Inactive-A I can not access antivirus websites and microsoft webs

Status
Not open for further replies.
Well here are the reportfrom system look.... :

SystemLook 30.07.11 by jpshortstuff
Log created at 19:08 on 03/07/2013 by Sony
Administrator - Elevation successful

========== filefind ==========

Searching for "explorer.exe"
C:\explorer.exe --a---- 2954240 bytes [02:18 03/07/2013] [02:19 03/07/2013] (Unable to calculate MD5)
C:\Windows\explorer.exe --a---- 2936320 bytes [02:24 21/01/2008] [02:24 21/01/2008] 0FD467727F18AB4952FB5153F9070802
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe --a---- 2936320 bytes [02:24 21/01/2008] [02:24 21/01/2008] 0FD467727F18AB4952FB5153F9070802

-= EOF =-
 
SystemLook 30.07.11 by jpshortstuff
Log created at 19:08 on 03/07/2013 by Sony
Administrator - Elevation successful

========== filefind ==========

Searching for "explorer.exe"
C:\explorer.exe --a---- 2954240 bytes [02:18 03/07/2013] [02:19 03/07/2013] (Unable to calculate MD5)
C:\Windows\explorer.exe --a---- 2936320 bytes [02:24 21/01/2008] [02:24 21/01/2008] 0FD467727F18AB4952FB5153F9070802
C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe --a---- 2936320 bytes [02:24 21/01/2008] [02:24 21/01/2008] 0FD467727F18AB4952FB5153F9070802

-= EOF =-
 
1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:
FCopy::
C:\explorer.exe | C:\Windows\explorer.exe

ClearJavaCache::


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
Broni,, it seems to not work. The combo fix refuses to work under above circumstances. I did all the procedure to disable any other anti-virus / anti malware program. But the combofix constantly give a same reaction. I had download 3 times and do like message #20, The message always return as :

!! Alert !! It is not safe to continue

The contents with the ComboFix package has been compromised. Please download a fresh copy from:

Http://www.bleepingcomputer.com/combofix/how-to-use-combofix

Note : you may be infected by file patching virus 'Virut'
 
Please run a free online scan with the ESET Online Scanner

  • Disable your antivirus program
  • Tick the box next to YES, I accept the Terms of Use
  • Click Start
  • IMPORTANT! UN-check Remove found threats
  • Accept any security warnings from your browser.
  • Check Scan archives
  • Click Start
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push List of found threats
  • Click on Export to text file , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
 
Hi Broni,I tried to apply the ESET online scanner method.But again it comes to an error window for opera. I guess the virus still identify eset as an antivirus website. Any suggestion?
 
Please click HERE to download Kaspersky Virus Removal Tool.

  • Double click on the file you just downloaded and let it install.
  • It will install to your desktop (be patient; it may take a while).
  • Accept license agreement and click "Start" button.
  • Click on Settings button
    p4484522.gif
    • In Scan scope leave pre-checked items as they're and also checkmark My Computer
    • In Actions checkmark Select action: (disinfect; delete if disinfection fails) instead of preselected Prompt on detection
  • Click on Automatic Scan tab and then click on Start scanning button.
  • Before it is done it may prompt for action regardless of the setting so choose delete if prompted.
  • When the scan is done NO log will be produced.
  • Click on Report button
    p4484523.gif
    then on Automatic Scan report tab.
  • Right click anywhere within right pane, click Select All then right click again and click Copy.
  • This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad.
  • You can save this on the desktop.
  • Post the contents of the document in your next reply.
 
Broni, I need more time to continue on that task. I am curently defensing my final thesis. I will contact you again in a few days ya! TQ very much
 
My goodness, what a week... I had to make-up some revision on my paper. A few had been knoked down with a few things to go. I am realy sory Broni.... I had lost contact some few days.

I had tried your way with kaspersky... but it seems that it always jammed in the middle. Then after a jam, I have to force to shut the power down. I did not recover any report but, at the first time I run, a lot of program had been detected as virus by kaspersky.

The condition now,, I can not open any google affiliated website (google search, gmail, etc)...
But the happy news is that I now can update avg anti virus (BOO YAAA...!!!!)

*) happy feets...!!!

How can I make my browser to google again? (I use Opera V.12.16)
 
For x32 (x86) bit systems download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.
For x64 bit systems download Farbar Recovery Scan Tool 64-Bit and save it to a flash drive.

Plug the flashdrive into the infected PC.

If you are using Windows 8 consult How to use the Windows 8 System Recovery Environment Command Prompt to enter System Recovery Command prompt.

If you are using Vista or Windows 7 enter System Recovery Options.

To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.

To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.

On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

Next...

Re-run FRST again.
Type the following in the edit box after "Search:".

explorer.exe

Click Search button and post the log (Search.txt) it makes in your reply.

I'll expect two logs:
- FRST.txt
- Search.txt
 
Broni, I have to go out of my city,, maybe with no internet connection.
I will do those homework...but untill a fewdays, I will not able to contact you.

See you in a couple of days

TQ
 
Broni,, I am Back..

I try to do the "System Recovery Options from the Advanced Boot Options:", but it turns out that I did not find Repair your computer menu item.

So I did another try not from advanced boot options,but only drectly from the windows. By activating the frst.exe. ( I do not know wether this is wright or wrong).

I provide you the scan log and search log on the following messages.

--------------------------------------------------------------------------------------------------------------
Present conditions:
On my last mail I could not access any google affiliated websites. but now I can access all the websites (before doing your #37 mail homework).

But interesting that I still have another side effect after applying #32 mail homework.
The thing is that none of my video player works for playing videos. I had try to uninstall my codec. and try to reinstall it (if having any damage on the program). But the result is poor. I can hear the voice but no visual what so ever...

I guess it is another side effect of the #32 mail homework. Isn't it?
 
