Inactive My Sony Vaio running really slow and freezing at times!!!

Stryfe220

Posts: 15   +0
Recently in the last month or two my computer has seemingly gotten slower and is now freezing at times. The sound will glitch as if it was a scratched cd repeating over and over. As well my internet connection gets disconnected at times as well... Could this be a virus or my machine going to crap?
 
To be more descriptive I have a Sony Vaio vpcee31fx I have had it for about 2-3 yrs. I have peer blocker and free avast virus protection on it I download a lot of movies and such but this is the first time since I have had the machine that it has given me issues like this
 
Welcome aboard

Please, complete all steps listed here: https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
Attached logs won't be reviewed.

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
 
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.13.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Me :: ME-VAIO [administrator]

Protection: Enabled

1/13/2013 4:31:09 PM
mbam-log-2013-01-13 (16-31-09).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 237203
Time elapsed: 9 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.9.2
Run by Me at 16:55:26 on 2013-01-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.2811.1076 [GMT -5:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Common Files\Motive\McciCMService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\Dwm.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Apoint\ApMsgFwd.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Users\Me\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Windows\system32\taskmgr.exe
C:\LOL Beta\LOLPBE\RADS\system\rads_user_kernel.exe
C:\LOL Beta\LOLPBE\RADS\projects\lol_launcher\releases\0.0.0.19\deploy\LoLLauncher.exe
C:\Windows\system32\svchost.exe -k SDRSVC
C:\Windows\System32\vds.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://blekkosearch.mystart.com/goatbar/?source=c7d377a6&toolbarid=goatbar&u=F8913D046FE18B22520BDC50776C38B6&tbp=homepage&v=2_0
uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SNNT&bmod=SNNT
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
uRun: [Spotify] "C:\Users\Me\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
uRun: [Spotify Web Helper] "C:\Users\Me\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [EEventManager] C:\PROGRA~2\EPSONS~1\EVENTM~1\EEventManager.exe
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [Razer Mamba Elite Driver] C:\Program Files (x86)\Razer\Mamba\RazerMambaSysTray.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRunOnce: [Malwarebytes Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {E0B8C461-F8FB-49b4-8373-FE32E92528A6} - {BC0E0A5D-AB5A-4fa4-A5FA-280E1D58EEEE} - C:\Program Files (x86)\Evernote\Evernote3.5\enbar.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
TCP: NameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C} : DHCPNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}\145747F635F657273656 : DHCPNameServer = 65.32.5.74 65.32.5.75
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}\2484E4446575332303132483544434 : DHCPNameServer = 65.32.5.111 65.32.5.112
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}\3324934363 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}\34861627C69656 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}\4445256365 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}\84F4D454D213432483 : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{37026458-AE80-4DB9-B16D-424E3595298C}\C696E6B6379737 : DHCPNameServer = 65.32.5.74 65.32.5.75 192.168.1.1 65.32.5.74 65.32.5.75
TCP: Interfaces\{76290962-DEDC-4774-94F3-D301EE8914D4} : DHCPNameServer = 65.32.5.111 65.32.5.112
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Apoint] C:\Program Files (x86)\Apoint\Apoint.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\n98ajcmf.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Motive\npMotive.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Me\AppData\Roaming\Mozilla\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll
FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-01-08 21:54; extension21804@extension21804.com; C:\Users\Me\AppData\Roaming\Mozilla\Firefox\Profiles\n98ajcmf.default\extensions\extension21804@extension21804.com
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2010-7-21 73856]
