MalwareC clones itself! :(

[Rhinoserious]

I used Spybot to detect a Malware called "MalwareC", clicked "fix problem", it said it was deleted and then it shows up again on the next immediate scan.. I guess it's making clones or moving itself as soon as it's detected. I have Windows 8 and I am unable to use ERUNT to back up my registry.

aswMBR:

aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-12-28 21:14:11
-----------------------------
21:14:11.586 OS Version: Windows x64 6.2.9200
21:14:11.586 Number of processors: 4 586 0x3A09
21:14:11.586 ComputerName: NICK UserName: Nick
21:14:11.816 Initialze error 1
21:14:14.805 AVAST engine defs: 13122801
21:14:36.124 The log file has been saved successfully to "C:\Users\Nick\Desktop\Always Use Protection\aswMBR.txt"



DDS:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537
Run by Nick at 21:13:35 on 2013-12-28
Microsoft Windows 8 Pro 6.2.9200.0.1252.1.1033.18.8066.5786 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\dashost.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Sony\NFC Proxy Service\bin\NFCProxyService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\taskhostex.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe
C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe
C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Sony\VAIO Care\VCPerfService.exe
C:\Program Files\Sony\VAIO Improvement\vim.exe
C:\Program Files\Sony\VAIO Improvement\vim.exe
C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Sony\VAIO Update\VUAgent.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Sony\VAIO Care\VCService.exe
C:\Program Files\Sony\VAIO Care\VCAgent.exe
C:\Program Files\Sony\VAIO Care\listener.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wwahost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://fgcu.edu/
uDefault_Page_URL = hxxp://sony13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - <orphaned>
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
uRun: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
uRun: [Spotify] "C:\Users\Nick\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [Spotify Web Helper] "C:\Users\Nick\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
uRun: [com.apple.dav.bookmarks.daemon] C:\Program Files (x86)\Common Files\Apple\Internet Services\BookmarkDAV_client.exe
uRun: [Steam] "C:\Program Files (x86)\Steam\Steam.exe" -silent
uRun: [Akamai NetSession Interface] "C:\Users\Nick\AppData\Local\Akamai\netsession_win.exe"
mRun: [Dolby Home Theater v4] "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
mRun: [ISBMgr.exe] "C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe"
mRun: [Adobe Reader Speed Launcher] "c:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [DivXUpdate] "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
dRunOnce: [Application Restart #1] C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe /Crashed
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Send to Bluetooth - C:\Program Files (x86)\Intel\Bluetooth\btSendToObject.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{3590FBA8-47AD-474E-950B-19F467A0D056} : DHCPNameServer = 172.26.38.1 172.26.38.2
TCP: Interfaces\{45A7614C-4B98-4133-9067-09EDD2D47B3C} : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{45A7614C-4B98-4133-9067-09EDD2D47B3C}\4494350294350244140294E4455425755424 : DHCPNameServer = 192.168.2.1
TCP: Interfaces\{9CEA6AA7-5DC5-424C-8D8F-9367FB9D4540} : DHCPNameServer = 192.168.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4
x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SONYAPO
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\Drivers\aswRvrt.sys [2013-10-13 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\Drivers\aswVmm.sys [2013-10-13 205320]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers\iaStorA.sys [2013-1-4 645952]
R1 aswKbd;aswKbd;C:\Windows\System32\Drivers\aswKbd.sys [2013-10-13 22600]
R1 aswSnx;aswSnx;C:\Windows\System32\Drivers\aswSnx.sys [2013-2-13 1032416]
R1 aswSP;aswSP;C:\Windows\System32\Drivers\aswsp.sys [2013-2-13 409832]
R2 AMPPALR3;Intel® Centrino® Wireless Bluetooth® + High Speed Service;C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe [2013-4-11 772064]
R2 aswFsBlk;aswFsBlk;C:\Windows\System32\Drivers\aswFsBlk.sys [2013-2-13 38984]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\Drivers\aswMonFlt.sys [2013-2-13 84328]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-11-3 50344]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-1-4 1091520]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-1-4 1112000]
R2 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) + High Speed Security Service;C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2012-9-12 135984]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2013-1-4 2445968]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2013-1-4 128896]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-1-4 165760]