FRST log :


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 26-07-2013 01 (ATTENTION: FRST version is 10 days old)
Ran by Sony (administrator) on 05-08-2013 04:14:04
Running from C:\Users\Sony\Desktop\New Folder\tech support
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Smadsoft) C:\Program Files\Smadav\SMΔRTP.exe
(Somoto) C:\Users\Sony\AppData\Local\FilesFrog Update Checker\update_checker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
() C:\Windows\system32\PSIService.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2285232 2013-08-02] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [SMΔRT-Protection] - C:\Program Files\Smadav\SMΔRTP.exe [1568768 2013-07-25] (Smadsoft)
HKCU\...\Run: [SDP] - C:\Users\Sony\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\Default\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [ 2013-07-22] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2013-07-22] (Sony Corporation)
HKU\Default User\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\Sidebar.exe [ 2013-07-22] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2013-07-22] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_06682830.lnk
ShortcutTarget: _uninst_06682830.lnk -> C:\Users\Sony\AppData\Local\Temp\_uninst_06682830.bat ()
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_51412271.lnk
ShortcutTarget: _uninst_51412271.lnk -> C:\Users\Sony\AppData\Local\Temp\_uninst_51412271.bat ()
BootExecute: autocheck autochk * SsiEfr.exeC:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

ProxyServer: cache.itb.ac.id:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://rover.ebay.com/rover/1/711-52013-16445-0/4
http://www.learningcenter.sony.us/assets/itpd/notebooks/promos/software_offers/index.html
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
StartMenuInternet: IEXPLORE.EXE - "C:\Program Files\Internet Explorer\iexplore.exe"
SearchScopes: HKLM - DefaultScope {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKLM - {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={...9fa2483c127&lang=en&ds=AVG&pr=fr&d=2012-04-05 00:42:40&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={...9fa2483c127&lang=en&ds=AVG&pr=fr&d=2012-04-05 00:42:40&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU -AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKCU -No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 50.23.239.24 208.67.222.222

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\vahbyci0.default
FF Homepage: hxxp://www.google.com/
FF NetworkProxy: "ftp", "cache.itb.ac.id"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "cache.itb.ac.id"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "cache.itb.ac.id"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1,localhost,127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "cache.itb.ac.id"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "cache.itb.ac.id"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: testpilot - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\vahbyci0.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\Extensions.rdf
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\installed-extensions-processed.txt
FF HKLM\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5
FF HKLM\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF HKCU\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com

Chrome:
=======
CHR RestoreOnStartup: "sync":{"suppress_start":true},"sync_promo":{"startup_count"
CHR HKLM\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Sony\AppData\Roaming\SpeedanAlysis\speedanalysis.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-07-22] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2013-07-22] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-06] ()
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2013-07-22] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2818048 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2013-07-22] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292128 2007-09-29] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation)
R2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-08-02] (AVG Secure Search)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-29] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-29] (Sony Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" [x]
S3 VAIOMediaPlatform-Mobile-Gateway; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" [x]
S3 VAIOMediaPlatform-UCLS-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" [x]

==================== Drivers (Whitelisted) ====================

R0 06682830; C:\Windows\System32\DRIVERS\06682830.sys [133208 2013-07-22] (Kaspersky Lab ZAO)
R0 65401722; C:\Windows\System32\DRIVERS\65401722.sys [133208 2013-07-04] (Kaspersky Lab ZAO)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-08-02] (AVG Technologies)
S3 swmsflt; C:\Windows\System32\DRIVERS\swmsflt.sys [26504 2009-05-17] ()
S3 SWNC8U56; C:\Windows\System32\DRIVERS\swnc8u56.sys [177536 2009-01-22] (Sierra Wireless Inc.)
S3 SWUMX56; C:\Windows\System32\DRIVERS\swumx56.sys [145280 2009-01-09] (Sierra Wireless Inc.)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-05] (Texas Instruments)
S3 catchme; \??\C:\Users\Sony\AppData\Local\Temp\catchme.sys [x]
U3 Eap94xvt; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCTINDIS5; \??\C:\Windows\system32\PCTINDIS5.SYS [x]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [x]

==================== NetSvcs (Whitelisted) ===================

NETSVC: ewuyqixb -> No Registry Path.
NETSVC: esakzap -> No Registry Path.

==================== One Month Created Files and Folders ========

2013-08-05 04:13 - 2013-08-05 04:13 - 00000000 ____D C:\FRST
2013-08-04 13:57 - 2013-08-04 13:57 - 00000000 ____D C:\ProgramData\Xerox
2013-07-30 14:56 - 2013-07-31 15:54 - 00000000 ___RD C:\Users\Sony\Desktop\buat ngelamar2
2013-07-27 12:57 - 2013-07-27 13:04 - 00002737 _____ C:\Users\Sony\Desktop\iyung.txt
2013-07-27 00:47 - 2013-07-27 00:48 - 00000000 ____D C:\Users\Sony\Desktop\New Folder
2013-07-23 14:13 - 2013-07-22 16:15 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\06682830.sys
2013-07-23 00:44 - 2013-07-23 00:44 - 00000000 ____D C:\Users\Sony\AppData\Local\AVG Secure Search
2013-07-22 14:20 - 2013-07-22 14:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-22 14:19 - 2013-07-04 10:13 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\65401722.sys
2013-07-19 16:38 - 2013-07-19 17:11 - 00000212 _____ C:\Users\Sony\jalan2.txt
2013-07-19 09:36 - 2013-07-19 10:12 - 00000309 _____ C:\Users\Sony\web.txt
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Softland
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Program Files\Softland
2013-07-16 16:04 - 2013-05-09 10:54 - 00024384 _____ (Softland) C:\Windows\system32\dopdfmn7.dll
2013-07-16 16:04 - 2013-05-09 10:54 - 00021312 _____ (Softland) C:\Windows\system32\dopdfmi7.dll
2013-07-16 16:04 - 2010-11-25 11:41 - 00007549 _____ C:\Windows\system32\dopdf7.ctm
2013-07-09 12:14 - 2013-07-23 14:09 - 00000000 ___RD C:\Users\Sony\Dropbox
2013-07-09 12:11 - 2013-07-23 14:10 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Dropbox
2013-07-07 10:39 - 2013-07-07 11:03 - 00000000 ___SD C:\32788R22FWJFW

