[Redirect Malware Help.]

Thank you very much for your time and help, my computer is running like normal now.

Appreciated .

Ron

[Redirect Malware Help.]

Here are the requested txt's.

ESETSmartInstaller@High as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6583

# api_version=3.0.2

# EOSSerial=d1153e5e92a6064e832219669f2663f6

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2012-07-04 12:05:22

# local_time=2012-07-03 08:05:22 (-0500, Eastern Daylight Time)

# country="United States"

# lang=1033

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode=5893 16776574 100 94 34646629 92900517 0 0

# compatibility_mode=8192 67108863 100 0 0 0 0 0

# scanned=196049

# found=8

# cleaned=8

# scan_time=3255

C:\Program Files (x86)\2K Sports\NBA 2K12\rld.dll a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Program Files (x86)\Black_Box\Max Payne 3\gsrld.dll a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Users\Ron\AppData\Local\TempDIR\BetterInstaller.exe.vir a variant of Win32/Somoto.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\00000008.@.vir Win64/Agent.BA trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\80000000.@.vir Win64/Sirefef.AE trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

C:\Qoobox\Quarantine\C\Windows\System32\services.exe.vir Win64/Patched.A.Gen trojan (deleted - quarantined) 00000000000000000000000000000000 C

C:\Users\Ron\Desktop\New folder (8)\Exploits\psneuter Android/Exploit.Lotoor.AK trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

D:\Vid\Max.Payne.3.Update.v1.0.0.22-RELOADED\Crack\gsrld.dll a variant of Win32/Packed.VMProtect.AAH trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

VVVVVVVVVVVVVVVVVVVVVVVVVV

Results of screen317's Security Check version 0.99.42

Windows 7 Service Pack 1 x64 (UAC is disabled!)

Internet Explorer 9

``````````````Antivirus/Firewall Check:``````````````

Windows Firewall Enabled!

Microsoft Security Essentials

(On Access scanning disabled!)

Error obtaining update status for antivirus!

`````````Anti-malware/Other Utilities Check:`````````

Malwarebytes Anti-Malware version 1.61.0.1400

JavaFX 2.1.0

Java 6 Update 26

Java 7 Update 4

Java version out of Date!

Mozilla Firefox (13.0.1)

Google Chrome 19.0.1084.56

Google Chrome 20.0.1132.47

````````Process Check: objlist.exe by Laurent````````

Malwarebytes Anti-Malware mbamservice.exe

Malwarebytes Anti-Malware mbamgui.exe

