in that mbar folder as MBAR-log-<date and time>***.txt . Please attach that to your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#10 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 22 June 2013 - 06:00 AM

It says that the scan has finished and no malware is found. does this mean it's all clear?

 

the log is named "system-log".txt

 

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.06.0.1004
 
© Malwarebytes Corporation 2011-2012
 
OS version: 6.2.9200 Windows 8 x64
 
Account is Administrative
 
Internet Explorer version: 10.0.9200.16599
 
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 8456122368, free: 5686865920
 
Downloaded database version: v2013.06.22.01
Initializing...
------------ Kernel report ------------
     06/22/2013 15:41:05
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\risdsnxc64.sys
\SystemRoot\System32\drivers\rimssne64.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\SFEP.sys
\SystemRoot\System32\drivers\sows.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\IntcDAud.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\BthLEEnum.sys
\SystemRoot\System32\drivers\rfcomm.sys
\SystemRoot\System32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\System32\drivers\bthmodem.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_vdp.sys
\SystemRoot\System32\drivers\btath_rcp.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\System32\drivers\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\BthMtpEnum.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\MTConfig.sys
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\FsDepends.sys
\SystemRoot\System32\drivers\vhdmp.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa8008c5e060
Upper Device Driver Name: \Driver\disk\
Lower Device Name: \Device\00000038\
Lower Device Object: 0xfffffa80074073b0
Lower Device Driver Name: \Driver\iaStorA\
<<<2>>>
Device number: 0, partition: 5
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa8008c5e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8008c5eb10, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8008c5e060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xfffffa8007405be0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa80074073b0, DeviceName: \Device\00000038\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
Device number: 0, partition: 5
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 5
Partition type: GUID
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 4327D55F
 
GPT Protective MBR Partition information:
 
    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295
 
    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
 
GPT Partition information:
 
    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 3433791084
    GPT Header CurrentLba = 1 BackupLba 1465149167
    GPT Header FirstUsableLba 34  LastUsableLba 1465149134
    GPT Header Guid 82b8b880-ddee-40f5-94d6-c876d21cb919
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128
 
    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 3433791084
    Backup GPT header CurrentLba = 1465149167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 1465149134
    Backup GPT header Guid 82b8b880-ddee-40f5-94d6-c876d21cb919
    Backup GPT header Contains 128 partition entries starting at LBA 1465149135
    Backup GPT header Partition entry size = 128
 
    Partition 0 Type f4019732-66e-4e12-8273-346c5641494f
    Partition ID 5912726f-8ede-47d9-8b5f-2b75789b273b
    FirstLBA 2048  Last LBA 534527
    Attributes 1
    Partition Name                 EFI system partition
 
    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID f2c27452-d040-40ec-a60-809278862ada
    FirstLBA 534528  Last LBA 3553279
    Attributes 1
    Partition Name                 Basic data partition
 
    Partition 2 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 5507cb18-e228-4d9a-b521-212ab79c2fae
    FirstLBA 3553280  Last LBA 4085759
    Attributes 0
    Partition Name                 EFI system partition
 
    GPT Partition 2 is bootable
    Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 9bc39567-ff71-42b5-9ee9-1e609c9633e6
    FirstLBA 4085760  Last LBA 4347903
    Attributes 0
    Partition Name         Microsoft reserved partition
 
    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID d2a94e33-a70d-4fb0-9bda-2849da18e2e8
    FirstLBA 4347904  Last LBA 1389723647
    Attributes 0
    Partition Name                 Basic data partition
 
    Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 77fc955b-c5d2-4a40-9786-2a3f8ab87154
    FirstLBA 1389723648  Last LBA 1465147391
    Attributes 1
    Partition Name                 Basic data partition
 
Disk Size: 750156374016 bytes
Sector size: 512 bytes
 
Done!
Scan finished


#11 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 22 June 2013 - 06:03 AM

during the system scan, the trojan popped up multiple times and moved to the virus chest... so far, after the scan it hasn't appeared yet. Should i delete the viruses in the quarantine list already?



#12 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 22 June 2013 - 06:19 AM

Oh wait. The trojan popped out again. so i'm guessing, it's still there.