==================== One Month Modified Files and Folders =======

2013-08-05 04:13 - 2013-08-05 04:13 - 00000000 ____D C:\FRST
2013-08-05 04:11 - 2006-11-02 20:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-05 04:11 - 2006-11-02 19:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-05 04:11 - 2006-11-02 19:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-05 04:08 - 2008-12-01 18:43 - 00806354 _____ C:\Windows\WindowsUpdate.log
2013-08-05 04:08 - 2006-11-02 20:01 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-05 03:56 - 2008-12-01 16:27 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-08-05 03:56 - 2006-11-02 17:33 - 00694964 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-05 03:45 - 2013-05-20 17:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-05 01:10 - 2012-04-05 00:40 - 00000000 ____D C:\Windows\system32\Drivers\AVG
2013-08-04 15:47 - 2012-04-08 16:09 - 00000000 ____D C:\Users\Sony\AppData\Roaming\foobar2000
2013-08-04 15:10 - 2008-12-01 15:41 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Adobe
2013-08-04 15:10 - 2008-02-17 04:10 - 00000000 ____D C:\ProgramData\Adobe
2013-08-04 14:00 - 2012-10-31 13:51 - 00000000 ____D C:\Users\Sony\Documents\My Scans
2013-08-04 13:57 - 2013-08-04 13:57 - 00000000 ____D C:\ProgramData\Xerox
2013-08-02 23:02 - 2009-05-03 21:46 - 00136548 _____ C:\Windows\PFRO.log
2013-08-02 17:16 - 2012-04-08 05:07 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-08-02 17:16 - 2012-04-05 00:42 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-08-01 12:55 - 2013-04-18 05:34 - 00000000 ____D C:\IPOT
2013-08-01 12:54 - 2008-12-01 15:38 - 00000000 ___RD C:\Users\Sony\Desktop
2013-08-01 03:22 - 2013-07-01 14:44 - 00000000 ____D C:\Users\Sony\AppData\Roaming\DMCache
2013-07-31 15:54 - 2013-07-30 14:56 - 00000000 ___RD C:\Users\Sony\Desktop\buat ngelamar2
2013-07-31 15:09 - 2013-05-06 17:58 - 00005032 _____ C:\Windows\setupact.log
2013-07-27 13:04 - 2013-07-27 12:57 - 00002737 _____ C:\Users\Sony\Desktop\iyung.txt
2013-07-27 11:26 - 2013-04-19 17:47 - 00000000 ____D C:\[Smad-Cage]
2013-07-27 00:48 - 2013-07-27 00:47 - 00000000 ____D C:\Users\Sony\Desktop\New Folder
2013-07-27 00:44 - 2006-11-02 18:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-27 00:37 - 2013-04-14 15:45 - 00000000 ____D C:\Users\Sony\Desktop\Thesis b Juni
2013-07-25 02:37 - 2013-04-19 17:48 - 00000000 ____D C:\Program Files\Smadav
2013-07-24 12:21 - 2012-04-06 05:53 - 00000000 ____D C:\Users\Sony\Desktop\Pengangkatan cutting Tompaso
2013-07-23 14:10 - 2013-07-09 12:11 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Dropbox
2013-07-23 14:09 - 2013-07-09 12:14 - 00000000 ___RD C:\Users\Sony\Dropbox
2013-07-23 00:44 - 2013-07-23 00:44 - 00000000 ____D C:\Users\Sony\AppData\Local\AVG Secure Search
2013-07-23 00:43 - 2012-04-05 00:42 - 00000000 ____D C:\ProgramData\AVG Secure Search
2013-07-23 00:43 - 2012-04-05 00:42 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2013-07-22 16:15 - 2013-07-23 14:13 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\06682830.sys
2013-07-22 15:53 - 2008-01-21 09:25 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2013-07-22 15:53 - 2008-01-21 09:24 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-07-22 15:53 - 2008-01-21 09:23 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2013-07-22 15:52 - 2006-11-02 16:11 - 00014848 _____ (Microsoft Corporation) C:\Windows\hh.exe
2013-07-22 15:52 - 2006-11-02 16:11 - 00009216 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2013-07-22 14:53 - 2013-04-04 23:30 - 00000000 ____D C:\Program Files\foobar2000
2013-07-22 14:52 - 2013-06-25 19:06 - 00000000 ____D C:\Program Files\DigXY
2013-07-22 14:52 - 2013-04-04 23:20 - 00000000 ____D C:\Program Files\Kamus2
2013-07-22 14:52 - 2008-12-01 16:26 - 00000000 ____D C:\Program Files\WinRAR
2013-07-22 14:52 - 2008-12-01 16:25 - 00000000 ____D C:\Program Files\Winamp
2013-07-22 14:52 - 2008-01-21 09:25 - 00382976 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-22 14:52 - 2008-01-21 09:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\raserver.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00134656 _____ (Microsoft Corporation) C:\Windows\regedit.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\net.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
2013-07-22 14:52 - 2008-01-21 09:23 - 02091520 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2013-07-22 14:52 - 2008-01-21 09:23 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-07-22 14:52 - 2006-11-02 19:35 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe
2013-07-22 14:52 - 2006-11-02 15:55 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2013-07-22 14:52 - 2006-11-02 15:48 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\verclsid.exe
2013-07-22 14:52 - 2006-11-02 15:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\sc.exe
2013-07-22 14:52 - 2006-11-02 14:12 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2013-07-22 14:28 - 2008-02-17 03:08 - 00386560 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.exe
2013-07-22 14:20 - 2013-07-22 14:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-19 17:11 - 2013-07-19 16:38 - 00000212 _____ C:\Users\Sony\jalan2.txt
2013-07-19 16:38 - 2008-12-01 15:38 - 00000000 ____D C:\Users\Sony
2013-07-19 10:12 - 2013-07-19 09:36 - 00000309 _____ C:\Users\Sony\web.txt
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Softland
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Program Files\Softland
2013-07-11 21:53 - 2013-05-01 00:54 - 00000000 ____D C:\Program Files\Opera
2013-07-11 11:37 - 2008-12-01 18:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 12:45 - 2013-04-04 23:28 - 00000000 ____D C:\Users\Sony\Desktop\icon
2013-07-07 11:03 - 2013-07-07 10:39 - 00000000 ___SD C:\32788R22FWJFW

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 2936320 ____A (Microsoft Corporation) 0FD467727F18AB4952FB5153F9070802

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 0034304 ____A (Microsoft Corporation) F19FAE3A056BC242AB2E203ECC1A8951

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-05 03:55

==================== End Of Log ============================
 
Search : esplorer.exe log :


Farbar Recovery Scan Tool (x86) Version: 26-07-2013 01
Ran by Sony at 2013-08-05 04:17:32
Running from C:\Users\Sony\Desktop\New Folder\tech support
Boot Mode: Normal

================== Search: "explorer.exe" ===================

C:\explorer.exe
[2013-07-03 09:18] - [2013-07-03 09:19] - 2954240 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\explorer.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 2936320 ____A (Microsoft Corporation) 0FD467727F18AB4952FB5153F9070802

C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.0.6001.18000_none_51b4a71279bc6ebf\explorer.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 2936320 ____A (Microsoft Corporation) 0FD467727F18AB4952FB5153F9070802

=== End Of Search ===
 
Couple of things....