`````````````````System Health check`````````````````

Total Fragmentation on Drive C: 14% Defragment your hard drive soon!

````````````````````End of Log``````````````````````

[Redirect Malware Help.]

Hello, the program ran successfully this time thanks, heres the log...

VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV

ComboFix 12-07-02.01 - Ron 07/03/2012 17:31:57.1.6 - x64

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2442 [GMT -4:00]

Running from: c:\users\Ron\Desktop\sega.com

Command switches used :: /killall

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\program files (x86)\Mozilla Firefox\searchplugins\search.xml

C:\setup.exe

c:\users\Ron\AppData\Local\TempDIR

c:\users\Ron\AppData\Local\TempDIR\BetterInstaller.exe

c:\windows\assembly\GAC_32\Desktop.ini

c:\windows\assembly\GAC_64\Desktop.ini

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\@

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\L\00000004.@

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\L\201d3dde

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\L\55490ac4

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\00000004.@

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\00000008.@

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\000000cb.@

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\80000000.@

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\80000032.@

c:\windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\80000064.@

D:\install.exe

.

Infected copy of c:\windows\system32\services.exe was found and disinfected

Restored copy from - c:\windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe

.

.

((((((((((((((((((((((((( Files Created from 2012-06-03 to 2012-07-03 )))))))))))))))))))))))))))))))

.

.

2074-05-07 23:38 . 2006-11-22 01:48 203576 ------w- c:\program files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe

2012-07-03 21:39 . 2012-07-03 21:39 -------- d-----w- c:\users\Default\AppData\Local\temp

2012-07-02 23:52 . 2012-07-02 23:52 -------- d-----w- c:\users\Ron\AppData\Roaming\Malwarebytes

2012-07-02 23:52 . 2012-07-02 23:52 -------- d-----w- c:\programdata\Malwarebytes

2012-07-02 23:52 . 2012-07-02 23:52 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2012-07-02 23:52 . 2012-04-04 19:56 24904 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-07-02 23:26 . 2012-07-02 23:26 -------- d-----w- c:\users\Ron\AppData\Roaming\Sony Corporation

2012-07-02 23:26 . 2012-07-02 23:26 -------- d-----w- c:\program files (x86)\Sony

2012-07-01 23:44 . 2012-07-01 23:44 -------- d-----w- c:\programdata\3DMGAME

2012-07-01 23:35 . 2012-07-01 23:35 -------- d-sh--w- c:\windows\SysWow64\%APPDATA%

2012-07-01 07:06 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5CDF57E5-740E-49A4-887E-BEC011B1791C}\mpengine.dll

2012-06-30 17:43 . 2012-05-31 04:04 9013136 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-06-23 03:13 . 2012-06-30 02:41 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr

2012-06-23 03:13 . 2012-06-23 03:13 -------- d-----w- c:\users\Ron\AppData\Local\PunkBuster

2012-06-23 03:08 . 2002-01-01 15:56 -------- d-----w- c:\users\Ron\AppData\Local\Ubisoft Game Launcher

2012-06-23 02:55 . 2012-06-23 02:55 -------- d-----w- c:\users\Ron\AppData\Roaming\Ubisoft

2012-06-21 08:37 . 2012-06-21 08:37 3166792 ------w- c:\windows\SysWow64\pbsvc.exe

2012-06-21 01:29 . 2012-06-02 22:19 2428952 ----a-w- c:\windows\system32\wuaueng.dll

2012-06-21 01:29 . 2012-06-02 22:19 57880 ----a-w- c:\windows\system32\wuauclt.exe

2012-06-21 01:29 . 2012-06-02 22:19 44056 ----a-w- c:\windows\system32\wups2.dll

2012-06-21 01:29 . 2012-06-02 22:15 2622464 ----a-w- c:\windows\system32\wucltux.dll

2012-06-21 01:29 . 2012-06-02 22:19 38424 ----a-w- c:\windows\system32\wups.dll

2012-06-21 01:29 . 2012-06-02 22:19 701976 ----a-w- c:\windows\system32\wuapi.dll

2012-06-21 01:29 . 2012-06-02 22:15 99840 ----a-w- c:\windows\system32\wudriver.dll

2012-06-21 01:29 . 2012-06-02 19:19 186752 ----a-w- c:\windows\system32\wuwebv.dll

2012-06-21 01:29 . 2012-06-02 19:15 36864 ----a-w- c:\windows\system32\wuapp.exe

2012-06-14 00:09 . 2012-06-14 00:09 -------- d-----w- c:\users\Ron\AppData\Local\Ironclad Games

2012-06-14 00:06 . 2012-06-14 00:06 -------- d-----w- c:\programdata\Ironclad Games

2012-06-14 00:02 . 2012-06-14 00:02 -------- d-----w- c:\program files (x86)\Stardock

2012-06-13 17:27 . 2012-02-12 01:59 927800 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3BB6A39E-C244-4873-A07F-58BA01F2E99B}\gapaengine.dll