R2 NFCProxyService;NFC Proxy Service;C:\Program Files (x86)\Sony\NFC Proxy Service\bin\NFCProxyService.exe [2013-1-4 470528]
R2 SampleCollector;VAIO Care Performance Service;C:\Program Files\Sony\VAIO Care\VCPerfService.exe [2012-8-6 156672]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2013-2-17 1153368]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2013-1-4 364416]
R2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2013-4-18 3388144]
R3 acpials;ALS Sensor Filter;C:\Windows\System32\Drivers\acpials.sys [2012-7-25 9728]
R3 AMPPAL;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Virtual Adapter;C:\Windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
R3 NETwNe64;@oem19.inf,___ %NIC_Service_DispName_WIN8_64%;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\Windows\System32\Drivers\NETwew00.sys [2013-4-25 3341792]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows\System32\Drivers\Rt630x64.sys [2012-7-30 683664]
R3 SensorsAlsDriver;UMDF Reflector service for SensorsAlsDriver;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SensorsHIDClassDriver;UMDF Reflector service for SensorsHIDClassDriver;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SensorsServiceDriver;UMDF Reflector service for SensorsServiceDriver;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
R3 SFEP;Sony Firmware Extension Parser;C:\Windows\System32\Drivers\SFEP.sys [2012-7-16 14336]
R3 sonyfelicaportm;NFC Port/PaSoRi Manager;C:\Windows\System32\Drivers\sonyfelicaportm.sys [2013-1-4 45160]
R3 sonynfcport100c;NFC Port/PaSoRi(sonynfcport100c);C:\Windows\System32\Drivers\sonynfcport100c.sys [2013-1-4 62056]
R3 sonynfcport100f;NFC Port/PaSoRi(sonynfcport100f);C:\Windows\System32\Drivers\sonynfcport100f.sys [2013-1-4 647784]
R3 SOWS;Sony Wireless State Device;C:\Windows\System32\Drivers\sows.sys [2012-7-5 24280]
R3 VCService;VCService;C:\Program Files\Sony\VAIO Care\VCService.exe [2012-8-8 56000]
R3 VUAgent;VUAgent;C:\Program Files\Sony\VAIO Update\VUAgent.exe [2013-1-4 1369136]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
S3 AMPPALP;Intel(r) Centrino(r) Wireless Bluetooth(r) + High Speed Protocol;C:\Windows\System32\Drivers\AmpPal.sys [2013-4-11 165344]
S3 BthLEEnum;Bluetooth Low Energy Driver;C:\Windows\System32\Drivers\BthLEEnum.sys [2012-7-25 202752]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\Drivers\btmaux.sys [2013-1-4 110592]
S3 btmhsf;btmhsf;C:\Windows\System32\Drivers\btmhsf.sys [2013-1-4 825344]
S3 e1yexpress;Intel(R) Gigabit Network Connections Driver;C:\Windows\System32\Drivers\e1y60x64.sys [2012-6-2 283136]
S3 iBtFltCoex;iBtFltCoex;C:\Windows\System32\Drivers\iBtFltCoex.sys [2013-1-4 55848]
S3 mbamchameleon;mbamchameleon;C:\Windows\System32\Drivers\mbamchameleon.sys [2013-12-27 89304]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2013-4-18 273136]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\Drivers\netaapl64.sys [2012-3-26 22528]
S3 NetworkSupport;NetworkSupport;C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [2013-1-4 623784]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\Drivers\RtsPStor.sys [2013-1-4 339600]
S3 SOHCImp;VAIO Content Importer;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [2012-8-8 123616]
S3 SOHDms;VAIO Digital Media Server;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2012-8-8 460512]
S3 SOHDs;VAIO Device Searcher;C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [2012-8-8 78048]
S3 SpfService;VAIO Entertainment Common Service;C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [2011-12-1 289952]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\Drivers\usbaapl64.sys [2012-12-13 54784]
S3 VAIO Power Management;VAIO Power Management;C:\Program Files\Sony\VAIO Power Management\SPMService.exe [2013-1-4 476328]
S3 VCFw;VAIO Content Folder Watcher;C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [2012-8-8 972000]
S3 vmbusr;Virtual Machine Bus Provider;C:\Windows\System32\Drivers\vmbusr.sys [2012-7-25 117248]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2013-12-28 04:49:01 -------- d-----w- C:\Windows\ERUNT
2013-12-28 04:48:38 -------- d-----w- C:\AdwCleaner
2013-12-27 19:04:58 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-12-27 18:41:58 89304 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2013-12-24 11:09:15 -------- d-----w- C:\Program Files\iPod
2013-12-24 11:09:14 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-24 11:09:14 -------- d-----w- C:\Program Files\iTunes
2013-12-24 11:09:14 -------- d-----w- C:\Program Files (x86)\iTunes
2013-12-15 08:41:58 23350272 ----a-w- C:\Program Files\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-15 08:41:53 22615040 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Microsoft Camera Codec Pack\MicrosoftRawCodec.dll