(ATTENTION: FRST version is 10 days old)
and...
Running from C:\Users\Sony\Desktop\New Folder\tech support

Delete your FRST file and...

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.

Also....

Upload following files to http://www.virustotal.com/ for security check:
- C:\Windows\explorer.exe
If the file is listed as already analyzed, click on Reanalyse file now button.
Post scan results.
 
I can not upload the C:\Windows\explorer.exe file as you mentioned. But I did the first task, here are the results :

I am still curious,,, does the codec malfunction from applying #32 mail homework?
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-08-2013 01
Ran by Sony (administrator) on 05-08-2013 14:36:57
Running from C:\Users\Sony\Desktop
Microsoft® Windows Vista™ Home Premium Service Pack 1 (X86) OS Language: English(US)
Internet Explorer Version 7
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2012\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgtray.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Smadsoft) C:\Program Files\Smadav\SMΔRTP.exe
(Somoto) C:\Users\Sony\AppData\Local\FilesFrog Update Checker\update_checker.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgwdsvc.exe
(InterVideo) C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Sony Corporation) C:\Program Files\Sony\Network Utility\NSUService.exe
() C:\Windows\system32\PSIService.exe
(Intuit) C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgemcx.exe
(Conexant Systems, Inc.) C:\Windows\system32\DRIVERS\xaudio.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2012\avgidsagent.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Opera Software) C:\Program Files\Opera\opera.exe
(Peter Pawlowski) C:\Program Files\foobar2000\foobar2000.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AVG_TRAY] - C:\Program Files\AVG\AVG2012\avgtray.exe [2598520 2012-11-19] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] - C:\Program Files\AVG Secure Search\vprot.exe [2285232 2013-08-02] ()
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
Winlogon\Notify\VESWinlogon: VESWinlogon.dll (Sony Corporation)
HKCU\...\Run: [SMΔRT-Protection] - C:\Program Files\Smadav\SMΔRTP.exe [1568768 2013-07-25] (Smadsoft)
HKCU\...\Run: [SDP] - C:\Users\Sony\AppData\Local\FilesFrog Update Checker\update_checker.exe [201808 2013-01-31] (Somoto)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2013-07-22] (Sony Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2008-01-21] (Microsoft Corporation)
HKU\Default User\...\Run: [NSUFloatingUI] - C:\Program Files\Sony\Network Utility\LANUtil.exe [ 2013-07-22] (Sony Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk
ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_06682830.lnk
ShortcutTarget: _uninst_06682830.lnk -> C:\Users\Sony\AppData\Local\Temp\_uninst_06682830.bat ()
Startup: C:\Users\Sony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_51412271.lnk
ShortcutTarget: _uninst_51412271.lnk -> C:\Users\Sony\AppData\Local\Temp\_uninst_51412271.bat ()
BootExecute: autocheck autochk * SsiEfr.exeC:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

ProxyServer: cache.itb.ac.id:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://rover.ebay.com/rover/1/711-52013-16445-0/4
http://www.learningcenter.sony.us/assets/itpd/notebooks/promos/software_offers/index.html
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKLM - {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKCU - DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={...9fa2483c127&lang=en&ds=AVG&pr=fr&d=2012-04-05 00:42:40&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKCU - {0536541C-BFBB-4A68-A4F8-5D39EDB7D65D} URL = http://search.aol.com/aolcom/search?query={searchTerms}&invocationType=sny_ie7;
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={...9fa2483c127&lang=en&ds=AVG&pr=fr&d=2012-04-05 00:42:40&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.4.0.5\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU -AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll (AOL LLC)
Toolbar: HKCU -No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - C:\Program Files\Intuit\QuickBooks 2008\HelpAsyncPluggableProtocol.dll (TODO: <Company name>)
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 50.23.239.24 208.67.222.222

FireFox:
========
FF ProfilePath: C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\vahbyci0.default
FF Homepage: hxxp://www.google.com/
FF NetworkProxy: "ftp", "cache.itb.ac.id"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "cache.itb.ac.id"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "http", "cache.itb.ac.id"
FF NetworkProxy: "http_port", 8080
FF NetworkProxy: "no_proxies_on", "localhost,127.0.0.1,localhost,127.0.0.1"
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "cache.itb.ac.id"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "cache.itb.ac.id"
FF NetworkProxy: "ssl_port", 8080
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.4.0\\npsitesafety.dll (AVG Technologies)
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: testpilot - C:\Users\Sony\AppData\Roaming\Mozilla\Firefox\Profiles\vahbyci0.default\Extensions\testpilot@labs.mozilla.com.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\Extensions.rdf
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\installed-extensions-processed.txt
FF HKLM\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.4.0.5
FF HKLM\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF HKCU\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Sony\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com

Chrome:
=======
CHR RestoreOnStartup: "sync":{"suppress_start":true},"sync_promo":{"startup_count"
CHR HKLM\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Sony\AppData\Roaming\SpeedanAlysis\speedanalysis.crx
CHR HKLM\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2013-07-22] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2012\avgidsagent.exe [5174392 2012-11-02] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2012\avgwdsvc.exe [193288 2012-02-14] (AVG Technologies CZ, s.r.o.)
R2 NSUService; C:\Program Files\Sony\Network Utility\NSUService.exe [204800 2008-01-17] (Sony Corporation)
S3 PACSPTISVR; C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe [57344 2013-07-22] ()
R2 ProtexisLicensing; C:\Windows\system32\PSIService.exe [177704 2007-06-06] ()
S3 SPTISRV; C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe [69632 2013-07-22] (Sony Corporation)
S3 VAIO Entertainment TV Device Arbitration Service; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe [73728 2013-07-22] (Sony Corporation)
R2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [182392 2007-08-15] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe [2818048 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-IntegratedServer-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-AppServer; C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe [745472 2013-07-22] (Sony Corporation)
S3 VAIOMediaPlatform-UCLS-UPnP; C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [1089536 2013-07-22] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [292128 2007-09-29] (Sony Corporation)
R3 Vcsw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe [274432 2007-06-28] (Sony Corporation)
R2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-08-02] (AVG Secure Search)
R2 VzCdbSvc; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe [192512 2007-08-29] (Sony Corporation)
R2 VzFw; C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe [131072 2007-08-29] (Sony Corporation)
S2 CLTNetCnService; "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon [x]
S3 VAIOMediaPlatform-IntegratedServer-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-IntegratedServer-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="Applications\IntegratedServer\HTTP" [x]
S3 VAIOMediaPlatform-Mobile-Gateway; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe" /Service=VAIOMediaPlatform-Mobile-Gateway /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Addons\Packages\Mobile\Gateway" /DisplayName="VAIO Media Gateway Server" [x]
S3 VAIOMediaPlatform-UCLS-HTTP; "C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe" /Service=VAIOMediaPlatform-UCLS-HTTP /RegRoot="SOFTWARE\Sony Corporation\VAIO Media Platform\2.0" /RegExt="\Applications\UCLS\HTTP" [x]