R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2010-7-21 28800]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2010-8-19 55856]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2011-3-26 984144]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2011-3-26 370288]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-7-7 202752]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2011-1-26 354304]
R2 AMD Reservation Manager;AMD Reservation Manager;C:\Program Files\ATI Technologies\ATI.ACE\Reservation Manager\AMD Reservation Manager.exe [2010-6-17 194496]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2011-3-26 25232]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2011-3-26 71600]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-11-10 44808]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-13 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-13 682344]
R3 amdiox64;AMD IO Driver;C:\Windows\System32\drivers\amdiox64.sys [2011-3-26 46136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-13 24176]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\System32\drivers\RtsUStor.sys [2010-8-19 242720]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-4-7 346144]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\drivers\SFEP.sys [2010-4-8 12032]
R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2010-8-19 38456]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-11-9 160944]
S3 BrSerIb;Brother Serial Interface Driver(WDM);C:\Windows\System32\drivers\BrSerIb.sys [2009-11-3 87552]
S3 BrUsbSIb;Brother Serial USB Driver(WDM);C:\Windows\System32\drivers\BrUsbSib.sys [2009-11-3 14592]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2011-5-6 97040]
S3 Razerlow;Razer Pro|Solutions;C:\Windows\System32\drivers\DB3G.sys [2005-11-7 21120]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-3-28 59392]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2012-11-26 1286784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-3-26 1255736]
S3 WSDScan;WSD Scan Support via UMB;C:\Windows\System32\drivers\WSDScan.sys [2009-7-13 25088]
S4 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [2012-3-30 237328]
S4 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [2009-10-24 360224]
S4 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-6 156672]
S4 SAS Document Conversion;SAS Document Conversion;C:\Program Files\SASHome\SASTextAnalyticsDocumentConversion\1.21\file-converter-service.exe [2011-11-14 61440]
S4 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService.exe [2010-2-8 302448]
S4 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2010-8-19 574320]
S4 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2010-3-18 852336]
S4 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [2010-2-19 529776]
S4 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [2010-2-19 386416]
S4 VcmXmlIfHelper;VAIO Content Metadata XML Interface;C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [2010-2-19 115568]
S4 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-10-12 54760]
.
=============== Created Last 30 ================
.
2013-01-13 21:29:41--------d-----w-C:\Users\Me\AppData\Roaming\Malwarebytes
2013-01-13 21:27:45--------d-----w-C:\ProgramData\Malwarebytes
2013-01-13 21:27:4324176----a-w-C:\Windows\System32\drivers\mbam.sys
2013-01-13 21:27:43--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-11 10:56:0176232----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{890C8713-00A9-4E1A-9DFB-0CF5B213F490}\offreg.dll
2013-01-11 10:50:539125352----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{890C8713-00A9-4E1A-9DFB-0CF5B213F490}\mpengine.dll
2013-01-09 09:06:12750592----a-w-C:\Windows\System32\win32spl.dll
2013-01-09 09:06:12492032----a-w-C:\Windows\SysWow64\win32spl.dll
2013-01-09 09:04:51424448----a-w-C:\Windows\System32\KernelBase.dll
2013-01-09 09:03:5968608----a-w-C:\Windows\System32\taskhost.exe
2013-01-09 09:03:573149824----a-w-C:\Windows\System32\win32k.sys
2013-01-08 22:06:12--------d-----w-C:\Users\Me\AppData\Local\Coupon Companion Plugin
2013-01-02 16:32:23--------d-----w-C:\Users\Me\AppData\Local\Spotify
2013-01-02 16:31:56--------d-----w-C:\Users\Me\AppData\Roaming\Spotify
2013-01-01 22:05:59--------d-----w-C:\ProgramData\BlueStacksSetup
2012-12-22 21:41:5446080----a-w-C:\Windows\System32\atmlib.dll
2012-12-22 21:41:5434304----a-w-C:\Windows\SysWow64\atmlib.dll
2012-12-22 21:41:53367616----a-w-C:\Windows\System32\atmfd.dll
2012-12-22 21:41:52295424----a-w-C:\Windows\SysWow64\atmfd.dll
2012-12-20 19:02:55--------d-----w-C:\Program Files\iPod
