Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 22-10-2014
Ran by SYSTEM on MININT-I60PB8O on 23-10-2014 17:53:16
Running from f:\
Platform: Windows 7 Home Premium (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Recovery
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST must be run from normal or Safe mode to create a complete log.
Tutorial for Farbar Recovery Scan Tool:
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [9398888 2010-10-31] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1873192 2010-10-31] (Synaptics Incorporated)
HKLM\...\Run: [ISBMgr.exe] => C:\Program Files\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM\...\Run: [iBryte browseforchange Desktop] => C:\Program Files\iBryte\browseforchange\ibrytedesktop.exe [163840 2012-03-25] (iBryte)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [ApnUpdater] => C:\Program Files\Ask.com\Updater\Updater.exe [1573576 2012-10-29] (Ask)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM\...\Run: [ShopAtHomeWatcher] => C:\Users\CupC@ke\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeWatcher.exe [128656 2014-01-14] (ShopAtHome.com)
HKLM\...\Run: [ShopAtHomeUpdater] => C:\Users\CupC@ke\AppData\Roaming\ShopAtHome\ShopAtHomeHelper\ShopAtHomeUpdater.exe [201872 2014-01-14] (ShopAtHome.com)
HKLM\...\Run: [RegWork] => C:\Program Files\RegWork\RegWork.exe [13964416 2012-08-16] (Honlyn (Macao Commercial Offshore) Limited)
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [294400 2011-05-24] (Advanced Micro Devices, Inc.)
S2 NIS; C:\Program Files\Norton Internet Security\Engine\19.0.0.128\ccSvcHst.exe [138760 2011-05-24] (Symantec Corporation)
S2 Oasis2Service; C:\Program Files\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.)
S2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [189048 2011-01-29] (Sony Corporation)
S2 uCamMonitor; C:\Program Files\ArcSoft\Magic-I Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
S2 VAIO Event Service; C:\Program Files\Sony\VAIO Event Service\VESMgr.exe [64704 2011-03-05] (Sony Corporation)
S3 VcmIAlzMgr; C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [549616 2011-05-19] (Sony Corporation)
S3 VcmINSMgr; C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [385336 2011-02-18] (Sony Corporation)
S3 VCService; C:\Program Files\Sony\VAIO Care\VCService.exe [44736 2011-02-14] (Sony Corporation)
S2 VSNService; C:\Program Files\Sony\VAIO Smart Network\VSNService.exe [866952 2011-07-04] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update 5\VUAgent.exe [792248 2011-03-30] (Sony Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S0 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [64128 2011-02-17] (Advanced Micro Devices)
S0 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [32384 2011-02-17] (Advanced Micro Devices)
S3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [17408 2009-05-26] (ArcSoft, Inc.)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\BASHDefs\20110519.002\BHDrvx86.sys [810616 2011-05-13] (Symantec Corporation)
S3 btwampfl; C:\Windows\System32\drivers\btwampfl.sys [297000 2010-10-31] (Broadcom Corporation.)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1300000.080\ccSetx86.sys [131208 2011-05-23] (Symantec Corporation)
S1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\IPSDefs\20110519.031\IDSVix86.sys [367736 2011-05-13] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20110519.002\NAVENG.SYS [86008 2011-05-18] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.0.0.128\Definitions\VirusDefs\20110519.002\NAVEX15.SYS [1542392 2011-05-18] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NIS\1300000.080\SRTSP.SYS [561272 2011-05-20] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NIS\1300000.080\SRTSPX.SYS [31864 2011-05-20] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NIS\1300000.080\SYMDS.SYS [340088 2011-05-16] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NIS\1300000.080\SYMEFA.SYS [897656 2011-05-16] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [127096 2012-01-06] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1300000.080\Ironx86.SYS [149624 2011-05-16] (Symantec Corporation)
S1 SymNetS; C:\Windows\system32\drivers\NIS\1300000.080\SYMNETS.SYS [310392 2011-05-09] (Symantec Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-17 19:33 - 2014-10-06 18:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2014-10-17 19:33 - 2014-09-28 16:41 - 02379264 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-10-17 19:33 - 2014-09-25 14:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2014-10-17 19:33 - 2014-09-25 14:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2014-10-17 19:33 - 2014-09-25 14:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2014-10-17 19:33 - 2014-09-25 14:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-10-17 19:33 - 2014-09-25 14:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-10-17 19:33 - 2014-09-18 17:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-10-17 19:33 - 2014-09-18 17:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-10-17 19:33 - 2014-09-18 17:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-10-17 19:33 - 2014-09-18 17:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-10-17 19:33 - 2014-09-18 17:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-10-17 19:33 - 2014-09-18 17:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-10-17 19:33 - 2014-09-18 17:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-10-17 19:33 - 2014-09-18 16:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2014-10-17 