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:55 PM

Posted 22 June 2013 - 07:01 AM

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 22 June 2013 - 07:46 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-06-2013 02
Ran by Mitzi at 2013-06-22 20:44:39 Run:
Running from C:\Users\Rey\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Installed Programs =======================
 
Adobe Acrobat X Pro - English, Français, Deutsch (Version: 10.1.1)
Adobe AIR (Version: 3.7.0.1860)
Adobe Creative Suite 6 Master Collection (Version: 6)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Help Manager (Version: 4.0.244)
Adobe Reader X (10.1.7) MUI (Version: 10.1.7)
Adobe Shockwave Player 11.6 (Version: 11.6.8.638)
Adobe Widget Browser (Version: 2.0 Build 348)
Adobe Widget Browser (Version: 2.0.348)
ArtRage Studio (Version: 3.5.5)
Assassin's Creed Brotherhood (Version: 1.03)
avast! EasyPass (Version: 7-7-8-128)
avast! Free Antivirus (Version: 8.0.1489.0)
Bing Bar (Version: 7.1.391.0)
Bit Coin Miner Removal Tool (Version: 1.0)
bl (Version: 1.0.0)
ComicRack v0.9.160 (Version: v0.9.160)
CyberLink Power2Go 8 (Version: 8.0.0.1923)
CyberLink PowerDVD (Version: 9.0.5601.52)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dolby Home Theater v4 (Version: 7.2.8000.17)
Dropbox (Version: 2.0.22)
Encarta Search Bar (64-bit) (Version: 1.0.0)
FDUx86 (Version: 1.0.0)
Foxit Reader (Version: 6.0.3.524)
GIMP 2.8.4 (Version: 2.8.4)
Globe Tattoo (Version: 1.0.0.1)
Google Chrome (Version: 27.0.1453.110)
Google Drive (Version: 1.9.4536.8202)
Google Update Helper (Version: 1.3.21.145)
HP Deskjet Ink Adv 2060 K110 Basic Device Software (Version: 28.0.1313.0)
HP Deskjet Ink Adv 2060 K110 Help (Version: 140.0.2.2)
HP Deskjet Ink Adv 2060 K110 Product Improvement Study (Version: 28.0.1313.0)
HP Photo Creations (Version: 1.0.0.7702)
HP Update (Version: 5.005.000.002)
HPDiagnosticAlert (Version: 1.00.0000)
INet
Intel® Management Engine Components (Version: 8.1.0.1252)
Intel® Processor Graphics (Version: 9.17.10.2817)
Intel® Rapid Storage Technology (Version: 11.5.3.1004)
Intel® SDK for OpenCL - CPU Only Runtime Package (Version: 2.0.0.37149)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java Auto Updater (Version: 2.1.6.0)
Java™ 7 Update 5 (Version: 7.0.50)
K-Lite Codec Pack 9.4.0 (Full) (Version: 9.4.0)
KUx86 (Version: 1.0.0)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft Encarta Premium 2009 (Version: 2009)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.6029.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
PDF Settings CS6 (Version: 11.0)
ph (Version: 1.0.0)
PlayMemories Home (Version: 6.3.02.07270)
PunkBuster Services (Version: 0.990)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.218)
Realtek High Definition Audio Driver (Version: 6.0.1.6748)
Restore (Version: 1.0.0)
SCS Shortcut (Version: 1.0)
Search Protection (Version: 7.3.0.3)
SSLx64 (Version: 1.0.0)
SSLx86 (Version: 1.0.0)
swMSM (Version: 12.0.0.1)
Synaptics Pointing Device Driver (Version: 16.2.10.5)
Ubisoft Game Launcher (Version: 1.0.0.0)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VAIO - Xperia Link (Version: 1.0.2.11280)
VAIO Care (Version: 8.2.0.15030)
VAIO Control Center (Version: 6.0.0.08200)
VAIO CPU Fan Diagnostic (Version: 1.1.0.09200)
VAIO Data Restore Tool (Version: 1.10.0.07270)
VAIO Easy Connect (Version: 8.2.0.14170)
VAIO Gate (Version: 3.0.1.02270)
VAIO Gate Default (Version: 3.0.0.08060)
VAIO Gesture Control (Version: 2.0.0.08240)
VAIO Image Optimizer (Version: 3.0.00.08170)
VAIO Improvement (Version: 2.0.0.08090)
VAIO Manual (Version: 3.0.0.08100)
VAIO Media Server Settings (Version: 1.0.2.11060)
VAIO Movie Creator Template Data (Version: 4.0.00.08170)
VAIO Transfer Support (Version: 1.8.0.08212)
VAIO Update (Version: 6.2.1.03260)
VCCx64 (Version: 1.0.0)
VCCx86 (Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VHD (Version: 1.0.0)
VIx64 (Version: 1.0.0)
VIx86 (Version: 1.0.0)
VLC media player 2.0.6 (Version: 2.0.6)
VMLx86 (Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (Version: 1.0.0)
VWSTx86 (Version: 1.0.0)
WinRAR 5.00 beta 4 (64-bit) (Version: 5.00.4)
XperiaLinkx86 (Version: 1.0.0)
YTD Video Downloader 4.1 (Version: 4.1)
 