2012-12-20 19:02:54--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2012-12-20 19:02:54--------d-----w-C:\Program Files\iTunes
2012-12-20 19:02:54--------d-----w-C:\Program Files (x86)\iTunes
2012-12-15 16:34:55548864----a-w-C:\Program Files\Internet Explorer\ieproxy.dll
2012-12-15 16:34:541129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-12-15 16:34:531392128----a-w-C:\Windows\System32\wininet.dll
2012-12-15 16:34:251800704----a-w-C:\Windows\SysWow64\jscript9.dll
2012-12-15 16:34:22599040----a-w-C:\Windows\System32\vbscript.dll
2012-12-15 16:33:41387584----a-w-C:\Program Files (x86)\Internet Explorer\jsdbgui.dll
2012-12-15 16:33:38499200----a-w-C:\Program Files\Internet Explorer\jsdbgui.dll
2012-12-15 16:33:33678912----a-w-C:\Program Files (x86)\Internet Explorer\iedvtool.dll
2012-12-15 16:33:28887296----a-w-C:\Program Files\Internet Explorer\iedvtool.dll
.
==================== Find3M ====================
.
2013-01-08 23:01:0644----a-w-C:\Windows\SysWow64\stopSvc.bat
2013-01-08 23:01:06260----a-w-C:\Windows\SysWow64\cmdVBS.vbs
2013-01-02 19:33:4773656----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-02 19:33:47697272----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-12-07 13:20:16441856----a-w-C:\Windows\System32\Wpc.dll
2012-12-07 13:15:312746368----a-w-C:\Windows\System32\gameux.dll
2012-12-07 12:26:17308736----a-w-C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:432576384----a-w-C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:0430720----a-w-C:\Windows\System32\usk.rs
2012-12-07 11:20:0343520----a-w-C:\Windows\System32\csrr.rs
2012-12-07 11:20:0323552----a-w-C:\Windows\System32\oflc.rs
2012-12-07 11:20:0145568----a-w-C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:0144544----a-w-C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:0120480----a-w-C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:0020480----a-w-C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:5920480----a-w-C:\Windows\System32\pegi.rs
2012-12-07 11:19:5846592----a-w-C:\Windows\System32\fpb.rs
2012-12-07 11:19:5740960----a-w-C:\Windows\System32\cob-au.rs
2012-12-07 11:19:5721504----a-w-C:\Windows\System32\grb.rs
2012-12-07 11:19:5715360----a-w-C:\Windows\System32\djctq.rs
2012-12-07 11:19:5655296----a-w-C:\Windows\System32\cero.rs
2012-12-07 11:19:5551712----a-w-C:\Windows\System32\esrb.rs
2012-11-30 05:45:35362496----a-w-C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35243200----a-w-C:\Windows\System32\wow64.dll
2012-11-30 05:45:3513312----a-w-C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14215040----a-w-C:\Windows\System32\winsrv.dll
2012-11-30 05:43:1216384----a-w-C:\Windows\System32\ntvdm64.dll
2012-11-30 04:54:005120----a-w-C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48338432----a-w-C:\Windows\System32\conhost.exe
2012-11-30 02:44:0625600----a-w-C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:047680----a-w-C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:0414336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:032048----a-w-C:\Windows\SysWow64\user.exe
2012-11-30 02:38:596144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:594608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:593584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:593072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-26 09:34:5274703----a-w-C:\Windows\SysWow64\mfc45.dll
2012-11-22 05:44:23800768----a-w-C:\Windows\System32\usp10.dll
2012-11-22 04:45:03626688----a-w-C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49307200----a-w-C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09220160----a-w-C:\Windows\SysWow64\ncrypt.dll
2012-11-14 06:11:442312704----a-w-C:\Windows\System32\jscript9.dll
2012-11-14 06:02:491494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-11-14 05:57:35173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-11-14 05:52:402382848----a-w-C:\Windows\System32\mshtml.tlb
2012-11-14 01:58:151427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-11-14 01:49:25142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-11-14 01:48:27420864----a-w-C:\Windows\SysWow64\vbscript.dll
2012-11-14 01:44:422382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-11-09 05:45:092048----a-w-C:\Windows\System32\tzres.dll
2012-11-09 04:42:492048----a-w-C:\Windows\SysWow64\tzres.dll
2012-11-02 05:59:11478208----a-w-C:\Windows\System32\dpnet.dll
2012-11-02 05:11:31376832----a-w-C:\Windows\SysWow64\dpnet.dll
2012-11-01 05:43:422002432----a-w-C:\Windows\System32\msxml6.dll