2013-12-13 14:19:20 62976 ----a-w- C:\Windows\System32\imagehlp.dll
2013-12-13 14:19:20 59392 ----a-w- C:\Windows\SysWow64\imagehlp.dll
2013-12-13 14:19:18 4036608 ----a-w- C:\Windows\System32\win32k.sys
2013-12-13 14:19:17 288768 ----a-w- C:\Windows\System32\drivers\portcls.sys
2013-12-08 23:34:31 -------- d-----w- C:\Joymax
2013-12-08 22:41:10 -------- d-----w- C:\Users\Nick\AppData\Local\Akamai
2013-12-02 04:32:37 78304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-12-02 04:32:37 694240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2013-11-23 06:43:58 420864 ----a-w- C:\Windows\System32\WMPhoto.dll
2013-11-23 05:05:01 368640 ----a-w- C:\Windows\SysWow64\WMPhoto.dll
2013-11-03 19:44:15 92544 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-11-03 19:44:15 84328 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-11-03 19:44:15 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2013-11-03 19:44:15 205320 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2013-11-03 19:44:15 1032416 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-11-03 19:44:14 43152 ----a-w- C:\Windows\avastSS.scr
2013-11-01 05:38:21 312320 ----a-w- C:\Windows\System32\msieftp.dll
2013-11-01 03:49:24 273408 ----a-w- C:\Windows\SysWow64\msieftp.dll
2013-10-25 06:19:22 2241536 ----a-w- C:\Windows\System32\wininet.dll
2013-10-25 06:19:12 915968 ----a-w- C:\Windows\System32\uxtheme.dll
2013-10-25 06:17:57 3959808 ----a-w- C:\Windows\System32\jscript9.dll
2013-10-25 04:45:11 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll
2013-10-25 04:43:42 2877952 ----a-w- C:\Windows\SysWow64\jscript9.dll
2013-10-10 11:53:35 96600 ----a-w- C:\Windows\System32\drivers\wfplwfs.sys
2013-10-10 09:32:09 115712 ----a-w- C:\Windows\SysWow64\cscript.exe
2013-10-10 09:30:50 162304 ----a-w- C:\Windows\SysWow64\scrobj.dll
2013-10-10 09:30:50 156160 ----a-w- C:\Windows\SysWow64\scrrun.dll
2013-10-10 09:24:02 143872 ----a-w- C:\Windows\System32\wshom.ocx
2013-10-10 09:23:41 146944 ----a-w- C:\Windows\System32\cscript.exe
2013-10-10 09:22:46 222720 ----a-w- C:\Windows\System32\scrobj.dll
2013-10-10 09:22:46 194048 ----a-w- C:\Windows\System32\scrrun.dll
2013-10-10 09:21:20 1160192 ----a-w- C:\Windows\System32\IKEEXT.DLL
2013-10-10 09:20:43 723968 ----a-w- C:\Windows\System32\BFE.DLL
2013-10-08 22:30:32 35328 ----a-w- C:\Windows\SysWow64\wuapp.exe
2013-10-08 22:30:17 84992 ----a-w- C:\Windows\SysWow64\wudriver.dll
2013-10-08 22:30:17 126976 ----a-w- C:\Windows\SysWow64\wuwebv.dll
2013-10-08 22:28:11 40448 ----a-w- C:\Windows\System32\wuapp.exe
2013-10-08 22:27:56 99328 ----a-w- C:\Windows\System32\wudriver.dll
2013-10-08 22:27:56 252928 ----a-w- C:\Windows\System32\WUSettingsProvider.dll
2013-10-08 22:27:56 1622016 ----a-w- C:\Windows\System32\wucltux.dll
2013-10-08 22:27:56 142848 ----a-w- C:\Windows\System32\wuwebv.dll
2013-10-08 22:27:45 175104 ----a-w- C:\Windows\System32\storewuauth.dll
2013-10-05 06:10:20 285016 ----a-w- C:\Windows\System32\drivers\spaceport.sys
2013-10-02 23:25:41 1300992 ----a-w- C:\Windows\System32\gdi32.dll
2013-10-02 02:50:07 447320 ----a-w- C:\Windows\System32\drivers\USBHUB3.SYS
2013-10-01 23:37:57 1569280 ----a-w- C:\Windows\SysWow64\crypt32.dll
2013-10-01 23:37:53 2035712 ----a-w- C:\Windows\SysWow64\authui.dll
2013-10-01 23:26:49 1890816 ----a-w- C:\Windows\System32\crypt32.dll
2013-10-01 23:26:45 2304512 ----a-w- C:\Windows\System32\authui.dll
2013-10-01 22:22:19 1022976 ----a-w- C:\Windows\SysWow64\gdi32.dll
.
============= FINISH: 21:14:20.02 ===============


Please, any help would be much appreciated! I'm scared of what this thing could do to my machine!


SpyBot:

(It doesn't seem to be showing up on SpyBot anymore.... How can I be sure it's gone?)

[ken545]

Are you a student using this computer for classes or is it a company computer ?

Please read Post # 5

http://forums.spybot.info/showthread...ng-Assistance)

[Rhinoserious]

@ken545

This is my personal computer. If you were wondering about processes related to a mail server for university, it's because I have my school e-mail address linked to my Windows Mail app.

[ken545]

Good Morning,

OK, thanks for letting me know.


Please download Malwarebytes from Here or Here

• Double-click mbam-setup.exe and follow the prompts to install the program.
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform quick scan, then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
• Be sure that everything is checked, and click Remove Selected .
• When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
• Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

Post the report please








OTL by OldTimer

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Click the "Scan All Users" checkbox.
• Check the boxes beside LOP Check and Purity Check.
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

[ken545]

Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.