==================== Restore Points  =========================
 
18-06-2013 01:31:43 Scheduled Checkpoint
22-06-2013 06:21:51 Windows Backup
22-06-2013 06:54:10 Windows Backup
 
==================== Hosts content: ==========================
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 localhost
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
 
There are more than 30 lines starting with "127.0.0.1"
 
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {00A7272E-3597-4F3D-A678-5521DD6867BB} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe No File
Task: {0C646CFB-7218-4882-BDB5-4F2C948A7A68} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {10D85952-E3F6-47A1-96CF-5E1C2D874EA6} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe [2012-07-26] (Microsoft Corporation)
Task: {13A2AC02-B682-48CC-9155-2E2673580117} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64 Critical
Task: {146CEF49-F42F-4967-B12A-CA0C917BA903} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup
Task: {174AFF9C-3F4F-4295-8293-C3B125A6990D} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {17644F17-DC4C-4AC8-9444-7AAA52EB5CDC} - System32\Tasks\Microsoft\Windows\NetCfg\BindingWorkItemQueueHandler
Task: {17E25676-DE2F-43AD-9ACA-808A72F213B5} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {1CC2196D-EF38-4E4F-95DF-458B47C8EC31} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {1DB7C2F1-876C-4F24-AD17-8428211113F9} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\ProcessMemoryDiagnosticEvents
Task: {214B24F4-FEB4-4C59-AF1F-70136065199C} - System32\Tasks\Microsoft\Windows\Shell\IndexerAutomaticMaintenance
Task: {21897AC2-FA20-41A2-A846-8644C36934D9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.)
Task: {23700E5C-0E77-499D-908A-415D5C6252F4} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Group Policy
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {2778A8E8-B076-4B40-BFF1-29F90B0252A5} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUFirmwareInstall
Task: {27E62932-C3F4-49BE-BAC1-04363C7CB25B} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {2A3B6778-5191-4CF3-A843-17430651BA4F} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2012-08-24] (Synaptics Incorporated)
Task: {2B34F318-498D-4CA8-A26B-8D9F8DF70167} - System32\Tasks\VHDInformationCheck => %ProgramFiles(x86)%\Sony\VAIO Recovery\plugins\InformationCheck.exe No File
Task: {2C6B9EA8-7F5A-4ABA-BF96-8D352D02A743} - System32\Tasks\Microsoft\Windows\Device Setup\Metadata Refresh
Task: {2E030FA7-3D7C-4E1D-8CFE-56ADB26FD402} - System32\Tasks\Microsoft\Windows\PI\Sqm-Tasks
Task: {3054485A-F517-4E95-9977-4DD827B1E9B3} - System32\Tasks\Microsoft\Windows\WS\Badge Update
Task: {30686B67-6844-40AE-BB1F-FA15243347FE} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUScheduledInstall
Task: {339C55DE-9B4F-4422-8337-268B1D23600B} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {378401BA-A703-444A-A79C-3C47AD2DC5B6} - System32\Tasks\Microsoft\Windows\TaskScheduler\Maintenance Configurator
Task: {3AE164E7-30CD-40BC-9422-3EC7A5618965} - System32\Tasks\Microsoft\Windows\WS\WSTask
Task: {3AEC207F-F4CE-49F9-9FB3-0AC13ABC182F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-09] (Google Inc.)
Task: {3C490ABD-D849-41AF-9AC4-87DD759B0996} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem
Task: {3DF65838-EAEE-4151-83F3-E1D92FCA2197} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-05-09] (AVAST Software)
Task: {3ED0008C-9DB4-4FC6-B3E3-E76DFA7723FE} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-mitzibajet@gmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {4073C1B3-6E16-4AA8-B7F3-C6A6D35D5071} - System32\Tasks\Microsoft\Windows\TPM\Tpm-Maintenance