2012-06-13 17:21 . 2012-06-13 17:21 -------- d-----w- c:\users\Ron\AppData\Local\Macromedia

2012-06-12 18:53 . 2012-04-26 05:41 77312 ----a-w- c:\windows\system32\rdpwsx.dll

2012-06-11 05:39 . 2012-06-11 05:39 -------- d-----w- c:\users\Ron\AppData\Roaming\Individual Software

2012-06-11 05:36 . 2012-06-11 05:36 -------- d-----w- c:\programdata\Individual Software

2012-06-11 05:36 . 2012-06-11 16:16 -------- d-----w- c:\program files (x86)\ResumeMaker Professional

2012-06-10 18:36 . 2012-06-10 18:36 -------- d-----w- c:\users\Ron\AppData\Roaming\Yahoo!

2012-06-06 05:26 . 2012-06-06 05:26 -------- d-----w- C:\BCM_REL_4_100_15_5_WHQL

2012-06-04 03:57 . 2012-06-04 03:57 -------- d-----w- c:\users\Ron\AppData\Local\Chromium

2012-06-04 03:53 . 2012-06-04 03:53 -------- d-----w- c:\program files (x86)\Rockstar Games

2012-06-04 00:51 . 2012-06-04 00:51 -------- d-----w- c:\program files (x86)\Black_Box

.

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-07-01 18:43 . 2012-04-12 23:57 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe

2012-07-01 18:43 . 2011-05-24 18:16 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-06-30 02:41 . 2011-02-13 01:03 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.exe

2012-06-28 23:37 . 2011-02-13 01:03 282696 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0

2012-06-23 03:02 . 2011-02-13 01:03 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe

2012-06-10 18:08 . 2012-05-10 03:12 119296 ----a-w- c:\windows\SysWow64\zlib.dll

2012-05-27 00:28 . 2012-05-27 00:28 43520 ----a-w- c:\windows\SysWow64\CmdLineExt03.dll

2012-05-26 07:08 . 2012-05-26 07:08 53248 ----a-r- c:\users\Ron\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe

2012-05-24 18:18 . 2012-05-24 18:18 163048 ----a-w- c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10141.bin

2012-05-22 17:51 . 2012-05-22 17:51 61440 ----a-r- c:\users\Ron\AppData\Roaming\Microsoft\Installer\{33B5B641-7843-48A9-A8FE-4501869D0B92}\NewShortcut2_33B5B641784348A9A8FE4501869D0B92.exe

2012-05-22 17:51 . 2012-05-22 17:51 61440 ----a-r- c:\users\Ron\AppData\Roaming\Microsoft\Installer\{33B5B641-7843-48A9-A8FE-4501869D0B92}\NewShortcut1_33B5B641784348A9A8FE4501869D0B92.exe

2012-05-04 20:18 . 2012-04-13 00:18 8744608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe

2012-04-06 05:22 . 2012-04-06 05:22 11174400 ----a-w- c:\windows\system32\drivers\atikmdag.sys

2012-04-06 02:34 . 2012-04-06 02:34 187392 ----a-w- c:\windows\system32\clinfo.exe

2012-04-06 02:34 . 2012-04-06 02:34 74752 ----a-w- c:\windows\system32\OpenVideo64.dll

2012-04-06 02:34 . 2012-04-06 02:34 64512 ----a-w- c:\windows\SysWow64\OpenVideo.dll

2012-04-06 02:33 . 2012-04-06 02:33 63488 ----a-w- c:\windows\system32\OVDecode64.dll

2012-04-06 02:33 . 2012-04-06 02:33 56320 ----a-w- c:\windows\SysWow64\OVDecode.dll

2012-04-06 02:33 . 2012-04-06 02:33 16457216 ----a-w- c:\windows\system32\amdocl64.dll

2012-04-06 02:32 . 2012-04-06 02:32 13007872 ----a-w- c:\windows\SysWow64\amdocl.dll

2012-04-06 02:22 . 2012-04-06 02:22 159744 ----a-w- c:\windows\system32\atiapfxx.exe

2012-04-06 02:21 . 2012-04-06 02:21 909312 ----a-w- c:\windows\SysWow64\aticfx32.dll

2012-04-06 02:20 . 2011-01-26 22:59 1067520 ----a-w- c:\windows\system32\aticfx64.dll

2012-04-06 02:16 . 2012-04-06 02:16 442368 ----a-w- c:\windows\system32\ATIDEMGX.dll

2012-04-06 02:16 . 2012-04-06 02:16 503808 ----a-w- c:\windows\system32\atieclxx.exe

2012-04-06 02:16 . 2012-04-06 02:16 236544 ----a-w- c:\windows\system32\atiesrxx.exe

2012-04-06 02:14 . 2012-04-06 02:14 120320 ----a-w- c:\windows\system32\atitmm64.dll

2012-04-06 02:14 . 2012-04-06 02:14 21504 ----a-w- c:\windows\system32\atimuixx.dll

2012-04-06 02:14 . 2012-04-06 02:14 59392 ----a-w- c:\windows\system32\atiedu64.dll

2012-04-06 02:14 . 2012-04-06 02:14 43520 ----a-w- c:\windows\SysWow64\ati2edxx.dll

2012-04-06 02:13 . 2012-04-06 02:13 6800896 ----a-w- c:\windows\SysWow64\atidxx32.dll

2012-04-06 02:10 . 2012-04-06 02:10 26181632 ----a-w- c:\windows\system32\atio6axx.dll

2012-04-06 02:00 . 2010-10-27 07:15 64000 ----a-w- c:\windows\system32\coinst.dll

2012-04-06 01:54 . 2011-01-26 22:40 7479296 ----a-w- c:\windows\system32\atidxx64.dll

2012-04-06 01:50 . 2012-04-06 01:50 19753984 ----a-w- c:\windows\SysWow64\atioglxx.dll

2012-04-06 01:35 . 2012-04-06 01:35 1120768 ----a-w- c:\windows\system32\atiumd6v.dll

2012-04-06 01:34 . 2012-04-06 01:34 1831424 ----a-w- c:\windows\SysWow64\atiumdmv.dll

2012-04-06 01:34 . 2012-04-06 01:34 4731904 ----a-w- c:\windows\system32\atiumd6a.dll

2012-04-06 01:34 . 2012-04-06 01:34 6203392 ----a-w- c:\windows\SysWow64\atiumdag.dll