==================== Drivers (Whitelisted) ====================

R0 06682830; C:\Windows\System32\DRIVERS\06682830.sys [133208 2013-07-22] (Kaspersky Lab ZAO)
R0 65401722; C:\Windows\System32\DRIVERS\65401722.sys [133208 2013-07-04] (Kaspersky Lab ZAO)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [142176 2012-12-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\avgidsfilterx.sys [24144 2011-12-23] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [24896 2012-04-19] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [17232 2011-12-23] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [250080 2012-11-08] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [41040 2011-12-23] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [31952 2012-01-31] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [302368 2013-04-11] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-08-02] (AVG Technologies)
S3 swmsflt; C:\Windows\System32\DRIVERS\swmsflt.sys [26504 2009-05-17] ()
S3 SWNC8U56; C:\Windows\System32\DRIVERS\swnc8u56.sys [177536 2009-01-22] (Sierra Wireless Inc.)
S3 SWUMX56; C:\Windows\System32\DRIVERS\swumx56.sys [145280 2009-01-09] (Sierra Wireless Inc.)
R3 ti21sony; C:\Windows\System32\drivers\ti21sony.sys [812544 2007-06-05] (Texas Instruments)
S3 catchme; \??\C:\Users\Sony\AppData\Local\Temp\catchme.sys [x]
U3 Eap94xvt; No ImagePath
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 PCTINDIS5; \??\C:\Windows\system32\PCTINDIS5.SYS [x]
S3 SWUMX20; system32\DRIVERS\swumx20.sys [x]

==================== NetSvcs (Whitelisted) ===================

NETSVC: ewuyqixb -> No Registry Path.
NETSVC: esakzap -> No Registry Path.

==================== One Month Created Files and Folders ========

2013-08-05 14:33 - 2013-08-05 14:33 - 01228856 _____ (Farbar) C:\Users\Sony\Desktop\FRST.exe
2013-08-05 04:13 - 2013-08-05 04:13 - 00000000 ____D C:\FRST
2013-08-04 13:57 - 2013-08-04 13:57 - 00000000 ____D C:\ProgramData\Xerox
2013-07-30 14:56 - 2013-07-31 15:54 - 00000000 ___RD C:\Users\Sony\Desktop\buat ngelamar2
2013-07-27 12:57 - 2013-07-27 13:04 - 00002737 _____ C:\Users\Sony\Desktop\iyung.txt
2013-07-27 00:47 - 2013-07-27 00:48 - 00000000 ____D C:\Users\Sony\Desktop\New Folder
2013-07-23 14:13 - 2013-07-22 16:15 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\06682830.sys
2013-07-23 00:44 - 2013-07-23 00:44 - 00000000 ____D C:\Users\Sony\AppData\Local\AVG Secure Search
2013-07-22 14:20 - 2013-07-22 14:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-22 14:19 - 2013-07-04 10:13 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\65401722.sys
2013-07-19 16:38 - 2013-07-19 17:11 - 00000212 _____ C:\Users\Sony\jalan2.txt
2013-07-19 09:36 - 2013-07-19 10:12 - 00000309 _____ C:\Users\Sony\web.txt
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Softland
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Program Files\Softland
2013-07-16 16:04 - 2013-05-09 10:54 - 00024384 _____ (Softland) C:\Windows\system32\dopdfmn7.dll
2013-07-16 16:04 - 2013-05-09 10:54 - 00021312 _____ (Softland) C:\Windows\system32\dopdfmi7.dll
2013-07-16 16:04 - 2010-11-25 11:41 - 00007549 _____ C:\Windows\system32\dopdf7.ctm
2013-07-09 12:14 - 2013-07-23 14:09 - 00000000 ___RD C:\Users\Sony\Dropbox
2013-07-09 12:11 - 2013-07-23 14:10 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Dropbox
2013-07-07 10:39 - 2013-07-07 11:03 - 00000000 ___SD C:\32788R22FWJFW