Task: {41DF5FA8-329B-43B8-8132-16D3F870168D} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-03-26] (Sony Corporation)
Task: {44B3F1B8-5943-4072-8D8C-A9484676AC44} - System32\Tasks\Microsoft\Windows\Live\Roaming\SynchronizeWithStorage
Task: {483A8F5C-5D26-44B5-B49E-AF6741D1BBEB} - System32\Tasks\Microsoft\Windows\Mobile Broadband Accounts\MNO Metadata Parser => C:\Windows\System32\MbaeParserTask.exe [2012-07-26] (Microsoft Corporation)
Task: {4B952129-9AE9-41A3-BE2B-8AD2E06F66B6} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskLogon
Task: {52D59652-7E9A-4E89-91CF-4462943C5CF1} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2012-07-26] (Microsoft Corporation)
Task: {5755E746-D7ED-4C20-A472-66C11834CDE4} - System32\Tasks\Microsoft\Windows\TaskScheduler\Manual Maintenance
Task: {5B4BB466-3932-4D54-B471-B2CE8B018C85} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {5C4EFB77-EFA6-45DF-A373-D795C0725BFF} - System32\Tasks\Microsoft\Windows\Plug and Play\Device Install Reboot Required
Task: {5CD07245-8BFE-48DF-9F1F-5DB3E161A340} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-03-26] (Sony Corporation)
Task: {609C8EB7-89C9-49FB-A063-58F4CB987703} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {627441F3-8526-4B62-BF9A-1A3EA414E71A} - System32\Tasks\Microsoft\Windows\SpacePort\SpaceAgentTask => C:\Windows\system32\SpaceAgent.exe [2012-07-26] (Microsoft Corporation)
Task: {645FDAB9-03B4-4380-8B8C-05A9B147CED5} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {652EC8B1-FFF5-46E0-9F85-8CEAAEB7083E} - System32\Tasks\User_Feed_Synchronization-{A94BA353-96A3-4ECD-9A27-290BA2DD08EE} => C:\Windows\system32\msfeedssync.exe [2012-07-26] (Microsoft Corporation)
Task: {6E9DE125-5583-4031-B572-FEE48F25CFFF} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyMonitor => C:\Windows\System32\wpcmon.exe [2012-09-20] (Microsoft Corporation)
Task: {6EBB6FC0-A7AA-4911-8EF0-E795C0FDFCFC} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-09-01] (Dolby Laboratories Inc.)
Task: {6FDDEA7C-6310-428D-AEB2-54FFC72811EF} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319
Task: {71EEBB5F-D4C1-462E-8D15-660A4E23471B} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {7381DBD4-0397-47C4-8F79-E344CD588422} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {74096F94-B654-4DB0-96F5-3C3408B92FE3} - System32\Tasks\Microsoft\Windows\PI\Secure-Boot-Update
Task: {7A95CDA7-EE83-4954-AA9F-F7561735FFA7} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {7D9A9A1C-499C-40A6-8F8A-5BCC4CC9A87C} - System32\Tasks\Microsoft\Windows\TaskScheduler\Regular Maintenance
Task: {80FB0ED2-0EF9-4B95-B05E-BEAAB1BCCED3} - System32\Tasks\HPCustParticipation HP Deskjet Ink Adv 2060 K110 => C:\Program Files\HP\HP Deskjet Ink Adv 2060 K110\Bin\HPCustPartic.exe [2012-10-02] (Hewlett-Packard Co.)
Task: {845CB020-68B5-4C6B-9876-7BEC7B3E27AC} - System32\Tasks\Microsoft\Windows\TaskScheduler\Idle Maintenance
Task: {87354DAA-66DF-4B41-9346-15958D96E1D2} - System32\Tasks\Microsoft\Windows\FileHistory\File History (maintenance mode)
Task: {88A71FCF-B4B7-41EC-AADD-FD5D0C8B7BB1} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient No File
Task: {8D90BF1A-7D9A-455F-BF16-82F8D44E458B} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-02-26] (Sony Corporation)
Task: {921A1D4E-32FB-46D7-B6C0-6F467884074D} - System32\Tasks\Microsoft\Windows\WS\Sync Licenses
Task: {9479EF8E-11D4-41B3-9783-CC65070D592D} - System32\Tasks\Microsoft\Windows\Time Synchronization\ForceSynchronizeTime
Task: {94DCF254-64FB-4C4E-8E12-5F4055C10C2A} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 64
Task: {989A7C6D-BE82-4C3C-AF96-6116039E336B} - System32\Tasks\Microsoft\Windows\MemoryDiagnostic\RunFullMemoryDiagnostic