2012-04-06 01:30 . 2012-04-06 01:30 51200 ----a-w- c:\windows\system32\aticalrt64.dll

2012-04-06 01:30 . 2012-04-06 01:30 46080 ----a-w- c:\windows\SysWow64\aticalrt.dll

2012-04-06 01:30 . 2012-04-06 01:30 44544 ----a-w- c:\windows\system32\aticalcl64.dll

2012-04-06 01:30 . 2012-04-06 01:30 44032 ----a-w- c:\windows\SysWow64\aticalcl.dll

2012-04-06 01:29 . 2012-04-06 01:29 16090624 ----a-w- c:\windows\system32\aticaldd64.dll

2012-04-06 01:25 . 2012-04-06 01:25 13764096 ----a-w- c:\windows\SysWow64\aticaldd.dll

2012-04-06 01:23 . 2012-04-06 01:23 7431680 ----a-w- c:\windows\system32\atiumd64.dll

2012-04-06 01:22 . 2012-04-06 01:22 4795904 ----a-w- c:\windows\SysWow64\atiumdva.dll

2012-04-06 01:11 . 2012-04-06 01:11 514560 ----a-w- c:\windows\system32\atiadlxx.dll

2012-04-06 01:11 . 2012-04-06 01:11 360448 ----a-w- c:\windows\SysWow64\atiadlxy.dll

2012-04-06 01:11 . 2012-04-06 01:11 17408 ----a-w- c:\windows\system32\atig6pxx.dll

2012-04-06 01:11 . 2012-04-06 01:11 14848 ----a-w- c:\windows\SysWow64\atiglpxx.dll

2012-04-06 01:11 . 2012-04-06 01:11 14848 ----a-w- c:\windows\system32\atiglpxx.dll

2012-04-06 01:11 . 2012-04-06 01:11 41984 ----a-w- c:\windows\system32\atig6txx.dll

2012-04-06 01:10 . 2012-04-06 01:10 33280 ----a-w- c:\windows\SysWow64\atigktxx.dll

2012-04-06 01:10 . 2012-04-06 01:10 343040 ----a-w- c:\windows\system32\drivers\atikmpag.sys

2012-04-06 01:09 . 2010-10-27 07:13 54784 ----a-w- c:\windows\system32\atiuxp64.dll

2012-04-06 01:09 . 2012-04-06 01:09 41984 ----a-w- c:\windows\SysWow64\atiuxpag.dll

2012-04-06 01:09 . 2012-04-06 01:09 44544 ----a-w- c:\windows\system32\atiu9p64.dll

2012-04-06 01:09 . 2012-04-06 01:09 32256 ----a-w- c:\windows\SysWow64\atiu9pag.dll

2012-04-06 01:09 . 2012-04-06 01:09 53248 ----a-w- c:\windows\system32\drivers\ati2erec.dll

2012-04-06 01:06 . 2012-04-06 01:06 54784 ----a-w- c:\windows\system32\atimpc64.dll

2012-04-06 01:06 . 2012-04-06 01:06 54784 ----a-w- c:\windows\system32\amdpcom64.dll

2012-04-06 01:06 . 2012-04-06 01:06 53760 ----a-w- c:\windows\SysWow64\atimpc32.dll

2012-04-06 01:06 . 2012-04-06 01:06 53760 ----a-w- c:\windows\SysWow64\amdpcom32.dll

2012-04-04 22:47 . 2012-06-03 05:41 772504 ----a-w- c:\windows\SysWow64\npDeployJava1.dll

2012-04-04 22:47 . 2011-01-06 03:07 687504 ----a-w- c:\windows\SysWow64\deployJava1.dll

2006-05-03 16:06 163328 --sha-r- c:\windows\SysWOW64\flvDX.dll

2007-02-21 17:47 31232 --sha-r- c:\windows\SysWOW64\msfDX.dll

2008-03-16 19:30 216064 --sha-r- c:\windows\SysWOW64\nbDX.dll

2010-01-07 04:00 107520 --sha-r- c:\windows\SysWOW64\TAKDSDecoder.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]

"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2012-06-26 4787072]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2010-01-22 106496]

"VolPanel"="c:\program files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" [2009-07-07 241789]

"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-04-06 641664]

"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]

.

c:\users\Ron\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

PdaNet Desktop.lnk - c:\program files (x86)\PdaNet for Android\PdaNetPC.exe [2012-5-9 480880]

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\

Content Manager Assistant for PlayStation®.lnk - c:\program files (x86)\Sony\Content Manager Assistant\CMA.exe [2012-1-26 2520504]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]

Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

@=""

.

R1 locqntmf;locqntmf;c:\windows\system32\drivers\locqntmf.sys [x]

R2 AODDriver4.1;AODDriver4.1;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]

R3 BthAudioHF;BthAudioHF Service;c:\windows\system32\DRIVERS\BthAudioHF.sys [2009-12-21 52224]

R3 BthAvrcp;Bluetooth AVRCP Profile;c:\windows\system32\DRIVERS\BthAvrcp.sys [2009-08-13 29184]

R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-25 79360]

R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-25 79360]

R3 csr_a2dp;Bluetooth AV Profile;c:\windows\system32\drivers\bthav.sys [2009-12-21 78848]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-02-16 99384]

R3 DroidCam;DroidCam Virtual Audio;c:\windows\system32\drivers\droidcam.sys [2011-02-12 25216]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2011-08-19 351136]

R3 LVUVC64;Logitech HD Webcam C310(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2011-08-19 4869024]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-01-21 30963576]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]

R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-03-21 98688]