19:33 - 2014-09-18 16:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-10-17 19:33 - 2014-09-18 16:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-10-17 19:33 - 2014-09-18 16:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-10-17 19:33 - 2014-09-18 16:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2014-10-17 19:33 - 2014-09-18 16:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-10-17 19:33 - 2014-09-18 16:50 - 00108032 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-10-17 19:33 - 2014-09-18 16:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-10-17 19:33 - 2014-09-18 16:44 - 00646144 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2014-10-17 19:33 - 2014-09-18 16:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-10-17 19:33 - 2014-09-18 16:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-10-17 19:33 - 2014-09-18 16:20 - 00677888 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-10-17 19:33 - 2014-09-18 16:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-10-17 19:33 - 2014-09-18 16:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2014-10-17 19:33 - 2014-09-18 15:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-10-17 19:33 - 2014-09-18 15:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-10-17 19:33 - 2014-09-18 15:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-10-17 19:32 - 2014-06-18 14:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\System32\dfshim.dll
2014-10-17 19:32 - 2014-06-18 14:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\System32\mscorier.dll
2014-10-17 19:32 - 2014-06-18 14:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\System32\mscories.dll
2014-10-17 19:31 - 2014-09-03 21:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll
2014-10-17 19:15 - 2014-07-16 17:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\System32\winsta.dll
2014-10-17 19:15 - 2014-07-16 17:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-10-17 19:15 - 2014-07-16 17:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2014-10-17 19:15 - 2014-07-16 17:39 - 00523264 _____ (Microsoft Corporation) C:\Windows\System32\termsrv.dll
2014-10-17 19:14 - 2014-07-16 17:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\System32\winlogon.exe
2014-10-17 19:14 - 2014-07-16 17:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2014-10-17 19:14 - 2014-07-16 17:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2014-10-17 19:14 - 2014-07-16 17:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\System32\TSpkg.dll
2014-10-17 19:14 - 2014-07-16 17:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\System32\credssp.dll
2014-10-17 19:14 - 2014-07-16 17:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2014-10-17 19:14 - 2014-07-16 17:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2014-10-17 19:13 - 2014-09-17 17:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\System32\msi.dll
2014-10-15 21:31 - 2014-09-12 17:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\System32\packager.dll
2014-10-01 04:34 - 2014-09-24 17:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2014-09-23 22:56 - 2014-09-09 13:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-18 21:59 - 2012-01-06 17:40 - 01492016 _____ () C:\Windows\WindowsUpdate.log
2014-10-18 21:51 - 2014-09-19 06:17 - 00016800 _____ () C:\Windows\setupact.log
2014-10-18 21:46 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-10-18 21:41 - 2009-07-13 20:34 - 00020608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-18 21:41 - 2009-07-13 20:34 - 00020608 ____H () C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-18 21:30 - 2010-11-20 13:01 - 00783360 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-10-18 21:12 - 2012-11-11 20:58 - 00000000 ____D () C:\Program Files\Google
2014-10-18 01:27 - 2009-07-13 20:33 - 00289480 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-10-05 14:18 - 2014-05-01 22:06 - 00089272 _____ () C:\test.xml
2014-09-24 06:35 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\rescache
2014-09-24 00:01 - 2014-02-08 14:31 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerApp.exe
2014-09-24 00:01 - 2014-02-08 14:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\System32\FlashPlayerCPLApp.cpl
==================== Known DLLs (Whitelisted) ============
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe
[2014-10-17 19:14] - [2014-07-16 17:39] - 0304128 ____A (Microsoft Corporation) 52449FD429D6053B78AE564DEF303870
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== Restore Points =========================
==================== Memory info ===========================
Percentage of memory in use: 23%
Total physical RAM: 1642.9 MB
Available physical RAM: 1250.29 MB
Total Pagefile: 1642.9 MB
Available Pagefile: 1254.63 MB
Total Virtual: 2047.88 MB
Available Virtual: 1947.32 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:288.78 GB) (Free:252.85 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:9.22 GB) (Free:1.11 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (FreeAgent Drive) (Fixed) (Total:298.09 GB) (Free:245.95 GB) NTFS
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Drive y: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: B887C805)
Partition 1: (Not Active) - (Size=9.2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=288.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 298.1 GB) (Disk ID: A4B57300)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
LastRegBack: 2014-10-10 21:17
==================== End Of Log ============================