==================== One Month Modified Files and Folders =======

2013-08-05 14:33 - 2013-08-05 14:33 - 01228856 _____ (Farbar) C:\Users\Sony\Desktop\FRST.exe
2013-08-05 14:33 - 2006-11-02 19:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-05 14:33 - 2006-11-02 19:47 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-05 14:29 - 2012-04-05 00:40 - 00000000 ____D C:\Windows\system32\Drivers\AVG
2013-08-05 14:29 - 2006-11-02 17:33 - 00694964 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-05 14:26 - 2012-04-08 16:09 - 00000000 ____D C:\Users\Sony\AppData\Roaming\foobar2000
2013-08-05 14:22 - 2006-11-02 20:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-05 04:35 - 2008-12-01 18:43 - 00811430 _____ C:\Windows\WindowsUpdate.log
2013-08-05 04:35 - 2006-11-02 20:01 - 00032642 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-05 04:13 - 2013-08-05 04:13 - 00000000 ____D C:\FRST
2013-08-05 03:56 - 2008-12-01 16:27 - 00000000 ____D C:\Program Files\K-Lite Codec Pack
2013-08-05 03:45 - 2013-05-20 17:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-04 15:10 - 2008-12-01 15:41 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Adobe
2013-08-04 15:10 - 2008-02-17 04:10 - 00000000 ____D C:\ProgramData\Adobe
2013-08-04 14:00 - 2012-10-31 13:51 - 00000000 ____D C:\Users\Sony\Documents\My Scans
2013-08-04 13:57 - 2013-08-04 13:57 - 00000000 ____D C:\ProgramData\Xerox
2013-08-02 23:02 - 2009-05-03 21:46 - 00136548 _____ C:\Windows\PFRO.log
2013-08-02 17:16 - 2012-04-08 05:07 - 00037664 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx86.sys
2013-08-02 17:16 - 2012-04-05 00:42 - 00000000 ____D C:\Program Files\AVG Secure Search
2013-08-01 12:55 - 2013-04-18 05:34 - 00000000 ____D C:\IPOT
2013-08-01 03:22 - 2013-07-01 14:44 - 00000000 ____D C:\Users\Sony\AppData\Roaming\DMCache
2013-07-31 15:54 - 2013-07-30 14:56 - 00000000 ___RD C:\Users\Sony\Desktop\buat ngelamar2
2013-07-31 15:09 - 2013-05-06 17:58 - 00005032 _____ C:\Windows\setupact.log
2013-07-27 13:04 - 2013-07-27 12:57 - 00002737 _____ C:\Users\Sony\Desktop\iyung.txt
2013-07-27 11:26 - 2013-04-19 17:47 - 00000000 ____D C:\[Smad-Cage]
2013-07-27 00:48 - 2013-07-27 00:47 - 00000000 ____D C:\Users\Sony\Desktop\New Folder
2013-07-27 00:37 - 2013-04-14 15:45 - 00000000 ____D C:\Users\Sony\Desktop\Thesis b Juni
2013-07-25 02:37 - 2013-04-19 17:48 - 00000000 ____D C:\Program Files\Smadav
2013-07-24 12:21 - 2012-04-06 05:53 - 00000000 ____D C:\Users\Sony\Desktop\Pengangkatan cutting Tompaso
2013-07-23 14:10 - 2013-07-09 12:11 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Dropbox
2013-07-23 14:09 - 2013-07-09 12:14 - 00000000 ___RD C:\Users\Sony\Dropbox
2013-07-23 00:44 - 2013-07-23 00:44 - 00000000 ____D C:\Users\Sony\AppData\Local\AVG Secure Search
2013-07-23 00:43 - 2012-04-05 00:42 - 00000000 ____D C:\ProgramData\AVG Secure Search
2013-07-23 00:43 - 2012-04-05 00:42 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2013-07-22 16:15 - 2013-07-23 14:13 - 00133208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\06682830.sys
2013-07-22 15:53 - 2008-01-21 09:25 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\wpnpinst.exe
2013-07-22 15:53 - 2008-01-21 09:24 - 01792512 _____ (Microsoft Corporation) C:\Windows\system32\mmc.exe
2013-07-22 15:53 - 2008-01-21 09:23 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\sdclt.exe
2013-07-22 15:52 - 2006-11-02 16:11 - 00014848 _____ (Microsoft Corporation) C:\Windows\hh.exe
2013-07-22 15:52 - 2006-11-02 16:11 - 00009216 _____ (Microsoft Corporation) C:\Windows\winhlp32.exe
2013-07-22 14:53 - 2013-04-04 23:30 - 00000000 ____D C:\Program Files\foobar2000
2013-07-22 14:52 - 2013-06-25 19:06 - 00000000 ____D C:\Program Files\DigXY
2013-07-22 14:52 - 2013-04-04 23:20 - 00000000 ____D C:\Program Files\Kamus2
2013-07-22 14:52 - 2008-12-01 16:26 - 00000000 ____D C:\Program Files\WinRAR
2013-07-22 14:52 - 2008-12-01 16:25 - 00000000 ____D C:\Program Files\Winamp
2013-07-22 14:52 - 2008-01-21 09:25 - 00382976 _____ (Microsoft Corporation) C:\Windows\system32\vds.exe
2013-07-22 14:52 - 2008-01-21 09:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\raserver.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00520704 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\net1.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00134656 _____ (Microsoft Corporation) C:\Windows\regedit.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\conime.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\net.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpremove.exe
2013-07-22 14:52 - 2008-01-21 09:24 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\UI0Detect.exe
2013-07-22 14:52 - 2008-01-21 09:23 - 02091520 _____ (Microsoft Corporation) C:\Windows\system32\dfsr.exe
2013-07-22 14:52 - 2008-01-21 09:23 - 00056320 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Sidebar
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Photo Gallery
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 14:52 - 2006-11-02 19:37 - 00000000 ____D C:\Program Files\Movie Maker
2013-07-22 14:52 - 2006-11-02 19:35 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\StikyNot.exe
2013-07-22 14:52 - 2006-11-02 15:55 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\bthudtask.exe
2013-07-22 14:52 - 2006-11-02 15:48 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\verclsid.exe
2013-07-22 14:52 - 2006-11-02 15:35 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\sc.exe
2013-07-22 14:52 - 2006-11-02 14:12 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\Narrator.exe
2013-07-22 14:28 - 2008-02-17 03:08 - 00386560 _____ (Conexant Systems, Inc.) C:\Windows\system32\Drivers\XAudio.exe
2013-07-22 14:20 - 2013-07-22 14:20 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-19 17:11 - 2013-07-19 16:38 - 00000212 _____ C:\Users\Sony\jalan2.txt
2013-07-19 16:38 - 2008-12-01 15:38 - 00000000 ____D C:\Users\Sony
2013-07-19 10:12 - 2013-07-19 09:36 - 00000309 _____ C:\Users\Sony\web.txt
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Users\Sony\AppData\Roaming\Softland
2013-07-16 16:04 - 2013-07-16 16:04 - 00000000 ____D C:\Program Files\Softland
2013-07-11 21:53 - 2013-05-01 00:54 - 00000000 ____D C:\Program Files\Opera
2013-07-11 11:37 - 2008-12-01 18:58 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-09 12:45 - 2013-04-04 23:28 - 00000000 ____D C:\Users\Sony\Desktop\icon
2013-07-07 11:03 - 2013-07-07 10:39 - 00000000 ___SD C:\32788R22FWJFW

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 2936320 ____A (Microsoft Corporation) 0FD467727F18AB4952FB5153F9070802

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe
[2008-01-21 09:24] - [2008-01-21 09:24] - 0034304 ____A (Microsoft Corporation) F19FAE3A056BC242AB2E203ECC1A8951

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-05 14:30

==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-08-2013 01
Ran by Sony at 2013-08-05 14:40:16
Running from C:\Users\Sony\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