R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe [2012-03-26 291696]

R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2010-07-21 45456]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 20992]

R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-02-16 203320]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 VIA_USB_ETS;VIA Telecom USB ETS Driver;c:\windows\system32\DRIVERS\VIA_USB_ETS.sys [2011-10-04 21760]

R3 ViaUsbModemDriver;VIA Telecom USB MODEM Driver;c:\windows\system32\DRIVERS\VIA_USB_MODEM.sys [2011-10-04 28160]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [2010-12-15 1255736]

R4 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-01 250056]

R4 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-04-06 236544]

R4 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-04-06 361984]

R4 AMD FusionUtility Service;AMD FusionUtility Service;c:\program files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-04-14 275832]

R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [2010-07-01 136616]

R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-11-11 128928]

R4 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02 116648]

R4 gupdatem;Google Update Service (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02 116648]

S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-12-25 834544]

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928]

S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672]

S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [2012-03-05 53888]

S2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x64.sys [2010-11-09 21992]

S2 HFGService;Handsfree Headset Service;c:\windows\system32\svchost.exe [2009-07-14 27136]

S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2011-08-19 450848]

S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys [2010-02-18 46136]

S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [2012-04-06 11174400]

S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2012-04-06 343040]

S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]

S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]

S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys [2011-10-16 117520]

S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys [2010-01-22 77824]

S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys [2010-01-22 180224]

S3 pneteth;PdaNet Broadband;c:\windows\system32\DRIVERS\pneteth.sys [2011-11-25 15360]

S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-03-03 1301504]

S3 VMfilt;VMfilt;c:\windows\system32\drivers\VMfilt64.sys [2009-07-31 25600]

S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys [2010-03-17 401696]

.

.

Contents of the 'Scheduled Tasks' folder

.

2012-07-03 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-12 18:43]

.

2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02 03:35]

.

2012-07-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02 03:35]

.

2012-06-14 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090741175-2824043484-2008641113-1000Core.job

- c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 19:03]

.

2012-07-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4090741175-2824043484-2008641113-1000UA.job

- c:\users\Ron\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 19:03]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]

2012-06-20 23:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]

2012-06-20 23:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]

2012-06-20 23:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]

@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"

[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]

2012-06-20 23:02 755224 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184]

"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152]

"Broadcom Wireless Manager UI"="c:\windows\SysWow64\WLTRAY.exe" [2006-10-12 1282048]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"LoadAppInit_DLLs"=0x0

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

uStart Page = hxxp://mystart.incredibar.com/mb133?a=6OyzUebbLz&i=26

mLocal Page = c:\windows\SysWOW64\blank.htm

IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - c:\progra~2\MICROS~3\Office14\ONBttnIE.dll/105

TCP: DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

FF - ProfilePath - c:\users\Ron\AppData\Roaming\Mozilla\Firefox\Profiles\e7a11fbw.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyzUebbLz&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - 3680d53e000000000000001a70b26574