Task: {9C5DA73D-BA8B-4883-BF02-467B6E4416C3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => C:\Windows\System32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {A800277E-E202-4492-AD38-3312641CBC04} - System32\Tasks\Microsoft\Windows\Live\Roaming\MaintenanceTask
Task: {AB62FA47-2C99-44B1-A5D0-D4161423BE43} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyRefresh
Task: {AC6259DE-AC59-459E-849E-6ADFFD1ADE63} - System32\Tasks\Microsoft\Windows\Shell\CreateObjectTask
Task: {AEB0B5BD-B9E5-458A-898A-E559BD9EB51B} - System32\Tasks\Microsoft\Windows\SettingSync\BackgroundUploadTask
Task: {AF2A9415-3EF1-4F11-8FF4-0B6A49E9611E} - System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2718546967-354001364-2681443208-1001
Task: {AF549BD8-337C-4BF7-8681-36A182E30507} - System32\Tasks\Microsoft\Windows\Chkdsk\ProactiveScan
Task: {B4E59292-5A8D-41EF-BAAD-AC7DE780CEA6} - System32\Tasks\Microsoft\Windows\WindowsUpdate\AUSessionConnect
Task: {BADA94BA-3BF6-4F67-A9FE-4B5D60BE680E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2013-05-22] (Siber Systems)
Task: {BB18E47C-7F44-49AD-B11F-CDA31D4F6941} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2013-02-21] (Sony Corporation)
Task: {BC76AEF7-2CF0-4EB6-B65B-A8803E0B5E12} - System32\Tasks\Microsoft\Windows\AppID\SmartScreenSpecific
Task: {BCFD26EF-A6EC-4CFF-8A63-1A65BC4C3E0E} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {BF38C738-DD23-4047-AA21-0C40BB654138} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {C1ACCD1E-4385-4FB2-B5E4-7F2A57A626A2} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan
Task: {C463FD1E-31C7-4C20-AB65-08E514CA152D} - System32\Tasks\Microsoft\Windows\IME\SQM data sender
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {CD1054FF-8005-4904-8B9C-436EAB1E2021} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTaskNetwork
Task: {D5072EF1-DB0E-4D2C-A584-04E1576DE86F} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-29] (Sony Corporation)
Task: {D7BE83A3-9A49-4B2E-A9A1-092DF48588D7} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-03-26] (Sony Corporation)
Task: {DBCF6E1B-CE0A-441E-B7A5-219C8BE50C65} - System32\Tasks\Microsoft\Windows\.NET Framework\.NET Framework NGEN v4.0.30319 Critical
Task: {DC7D3287-6BDD-4CBA-B84F-2171E38D133A} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {DECE5921-598D-454B-9A04-B2DE95EFC1B3} - System32\Tasks\Microsoft\Windows\Data Integrity Scan\Data Integrity Scan for Crash Recovery
Task: {E298278A-61F9-48B9-84F2-8D1BB2D84527} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-10] (Sony Corporation)
Task: {E40709A3-F903-4126-93FE-2DE13DEC61C1} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start => C:\Windows\system32\sc.exe [2012-07-26] (Microsoft Corporation)
Task: {E4DFE66F-E089-4CC3-A70F-957223D565F4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask
Task: {E8DAA09B-DF2A-4951-9134-6FA9587793F9} - System32\Tasks\Microsoft\Windows\Plug and Play\Sysprep Generalize Drivers => C:\Windows\System32\drvinst.exe [2012-09-20] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => C:\Windows\system32\rundll32.exe [2012-07-26] (Microsoft Corporation)
Task: {ED0C1F69-C3A2-41EA-B8C3-3F0D83A1F6C0} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM
Task: {FA5AECCC-C3D8-4A05-B58C-A5D5F6ED7BC3} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe No File
Task: {FC2AB17D-47BA-454D-B3C5-923953412CA2} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {FE15BAD6-9CDB-4306-B2D0-0AFE8264E797} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/22/2013 03:27:55 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.2.9200.16433 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1ac0
 