32 Bit HP CIO Components Installer (Version: 1.0.0)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Photoshop CS (Version: CS)
Adobe Reader 8.1.0 (Version: 8.1.0)
Adobe Shockwave Player 12.0 (Version: 12.0.0.112)
Alps Pointing-device for VAIO
AOL Toolbar 4.0
AVG 2012 (Version: 12.0.3209)
AVG 2012 (Version: 12.1.2242)
AVG 2012 (Version: 2012.1.2242)
AVG Security Toolbar (Version: 15.4.0.5)
BufferChm (Version: 100.0.170.000)
Bundled software uninstaller
CCleaner (remove only)
Click to Disc (Version: 1.0.00.11080)
Click to Disc Editor (Version: 1.0.00)
Copy (Version: 100.0.170.000)
Corel Paint Shop Pro Photo X2 (Version: 12.001.0000)
Crackle Screen Saver 1.0 (Version: 1.0)
CurveExpert
CurveExpert Professional (Version: 2.0.0)
CustomerResearchQFolder (Version: 1.00.0000)
Destination Component (Version: 100.0.0.0)
DeviceDiscovery (Version: 100.0.190.000)
DeviceManagementQFolder (Version: 1.00.0000)
DigXY 1.2 (Version: 1.02.0001)
DJ_AIO_03_F2200_ProductContext (Version: 100.0.215.000)
DJ_AIO_03_F2200_Software (Version: 100.0.206.000)
DJ_AIO_03_F2200_Software_Min (Version: 100.0.239.000)
doPDF 7.3 printer
Driver Installer (Version: 2.2.0.536)
eSupportQFolder (Version: 1.00.0000)
Excel Tool VBA Password Recovery 10.6.1
F2200 (Version: 100.0.206.000)
F2200_Help (Version: 100.0.206.000)
F2200_NCL_Help (Version: 100.0.206.000)
FilesFrog Update Checker
foobar2000 v1.1.15 (Version: 1.1.15)
Foxit Reader 5.1 (Version: 5.1.4.104)
GearDrvs (Version: 1)
GeoFlow
Google Earth (Version: 4.2.205.5730)
GPBaseService (Version: 100.0.187.000)
GraphExpert Professional (Version: 1.1.0)
HDAUDIO SoftV92 Data Fax Modem with SmartCP
HP Customer Participation Program 10.0 (Version: 10.0)
HP Deskjet F2200 All-In-One Driver Software 10.0 Rel .3 (Version: 10.0)
HP Imaging Device Functions 10.0 (Version: 10.0)
HP Photosmart Essential 2.5 (Version: 1.02.0000)
HP Photosmart Essential 2.5 (Version: 2.5)
HP Smart Web Printing (Version: 3.5)
HP Solution Center 10.0 (Version: 10.0)
HP Update (Version: 4.000.007.003)
HPProductAssistant (Version: 100.0.170.000)
HPSSupply (Version: 100.0.170.000)
Intel(R) Graphics Media Accelerator Driver
IPOT 5.2.8.2 (Version: 5.2.8.2)
Java 7 Update 25 (Version: 7.0.250)
Java Auto Updater (Version: 2.1.9.5)
Kamus 2.04 (Version: 2.04)
K-Lite Codec Pack 9.8.5 (Basic) (Version: 9.8.5)
LightScribe 1.4.142.1 (Version: 1.4.142.1)
LocationFree Player (Version: 4.02.0000)
Malwarebytes Anti-Malware version 1.75.0.1300 (Version: 1.75.0.1300)
MarketResearch (Version: 100.0.170.000)
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4763.1000)
Microsoft Office Proofing (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Office Visio Professional 2003 (Version: 11.0.3216.5614)
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4763.1000)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Works (Version: 9.7.0621)
Motorola Driver Installation (Version: 2.8.0)
Mozilla Firefox 20.0.1 (x86 en-US) (Version: 20.0.1)
Mozilla Maintenance Service (Version: 20.0.1)
MSXML 4.0 SP2 Parser and SDK (Version: 4.20.9818.0)
Nokia Connectivity Adapter Cable DKU-5
Norton 360 (Version: 1.2.0.10)
NTI Backup NOW! 4.7 (Version: 4)
NTI CD & DVD-Maker (Version: 7)
Office Tab Free Edition 7.00 (Version: v7.00)
OpenMG Limited Patch 4.7-07-15-19-01
OpenMG Secure Module 4.7.00 (Version: 4.7.00.12140)
Opera 12.11 (Version: 12.11.1661)
Opera 12.16 (Version: 12.16.1860)
PSSWCORE (Version: 2.02.0000)
QuickBooks Simple Start 2008 (Version: 18.0.4001.606)
Quicktime Browser Plug-In
Realtek High Definition Audio Driver
Roxio Activation Module (Version: 1.0)
Roxio Easy Media Creator Home (Version: 9.1.095)
Scan (Version: 10.1.0.0)
Setting Utility Series (Version: 3.1.00.09240)
Shop for HP Supplies (Version: 10.0)
Sierra Wireless Watcher (Version: 5.0.1986.0006)
SmartWebPrintingOC (Version: 100.0.189.000)
SolutionCenter (Version: 100.0.175.000)
SonicStage Mastering Studio (Version: 2.3.01)
SonicStage Mastering Studio Audio Filter (Version: 2.3.01)
SonicStage Mastering Studio Audio Filter Custom Preset (Version: 2.3)
SonicStage Mastering Studio Plugins (Version: 2.4)
Sony Video Shared Library (Version: 3.3.00)
Status (Version: 100.0.175.000)
SupportSoft Assisted Service (Version: 15)
swMSM (Version: 12.0.0.1)
Toolbox (Version: 100.0.170.000)
TrayApp (Version: 100.0.170.000)
UnloadSupport (Version: 10.0.0)
VAIO Center Access Bar (Version: 1.00.1001)
VAIO Content Folder Setting (Version: 1.0.01.09270)
VAIO Content Metadata Intelligent Analyzing Manager (Version: 2.1.00.09284)
VAIO Content Metadata Manager Setting (Version: 2.1.00.09281)
VAIO Content Metadata XML Interface Library (Version: 2.1.00.09202)
VAIO Control Center (Version: 2.1.00.09190)
VAIO DVD Menu Data Basic (Version: 1.0.00.08130)
VAIO Entertainment Center (Version: 3.00.1005)
VAIO Entertainment Platform (Version: 3.0.00.06280)
VAIO Event Service (Version: 3.3.00.09200)
VAIO Help and Support (Version: 4.00.1016.NRVP)
VAIO Launcher (Version: 1.1.00.09190)
VAIO Media (Version: 6.0.10)
VAIO Media 6.0 (Version: 6.0.10)
VAIO Media AC3 Decoder 1.0
VAIO Media Content Collection 6.0
VAIO Media Integrated Server 6.2
VAIO Media Redistribution 6.0 (Version: 6.0.10)
VAIO Media Registration Tool (Version: 6.0.10)
VAIO Media Registration Tool 6.0 (Version: 6.0.10)
VAIO Movie Story (Version: 1.1.00.10160)
VAIO Movie Story Template Data (Version: 1.1.00.09281)
VAIO MusicBox (Version: 1.1.01.09240)
VAIO MusicBox Sample Music (Version: 1.0.01.09210)
VAIO OOBE and Welcome Center (Version: 4.00.1015.US)
VAIO PC Wireless LAN Wizard (Version: 1.01.1015)
VAIO Power Management (Version: 2.3.00.10100)
VAIO Productivity Center (Version: 3.00.1015)
VAIO Security Center (Version: 6.00.1015)
VAIO Service Utility (Version: 1.2.0.0)
VAIO Smart Network (Version: 1.2.01.13070)
VAIO Startup Assistant (Version: 1.00.1019)
VAIO Survey (Version: 5.00.7207)
VAIO Update 3 (Version: 3.0.04.09200)
VAIO Wallpaper Contents (Version: 1.0.00.09200)
VideoToolkit01 (Version: 100.0.128.000)
WebReg (Version: 100.0.170.000)
Winamp (remove only)
WinDVD for VAIO (Version: 8.0-B8.411)
WinRAR archiver
Yahoo! Messenger