FF - user.js: extensions.incredibar_i.instlDay - 15455

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.140:34

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef -

FF - user.js: extensions.incredibar_i.dfltLng -

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id -

FF - user.js: extensions.incredibar_i.upn2 - 6OyzUebbLz

FF - user.js: extensions.incredibar_i.upn2n - 92261298974656761

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10643

FF - user.js: extensions.incredibar_i.ppd - 1

.

.

------- File Associations -------

.

.reg=Regedit.Document

.

- - - - ORPHANS REMOVED - - - -

.

URLSearchHooks-{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - (no file)

SafeBoot-MsMpSvc

AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe

AddRemove-dBpoweramp Windows Media Audio 10 Codec - c:\windows\system32\SpoonUninstall.exe

AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe

AddRemove-{1AA94747-3BF6-4237-9E1A-7B3067738FE1} - c:\program files (x86)\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\setup.exe

.

.

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_USERS\S-1-5-21-4090741175-2824043484-2008641113-1000\Software\SecuROM\License information*]

"datasecu"=hex:dc,f5,f0,d1,d0,9e,cc,0e,22,7a,3c,db,ba,54,62,f0,20,36,8e,c8,0b,

cd,2c,b5,a0,15,3f,10,da,6f,07,db,d8,ca,90,95,09,a7,af,ee,d5,ca,0c,4e,c7,d7,\

"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_2_202_235_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_2_202_235.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]

@Denied: (A) (Everyone)

"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]

@Denied: (A) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]

"Key"="ActionsPane3"

"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

------------------------ Other Running Processes ------------------------

.

c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe

c:\windows\SysWOW64\WLTRYSVC.EXE

c:\windows\SysWOW64\bcmwltry.exe

c:\program files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

c:\windows\SysWOW64\PnkBstrA.exe

c:\windows\SysWOW64\SAgent4.exe

.

**************************************************************************

.

Completion time: 2012-07-03 17:48:05 - machine was rebooted

ComboFix-quarantined-files.txt 2012-07-03 21:48

.

Pre-Run: 5,975,924,736 bytes free

Post-Run: 8,733,626,368 bytes free

.

- - End Of File - - 0FBD45C206C30BA815A7BB9A1ABB05B9

[Redirect Malware Help.]

Ok here is the new dds.txt and attach.txt but Combofix did not create a log for me. It didnt even create the C:\ComboFix.txt directory, I ran it from the desktop as suggested but it just went through the scan and closed.

VVVVVVVVVVVVVVVVVVVVVVVVVVVVV

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1

Run by Ron at 16:15:35 on 2012-07-03

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2288 [GMT -4:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\SysWOW64\WLTRYSVC.EXE

C:\Windows\SysWOW64\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

C:\Windows\system32\svchost.exe -k bthaudiosvc

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\SysWOW64\SAgent4.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Windows\SysWOW64\WLTRAY.EXE

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe

C:\Windows\system32\AMBSpiE.exe

C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\taskhost.exe

"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\svchost.exe -k swprv

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://mystart.incredibar.com/mb133?a=6OyzUebbLz&i=26

uWindow Title = Internet Explorer, optimized for Bing and MSN

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

uRun: [Epson Stylus NX510(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU "C:\Users\Ron\AppData\Local\Temp\E_S88ED.tmp" /EF "HKCU"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\Ron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PDANET~1.LNK - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTEN~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSP: mswsock.dll

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://clients.futuremark.com/openapi/receivers/FMSI.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{50D78396-8E52-4043-B3EF-48EB7131B47A} : DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{606C35E8-A48D-4CAF-AD83-BD1E626DE376} : DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{674608C5-8793-48CD-9C57-4927C580C171} : DhcpNameServer = 8.8.8.8