2012-11-01 05:43:421882624----a-w-C:\Windows\System32\msxml3.dll
2012-11-01 04:47:541389568----a-w-C:\Windows\SysWow64\msxml6.dll
2012-11-01 04:47:541236992----a-w-C:\Windows\SysWow64\msxml3.dll
2012-10-30 23:51:55984144----a-w-C:\Windows\System32\drivers\aswSnx.sys
2012-10-30 23:51:5571600----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
2012-10-30 23:51:0741224----a-w-C:\Windows\avastSS.scr
2012-10-25 08:12:2694208----a-w-C:\Windows\SysWow64\QuickTimeVR.qtx
2012-10-25 08:12:2669632----a-w-C:\Windows\SysWow64\QuickTime.qts
2012-10-16 08:38:37135168----a-w-C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38:34350208----a-w-C:\Windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39:52561664----a-w-C:\Windows\apppatch\AcLayers.dll
.
============= FINISH: 16:57:44.96 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume2
Install Date: 3/26/2011 12:38:25 AM
System Uptime: 1/13/2013 3:03:38 PM (1 hours ago)
.
Motherboard: Sony Corporation | | VAIO
Processor: AMD Athlon(tm) II P340 Dual-Core Processor | N/A | 2200/200mhz
.
==== Disk Partitions =========================
.
.
==== Installed Programs ======================
.
Update for Microsoft Office 2007 (KB2508958)
µTorrent
Adobe AIR
Adobe Digital Editions
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader 9.5.2
Alps Pointing-device for VAIO
AMD Fuel
AMD USB Filter Driver
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Application Manager for VAIO
ArcSoft WebCam Companion 3
ATI Catalyst Install Manager
ATI Catalyst Registration
avast! Free Antivirus
AviSynth 2.5
Bonjour
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
ccc-core-static
ccc-utility64
CCC Help English
Click to Disc MergeModules x64
Epson Event Manager
Epson FAX Utility
Epson PC-FAX Driver
EPSON Scan
EPSON WorkForce 610 Series Printer Uninstall
EpsonNet Print
EpsonNet Setup
Evernote
Google Chrome
Google Update Helper
iCloud
iTunes
Java 7 Update 9
Java Auto Updater
Java(TM) 6 Update 20 (64-bit)
Java(TM) 6 Update 24
Junk Mail filter update
League of Legends
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.70.0.1100
Mamba Firmware Updater 1.13
Media Gallery
Media Gallery MergeModules x64
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Choice Guard
Microsoft DirectX SDK (February 2010)
Microsoft DirectX SDK (June 2010)
Microsoft IntelliPoint 8.1
Microsoft IntelliType Pro 8.1
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Office 64-bit Components 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared 64-bit MUI (English) 2007
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft SQL Server Compact 3.5 SP1 English
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Mozilla Firefox 17.0.1 (x86 en-US)
Mozilla Maintenance Service
MSI_SPF_x64
MSVCRT
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
OOBE
OpenAL
Pando Media Booster
PeerBlock 1.1 (r518)
PlayReady PC Runtime amd64
PMB
PMB VAIO Edition Guide
PMB VAIO Edition plug-in (Click to Disc)
PMB VAIO Edition plug-in (VAIO Image Optimizer)
PMB VAIO Edition plug-in (VAIO Movie Story)
PS3 Media Server
QuickTime
Razer Mamba
Realtek HDMI Audio Driver for ATI
Realtek High Definition Audio Driver
Realtek USB 2.0 Card Reader
SAS 9.3
SAS Document Conversion
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition
Setting Utility Series
Skype™ 6.0
SmartWi Connection Utility
Sony Home Network Library
Spotify
Steam
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2760586) 32-Bit Edition
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VAIO Care
VAIO Control Center
VAIO Data Restore Tool
VAIO DVD Menu Data
VAIO Entertainment Platform
VAIO Event Service
VAIO Gate
VAIO Gate Default
VAIO Hardware Diagnostics
VAIO Help and Support
VAIO Manual
VAIO Media plus
VAIO Media plus Opening Movie
VAIO Messenger
VAIO Movie Story MergeModules x64
VAIO Movie Story Template Data
VAIO Power Management
VAIO Sample Contents
VAIO Survey
VAIO Transfer Support
VAIO Update
VAIO Wallpaper Contents
VC80CRTRedist - 8.0.50727.6195
Ventrilo Client for Windows x64
VGClientX64
VGClientX86
VLC media player 2.0.4
VMp MergeModule x64
VU5x64
VU5x86
WIDCOMM Bluetooth Software
Windows Driver Package - Broadcom Bluetooth (09/09/2009 6.2.0.9405)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800)
Windows Live Call
Windows Live Communications Platform
Windows Live Essentials
Windows Live Mail
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
WinRAR 4.00 (64-bit)
.
==== End Of File ===========================
 