==================== Restore Points =========================

24-06-2013 23:31:41 Scheduled Checkpoint
25-06-2013 12:05:42 Installed DigXY 1.2
25-06-2013 16:29:32 Installed Java 7 Update 25
27-06-2013 08:17:42 Scheduled Checkpoint
28-06-2013 05:23:22 Scheduled Checkpoint
29-06-2013 07:31:17 Scheduled Checkpoint
30-06-2013 07:52:41 Before Malwarebytes Anti-Rootkit Install
03-07-2013 22:17:21 Scheduled Checkpoint
04-07-2013 17:00:37 Scheduled Checkpoint
05-07-2013 09:58:51 Scheduled Checkpoint
07-07-2013 22:51:16 Scheduled Checkpoint
09-07-2013 15:32:42 Scheduled Checkpoint
10-07-2013 19:43:51 Scheduled Checkpoint
12-07-2013 05:35:50 Scheduled Checkpoint
12-07-2013 22:30:04 Scheduled Checkpoint
13-07-2013 21:00:08 Scheduled Checkpoint
14-07-2013 13:31:31 Scheduled Checkpoint
16-07-2013 23:06:37 Scheduled Checkpoint
21-07-2013 20:11:17 Scheduled Checkpoint
22-07-2013 08:30:24 Scheduled Checkpoint
25-07-2013 16:30:11 Scheduled Checkpoint
31-07-2013 05:57:04 Scheduled Checkpoint
02-08-2013 16:40:12 Scheduled Checkpoint

==================== Hosts content: ==========================

2006-11-02 17:23 - 2013-07-02 01:13 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {19D9C94A-CBED-422D-9C70-858BD2AE5C0D} - System32\Tasks\VAIO Service Utility => C:\Program Files\Sony\VAIO Service Utility\VAIO-SU.exe [2007-09-26] ()
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {678D0A4E-2420-4639-B013-1B14E2A0A313} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-21] (Microsoft Corporation)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {D7FFDF73-7D00-4721-8FA0-81BD455503B2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {DB6C3FB0-750A-46B1-AEE8-CE83CD033BCD} - System32\Tasks\SONY\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe [2007-09-21] (Sony Corporation)
Task: {DC72D0DE-E53D-4A51-84F8-47A5E95D16B3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-16] (Adobe Systems Incorporated)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/05/2013 02:41:16 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:41:04 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:40:44 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:40:16 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:39:56 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:39:36 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:39:16 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:38:56 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:38:36 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:38:16 PM) (Source: Windows Search Service) (User: )
Description: Unable to initialize the filter host process. Terminating.


Details:
The system cannot find the file specified. (0x80070002)


System errors:
=============
Error: (08/05/2013 02:24:39 PM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (08/05/2013 02:24:13 PM) (Source: Service Control Manager) (User: )
Description: Boot Task%%126

Error: (08/05/2013 02:24:13 PM) (Source: Service Control Manager) (User: )
Description: Time Shell%%126

Error: (08/05/2013 02:24:13 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/05/2013 02:22:47 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos

Error: (08/05/2013 04:12:59 AM) (Source: Service Control Manager) (User: )
Description: HP CUE DeviceDiscovery Service

Error: (08/05/2013 04:12:43 AM) (Source: Service Control Manager) (User: )
Description: Time Shell%%126

Error: (08/05/2013 04:12:43 AM) (Source: Service Control Manager) (User: )
Description: Boot Task%%126

Error: (08/05/2013 04:12:43 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (08/05/2013 04:11:11 AM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueueKerberos


Microsoft Office Sessions:
=========================
Error: (08/05/2013 02:41:16 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:41:04 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:40:44 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:40:16 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:39:56 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:39:36 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:39:16 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:38:56 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:38:36 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)

Error: (08/05/2013 02:38:16 PM) (Source: Windows Search Service)(User: )
Description:
Details:
The system cannot find the file specified. (0x80070002)


CodeIntegrity Errors:
===================================
Date: 2013-08-05 14:37:15.095
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:15.074
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:15.051
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:15.030
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:14.999
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:14.978
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:14.956
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:14.934
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:00.985
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

Date: 2013-08-05 14:37:00.962
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 58%
Total physical RAM: 2037.69 MB
Available physical RAM: 847.47 MB
Total Pagefile: 4318.63 MB
Available Pagefile: 2905.59 MB
Total Virtual: 2047.88 MB
Available Virtual: 1916.3 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:90.42 GB) (Free:21.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive h: (Data) (Fixed) (Total:87.97 GB) (Free:42.52 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 186 GB) (Disk ID: DA30E8B5)
Partition 1: (Not Active) - (Size=8 GB) - (Type=27)
Partition 2: (Active) - (Size=90 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=88 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 
I can not upload the C:\Windows\explorer.exe file as you mentioned
Why?

Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    282 bytes · Views: 2
Broni, I am curently on a remote area. I am in a city near a jungle.
I can not do the task yet... because my laptop is not on my hand. I am using public facility.

I hope that it is OK... I will contact you soon. maybe next week after I had finished my journey.

Thank you for your [FONT=arial]patience...[/FONT]
 
Status
Not open for further replies.
Back