TCP: Interfaces\{75DA459F-063D-44BA-A8BF-C3B0A01ECE8F}\2456C6B696E6F5E4B2F5444313646303 : DhcpNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{75DA459F-063D-44BA-A8BF-C3B0A01ECE8F}\34963736F63363730323 : DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{75DA459F-063D-44BA-A8BF-C3B0A01ECE8F}\54E6475627028656275612 : DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO-X64: AMD SteadyVideo BHO - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Ron\AppData\Roaming\Mozilla\Firefox\Profiles\e7a11fbw.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Users\Ron\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\Ron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Ron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyzUebbLz&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - 3680d53e000000000000001a70b26574

FF - user.js: extensions.incredibar_i.instlDay - 15455

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.140:34:18

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef -

FF - user.js: extensions.incredibar_i.dfltLng -

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id -

FF - user.js: extensions.incredibar_i.upn2 - 6OyzUebbLz

FF - user.js: extensions.incredibar_i.upn2n - 92261298974656761

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10643

FF - user.js: extensions.incredibar_i.ppd - 1

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]

R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]

R2 HFGService;Handsfree Headset Service;C:\Windows\system32\svchost.exe -k bthaudiosvc [2009-7-13 20992]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-2 654408]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]

R3 VMfilt;VMfilt;C:\Windows\system32\drivers\VMfilt64.sys --> C:\Windows\system32\drivers\VMfilt64.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\system32\DRIVERS\athurx.sys --> C:\Windows\system32\DRIVERS\athurx.sys [?]

S3 BthAudioHF;BthAudioHF Service;C:\Windows\system32\DRIVERS\BthAudioHF.sys --> C:\Windows\system32\DRIVERS\BthAudioHF.sys [?]

S3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\system32\DRIVERS\BthAvrcp.sys --> C:\Windows\system32\DRIVERS\BthAvrcp.sys [?]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-25 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-25 79360]

S3 csr_a2dp;Bluetooth AV Profile;C:\Windows\system32\drivers\bthav.sys --> C:\Windows\system32\drivers\bthav.sys [?]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]

S3 DroidCam;DroidCam Virtual Audio;C:\Windows\system32\drivers\droidcam.sys --> C:\Windows\system32\drivers\droidcam.sys [?]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2002-1-1 113120]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 VIA_USB_ETS;VIA Telecom USB ETS Driver;C:\Windows\system32\DRIVERS\VIA_USB_ETS.sys --> C:\Windows\system32\DRIVERS\VIA_USB_ETS.sys [?]

S3 ViaUsbModemDriver;VIA Telecom USB MODEM Driver;C:\Windows\system32\DRIVERS\VIA_USB_MODEM.sys --> C:\Windows\system32\DRIVERS\VIA_USB_MODEM.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056]

S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]

S4 AMD FusionUtility Service;AMD FusionUtility Service;C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-4-14 275832]

S4 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-7-1 136616]

S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-25 128928]

S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-1 116648]

S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-1 116648]

.

=============== File Associations ===============

.

.reg=Regedit.Document

.

=============== Created Last 30 ================

.

2074-05-07 23:38:48 203576 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe

2012-07-02 23:52:43 -------- d-----w- C:\Users\Ron\AppData\Roaming\Malwarebytes

2012-07-02 23:52:40 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-02 23:52:39 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-02 23:52:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-02 23:26:37 -------- d-----w- C:\Program Files (x86)\Sony

2012-07-01 23:44:55 -------- d-----w- C:\ProgramData\3DMGAME

2012-07-01 23:35:46 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-07-01 07:06:30 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5CDF57E5-740E-49A4-887E-BEC011B1791C}\mpengine.dll

2012-06-30 17:43:43 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-06-23 03:13:36 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-06-23 03:13:31 -------- d-----w- C:\Users\Ron\AppData\Local\PunkBuster

2012-06-23 03:08:56 -------- d-----w- C:\Users\Ron\AppData\Local\Ubisoft Game Launcher

2012-06-23 02:55:59 -------- d-----w- C:\Users\Ron\AppData\Roaming\Ubisoft