Start Time: 01ce6f105bc4d948
 
Termination Time: 0
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: 3ca538ff-db0d-11e2-be9c-083e8ecfc528
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (06/21/2013 08:30:38 PM) (Source: Application Error) (User: )
Description: Faulting application name: svchost.exe, version: 6.2.9200.16420, time stamp: 0x505a9a4e
Faulting module name: ntdll.dll, version: 6.2.9200.16579, time stamp: 0x51637f77
Exception code: 0xc0000005
Fault offset: 0x0000000000001069
Faulting process id: 0x6ac
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
Faulting package full name: svchost.exe4
Faulting package-relative application ID: svchost.exe5
 
Error: (06/21/2013 02:35:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: SearchProtection.exe, version: 7.3.0.3, time stamp: 0x519cbea6
Faulting module name: SearchProtection.exe, version: 7.3.0.3, time stamp: 0x519cbea6
Exception code: 0xc0000005
Fault offset: 0x0001b70f
Faulting process id: 0xca8
Faulting application start time: 0xSearchProtection.exe0
Faulting application path: SearchProtection.exe1
Faulting module path: SearchProtection.exe2
Report Id: SearchProtection.exe3
Faulting package full name: SearchProtection.exe4
Faulting package-relative application ID: SearchProtection.exe5
 
Error: (06/21/2013 01:19:15 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005
 
Error: (06/20/2013 06:10:37 PM) (Source: Application Error) (User: )
Description: Faulting application name: Foxit Reader.EXE, version: 6.0.3.524, time stamp: 0x519eddc3
Faulting module name: Foxit Reader.EXE, version: 6.0.3.524, time stamp: 0x519eddc3
Exception code: 0xc0000005
Fault offset: 0x001dba2f
Faulting process id: 0x1cb4
Faulting application start time: 0xFoxit Reader.EXE0
Faulting application path: Foxit Reader.EXE1
Faulting module path: Foxit Reader.EXE2
Report Id: Foxit Reader.EXE3
Faulting package full name: Foxit Reader.EXE4
Faulting package-relative application ID: Foxit Reader.EXE5
 
Error: (06/20/2013 05:08:10 PM) (Source: Application Hang) (User: )
Description: The program Explorer.EXE version 6.2.9200.16433 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: ce0
 
Start Time: 01ce6d94aa04284a
 
Termination Time: 16
 
Application Path: C:\Windows\Explorer.EXE
 
Report Id: e9de7ef5-d988-11e2-be9c-083e8ecfc528
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (06/20/2013 11:37:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: MITZI)
Description: App microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos did not launch within its allotted time.
 
Error: (06/18/2013 08:12:24 AM) (Source: Application Error) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.2.9200.16384, time stamp: 0x5010a827
Faulting module name: VAIOImprovement.DLL_unloaded, version: 0.0.0.0, time stamp: 0x5084cd3c
Exception code: 0xc0000005
Fault offset: 0x000007ff6cf92e5c
Faulting process id: 0x1b5c
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
 
Error: (06/18/2013 07:44:11 AM) (Source: Application Error) (User: )
Description: Faulting application name: BrowserCleanup.exe, version: 8.0.1484.29, time stamp: 0x515b3af9
Faulting module name: BrowserCleanup.exe, version: 8.0.1484.29, time stamp: 0x515b3af9
Exception code: 0xc0000005
Fault offset: 0x000abaa9
Faulting process id: 0xa58
Faulting application start time: 0xBrowserCleanup.exe0
Faulting application path: BrowserCleanup.exe1
Faulting module path: BrowserCleanup.exe2
Report Id: BrowserCleanup.exe3
Faulting package full name: BrowserCleanup.exe4
Faulting package-relative application ID: BrowserCleanup.exe5
 
Error: (06/17/2013 07:49:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: backgroundTaskHost.exe, version: 6.2.9200.16384, time stamp: 0x5010a827
Faulting module name: VAIOImprovement.DLL_unloaded, version: 0.0.0.0, time stamp: 0x5084cd3c
Exception code: 0xc0000005
Fault offset: 0x000007fe86cf2e5c
Faulting process id: 0x620
Faulting application start time: 0xbackgroundTaskHost.exe0
Faulting application path: backgroundTaskHost.exe1
Faulting module path: backgroundTaskHost.exe2
Report Id: backgroundTaskHost.exe3
Faulting package full name: backgroundTaskHost.exe4
Faulting package-relative application ID: backgroundTaskHost.exe5
 