  • Download RogueKiller on the desktop
  • Close all the running programs
  • Windows Vista/7 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

========================================

Download Malwarebytes Anti-Rootkit (MBAR) from HERE
  • Unzip downloaded file.
  • Open the folder where the contents were unzipped and run mbar.exe
  • Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
  • Click on the Cleanup button to remove any threats and reboot if prompted to do so.
  • Wait while the system shuts down and the cleanup process is performed.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • When done, please post the two logs produced they will be in the MBAR folder..... mbar-log-xxxxx.txt and system-log.txt
 
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Me [Admin rights]
Mode : Remove -- Date : 01/13/2013 20:53:07

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED] ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts



¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: WDC WD32 00BEVT-26A23T0 SATA Disk Device +++++
--- User ---
[MBR] 37813ef70d7816a7a17850ac08a6fa78
[BSP] a0066a7a7f8db035b72449acb6126d60 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9627 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 19720192 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 19924992 | Size: 295515 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: pny USB 2.0 FD USB Device +++++
--- User ---
[MBR] 01a8e0aa083958925df23a8cf7b7c17d
[BSP] c767ee37f7230d82de01d928dff4b915 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 51304 | Size: 30646 Mo
User = LL1 ... OK!
Error reading LL2 MBR!

Finished : << RKreport[2]_D_01132013_02d2053.txt >>
RKreport[1]_S_01132013_02d2051.txt ; RKreport[2]_D_01132013_02d2053.txt
 
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Me [Admin rights]
Mode : Scan -- Date : 01/13/2013 20:51:10
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 2 ¤¤¤
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD32 00BEVT-26A23T0 SATA Disk Device +++++
--- User ---
[MBR] 37813ef70d7816a7a17850ac08a6fa78
[BSP] a0066a7a7f8db035b72449acb6126d60 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9627 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 19720192 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 19924992 | Size: 295515 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: pny USB 2.0 FD USB Device +++++
--- User ---
[MBR] 01a8e0aa083958925df23a8cf7b7c17d
[BSP] c767ee37f7230d82de01d928dff4b915 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 51304 | Size: 30646 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[1]_S_01132013_02d2051.txt >>
RKreport[1]_S_01132013_02d2051.txt
 
Malwarebytes anti-rootkit has seemingly gotten stuck have stopped and restarted scan. Will let run thru the night and check in the morning to see if stays stuck
 
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD32 00BEVT-26A23T0 SATA Disk Device +++++
--- User ---
[MBR] 37813ef70d7816a7a17850ac08a6fa78
[BSP] a0066a7a7f8db035b72449acb6126d60 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9627 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 19720192 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 19924992 | Size: 295515 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: pny USB 2.0 FD USB Device +++++
--- User ---
[MBR] 01a8e0aa083958925df23a8cf7b7c17d
[BSP] c767ee37f7230d82de01d928dff4b915 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 51304 | Size: 30646 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
 
Seems to be taking 20 times as long to do rogue killer this time than the first time I did it.... waiting on delete to finish to post 2nd set of reports for rogue killer
 
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Me [Admin rights]
Mode : Remove -- Date : 01/14/2013 00:39:18
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD32 00BEVT-26A23T0 SATA Disk Device +++++
--- User ---
[MBR] 37813ef70d7816a7a17850ac08a6fa78
[BSP] a0066a7a7f8db035b72449acb6126d60 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9627 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 19720192 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 19924992 | Size: 295515 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: pny USB 2.0 FD USB Device +++++
--- User ---
[MBR] 01a8e0aa083958925df23a8cf7b7c17d
[BSP] c767ee37f7230d82de01d928dff4b915 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 51304 | Size: 30646 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[4]_D_01142013_02d0039.txt >>
RKreport[1]_S_01132013_02d2051.txt ; RKreport[2]_D_01132013_02d2053.txt ; RKreport[3]_S_01142013_02d0021.txt ; RKreport[4]_D_01142013_02d0039.txt
 
RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : https://www.techspot.com/downloads/5562-roguekiller.html
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Me [Admin rights]
Mode : Scan -- Date : 01/14/2013 00:21:20
¤¤¤ Bad processes : 0 ¤¤¤
¤¤¤ Registry Entries : 4 ¤¤¤
[HJ DESK] HKCU\[...]\ClassicStartMenu : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {59031A47-3F72-44A7-89C5-5595FE6B30EE} (1) -> FOUND
[HJ DESK] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
[HJ DESK] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND
¤¤¤ Particular Files / Folders: ¤¤¤
¤¤¤ Driver : [NOT LOADED] ¤¤¤
¤¤¤ HOSTS File: ¤¤¤
--> C:\Windows\system32\drivers\etc\hosts
¤¤¤ MBR Check: ¤¤¤
+++++ PhysicalDrive0: WDC WD32 00BEVT-26A23T0 SATA Disk Device +++++
--- User ---
[MBR] 37813ef70d7816a7a17850ac08a6fa78
[BSP] a0066a7a7f8db035b72449acb6126d60 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 9627 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 19720192 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 19924992 | Size: 295515 Mo
User = LL1 ... OK!
User = LL2 ... OK!
+++++ PhysicalDrive1: pny USB 2.0 FD USB Device +++++
--- User ---
[MBR] 01a8e0aa083958925df23a8cf7b7c17d
[BSP] c767ee37f7230d82de01d928dff4b915 : Standard MBR Code
Partition table:
0 - [ACTIVE] FAT32-LBA (0x0c) [VISIBLE] Offset (sectors): 51304 | Size: 30646 Mo
User = LL1 ... OK!
Error reading LL2 MBR!
Finished : << RKreport[3]_S_01142013_02d0021.txt >>
RKreport[1]_S_01132013_02d2051.txt ; RKreport[2]_D_01132013_02d2053.txt ; RKreport[3]_S_01142013_02d0021.txt
 
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.14.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Me :: ME-VAIO [administrator]
1/14/2013 3:07:02 AM
mbar-log-2013-01-14 (03-07-02).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31980
Time elapsed: 2 hour(s), 23 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
 
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Non-administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2947440640, free: 1775550464
------------ Kernel report ------------
01/13/2013 22:52:24
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amd_sata.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\amd_xata.sys
\SystemRoot\system32\drivers\amdsata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\AtiPcie.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atipmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\SFEP.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\mcdbus.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RtHDMIVX.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\RtsUStor.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\user32.dll
\Windows\System32\normaliz.dll
\Windows\System32\psapi.dll
\Windows\System32\kernel32.dll
\Windows\System32\nsi.dll
\Windows\System32\urlmon.dll
\Windows\System32\sechost.dll
\Windows\System32\comdlg32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\gdi32.dll
\Windows\System32\ole32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\lpk.dll
\Windows\System32\imm32.dll
\Windows\System32\msctf.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\imagehlp.dll
\Windows\System32\wininet.dll
\Windows\System32\Wldap32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\setupapi.dll
\Windows\System32\difxapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\usp10.dll
\Windows\System32\shell32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\devobj.dll
\Windows\System32\comctl32.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80049e6060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000082\
Lower Device Object: 0xfffffa80049e6b60
Lower Device Driver Name: \Driver\USBSTOR\
Device already Exists: 0xfffffa8002fd8530
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80031dd060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000058\
Lower Device Object: 0xfffffa8003161060
Lower Device Driver Name: \Driver\amd_sata\
Device already Exists: 0xfffffa8002dc56a0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80031dd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80031ddb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80031dd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003164b80, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa8002fb28a0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8003161060, DeviceName: \Device\00000058\, DriverName: \Driver\amd_sata\
------------ End ----------
Upper DeviceData: 0xfffff8a00f676ae0, 0xfffffa80031dd060, 0xfffffa800322c790
Lower DeviceData: 0xfffff8a00f66d580, 0xfffffa8003161060, 0xfffffa8002dc56a0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1321177D
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 19716096
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 19720192 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 19924992 Numsec = 605215408
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Scan Interrupted
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2947440640, free: 1596387328
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1016
(c) Malwarebytes Corporation 2011-2012
OS version: 6.1.7601 Windows 7 Service Pack 1 x64
Account is Administrative
Internet Explorer version: 9.0.8112.16421
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 2.194000 GHz
Memory total: 2947440640, free: 1395847168
------------ Kernel report ------------
01/14/2013 00:42:49
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_AuthenticAMD.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\compbatt.sys
\SystemRoot\system32\drivers\BATTC.SYS
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amd_sata.sys
\SystemRoot\system32\drivers\storport.sys
\SystemRoot\system32\drivers\amd_xata.sys
\SystemRoot\system32\drivers\amdsata.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\drivers\AtiPcie.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\drivers\blbdrive.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\drivers\amdppm.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atipmdag.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\athrx.sys
\SystemRoot\system32\DRIVERS\vwifibus.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\usbohci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\usbfilter.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\i8042prt.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\Apfiltr.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\SFEP.sys
\SystemRoot\system32\drivers\CmBatt.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\mcdbus.sys
\SystemRoot\system32\DRIVERS\SCSIPORT.SYS
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\amdiox64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\RtHDMIVX.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\drivers\hidusb.sys
\SystemRoot\system32\drivers\HIDCLASS.SYS
\SystemRoot\system32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\System32\Drivers\RtsUStor.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_amd_sata.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\??\C:\Windows\system32\drivers\mbam.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\iertutil.dll
\Windows\System32\psapi.dll
\Windows\System32\sechost.dll
\Windows\System32\normaliz.dll
\Windows\System32\shell32.dll
\Windows\System32\nsi.dll
\Windows\System32\advapi32.dll
\Windows\System32\ws2_32.dll
\Windows\System32\lpk.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\msvcrt.dll
\Windows\System32\usp10.dll
\Windows\System32\difxapi.dll
\Windows\System32\imagehlp.dll
\Windows\System32\kernel32.dll
\Windows\System32\ole32.dll
\Windows\System32\imm32.dll
\Windows\System32\shlwapi.dll
\Windows\System32\user32.dll
\Windows\System32\msctf.dll
\Windows\System32\oleaut32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\urlmon.dll
\Windows\System32\Wldap32.dll
\Windows\System32\wininet.dll
\Windows\System32\setupapi.dll
\Windows\System32\gdi32.dll
\Windows\System32\wintrust.dll
\Windows\System32\crypt32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\devobj.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\msasn1.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa80036c9790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000081\
Lower Device Object: 0xfffffa800464db60
Lower Device Driver Name: \Driver\USBSTOR\
Driver name found: USBSTOR
Initialization returned 0x0
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa80031dd060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000058\
Lower Device Object: 0xfffffa800315e060
Lower Device Driver Name: \Driver\amd_sata\
Driver name found: amd_sata
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\storport.sys (0x0)
Load Function returned 0x0
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 3
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa80031dd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80031ddb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80031dd060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8003163b80, DeviceName: Unknown, DriverName: \Driver\amd_xata\
DevicePointer: 0xfffffa80021fa040, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800315e060, DeviceName: \Device\00000058\, DriverName: \Driver\amd_sata\
------------ End ----------
Upper DeviceData: 0xfffff8a00daae860, 0xfffffa80031dd060, 0xfffffa8002e88090
Lower DeviceData: 0xfffff8a00f1cfa80, 0xfffffa800315e060, 0xfffffa8002ea6e40
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1321177D
Partition information:
Partition 0 type is Other (0x27)
Partition is NOT ACTIVE.
Partition starts at LBA: 2048 Numsec = 19716096
Partition 1 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 19720192 Numsec = 204800
Partition file system is NTFS
Partition is bootable
Partition 2 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 19924992 Numsec = 605215408
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 320072933376 bytes
Sector size: 512 bytes
Scanning physical sectors of unpartitioned space on drive 0 (1-2047-625122448-625142448)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa80036c9790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80047eb740, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80036c9790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80049902f0, DeviceName: Unknown, DriverName: \Driver\usbfilter\
DevicePointer: 0xfffffa800464db60, DeviceName: \Device\00000081\, DriverName: \Driver\USBSTOR\
------------ End ----------
Upper DeviceData: 0xfffff8a00d56fa60, 0xfffffa80036c9790, 0xfffffa8002ee9090
Lower DeviceData: 0xfffff8a0032007a0, 0xfffffa800464db60, 0xfffffa8002edbbc0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 4030201
Partition information:
Partition 0 type is Other (0xc)
Partition is ACTIVE.
Partition starts at LBA: 51304 Numsec = 62764952
Partition file system is FAT32
Partition is not bootable
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Disk Size: 32161923072 bytes
Sector size: 512 bytes
Done!
Performing system, memory and registry scan...
Read File: File "c:\ProgramData\{2BD4D073-FF7E-46C6-B916-02F1AF376300}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{2BD4D073-FF7E-46C6-B916-02F1AF376300}\VAIO Messenger Setup 2.0.202.0.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{2BD4D073-FF7E-46C6-B916-02F1AF376300}\instance.dat" is compressed (flags = 1)
Read File: File "c:\ProgramData\{2BD4D073-FF7E-46C6-B916-02F1AF376300}\VAIO Messenger Setup 2.0.202.0.dat" is compressed (flags = 1)
Done!
Scan finished
=======================================
 
I don't see anything malicious there.

In this forum, we make sure, your computer is free of malware and your computer is clean :)
Because the access to malware forum is very limited, your best option is to create new topic about your current issue, at Windows section.
You'll get more attention.
 
Back