 
System errors:
=============
Error: (06/22/2013 08:35:38 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Account Sign-in Assistant service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:21 PM) (Source: Service Control Manager) (User: )
Description: The Application Experience service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
Error: (06/22/2013 08:32:04 PM) (Source: Service Control Manager) (User: )
Description: The Multimedia Class Scheduler service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (06/22/2013 03:27:55 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.2.9200.164331ac001ce6f105bc4d9480C:\Windows\Explorer.EXE3ca538ff-db0d-11e2-be9c-083e8ecfc528
 
Error: (06/21/2013 08:30:38 PM) (Source: Application Error)(User: )
Description: svchost.exe6.2.9200.16420505a9a4entdll.dll6.2.9200.1657951637f77c000000500000000000010696ac01ce6d9486e75201C:\Windows\system32\svchost.exeC:\Windows\SYSTEM32\ntdll.dll60c23216-da6e-11e2-be9c-083e8ecfc528
 
Error: (06/21/2013 02:35:23 PM) (Source: Application Error)(User: )
Description: SearchProtection.exe7.3.0.3519cbea6SearchProtection.exe7.3.0.3519cbea6c00000050001b70fca801ce6e469a4a7f73C:\Users\Rey\AppData\Roaming\Search Protection\SearchProtection.exeC:\Users\Rey\AppData\Roaming\Search Protection\SearchProtection.exebf9498b5-da3c-11e2-be9c-083e8ecfc528
 
Error: (06/21/2013 01:19:15 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005
 
Error: (06/20/2013 06:10:37 PM) (Source: Application Error)(User: )
Description: Foxit Reader.EXE6.0.3.524519eddc3Foxit Reader.EXE6.0.3.524519eddc3c0000005001dba2f1cb401ce6d9e04af68f5C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.EXEC:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Reader.EXEa6eabb19-d991-11e2-be9c-083e8ecfc528
 
Error: (06/20/2013 05:08:10 PM) (Source: Application Hang)(User: )
Description: Explorer.EXE6.2.9200.16433ce001ce6d94aa04284a16C:\Windows\Explorer.EXEe9de7ef5-d988-11e2-be9c-083e8ecfc528
 
Error: (06/20/2013 11:37:40 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: MITZI)
Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos
 
Error: (06/18/2013 08:12:24 AM) (Source: Application Error)(User: )
Description: backgroundTaskHost.exe6.2.9200.163845010a827VAIOImprovement.DLL_unloaded0.0.0.05084cd3cc0000005000007ff6cf92e5c1b5c01ce6bb80ac8337cC:\Windows\system32\backgroundTaskHost.exeVAIOImprovement.DLLc011217f-d7ab-11e2-be9a-083e8ecfc528BD9B8345.VAIOMessageCenter_1.3.0.5210_x64__05bme2bjq6sagSonyCorporation.VAIOMessageCenter
 
Error: (06/18/2013 07:44:11 AM) (Source: Application Error)(User: )
Description: BrowserCleanup.exe8.0.1484.29515b3af9BrowserCleanup.exe8.0.1484.29515b3af9c0000005000abaa9a5801ce6bb3c83960daC:\Users\Rey\AppData\Local\Temp\7zS7B14.tmp\BrowserCleanup.exeC:\Users\Rey\AppData\Local\Temp\7zS7B14.tmp\BrowserCleanup.execefa8d44-d7a7-11e2-be9a-083e8ecfc528
 
Error: (06/17/2013 07:49:50 PM) (Source: Application Error)(User: )
Description: backgroundTaskHost.exe6.2.9200.163845010a827VAIOImprovement.DLL_unloaded0.0.0.05084cd3cc0000005000007fe86cf2e5c62001ce6b50972112bbC:\Windows\system32\backgroundTaskHost.exeVAIOImprovement.DLL03c36b93-d744-11e2-be98-083e8ecfc528BD9B8345.VAIOMessageCenter_1.3.0.5210_x64__05bme2bjq6sagSonyCorporation.VAIOMessageCenter
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 38%
Total physical RAM: 8064.39 MB
Available physical RAM: 4924.73 MB
Total Pagefile: 9472.39 MB
Available Pagefile: 5248.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:660.6 GB) (Free:519.93 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 4327D55F)
 
Partition: GPT Partition Type
==================== End Of Log ============================

 



#15 Mitch358

Mitch358
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:08:55 PM

Posted 22 June 2013 - 07:49 AM

I'm not permitted to post the FRST log





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users