2012-06-21 08:37:14 3166792 ------w- C:\Windows\SysWow64\pbsvc.exe

2012-06-21 01:29:25 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-21 01:29:17 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-21 01:29:02 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-21 01:29:02 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-14 00:09:08 -------- d-----w- C:\Users\Ron\AppData\Local\Ironclad Games

2012-06-14 00:06:37 -------- d-----w- C:\ProgramData\Ironclad Games

2012-06-14 00:02:34 -------- d-----w- C:\Program Files (x86)\Stardock

2012-06-13 17:27:10 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BB6A39E-C244-4873-A07F-58BA01F2E99B}\gapaengine.dll

2012-06-13 17:21:07 -------- d-----w- C:\Users\Ron\AppData\Local\Macromedia

2012-06-12 18:53:23 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-11 05:39:29 -------- d-----w- C:\Users\Ron\AppData\Roaming\Individual Software

2012-06-11 05:36:44 -------- d-----w- C:\ProgramData\Individual Software

2012-06-11 05:36:15 -------- d-----w- C:\Program Files (x86)\ResumeMaker Professional

2012-06-06 05:26:29 -------- d-----w- C:\BCM_REL_4_100_15_5_WHQL

2012-06-04 03:57:28 -------- d-----w- C:\Users\Ron\AppData\Local\Chromium

2012-06-04 03:53:59 -------- d-----w- C:\Program Files (x86)\Rockstar Games

2012-06-04 00:51:14 -------- d-----w- C:\Program Files (x86)\Black_Box

.

==================== Find3M ====================

.

2012-07-01 18:43:36 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-01 18:43:36 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-30 02:41:41 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-06-28 23:37:15 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-06-23 03:02:57 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2012-06-10 18:08:35 119296 ----a-w- C:\Windows\SysWow64\zlib.dll

2012-05-27 00:28:10 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-05-04 20:18:07 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 05:32:05 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2012-04-06 02:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe

2012-04-06 02:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll

2012-04-06 02:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2012-04-06 02:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll

2012-04-06 02:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2012-04-06 02:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll

2012-04-06 02:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll

2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe

2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll

2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe

2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe

2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll

2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll

2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll

2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll

2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll

2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll

2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll

2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll

2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll

2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll

2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll

2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll

2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll

2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll

2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll

2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll

2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2012-04-04 22:47:08 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2012-04-04 22:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2006-05-03 16:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll

2007-02-21 17:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll

2008-03-16 19:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll

2010-01-07 04:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll

.

============= FINISH: 16:15:47.09 ===============

VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 12/25/2010 2:03:54 AM

System Uptime: 7/3/2012 2:52:04 PM (2 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | Crosshair IV Formula

Processor: AMD Phenom II X6 1075T Processor | AM3 | 3491/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 134 GiB total, 5.504 GiB free.

D: is FIXED (NTFS) - 149 GiB total, 2.377 GiB free.

E: is CDROM ()

F: is FIXED (NTFS) - 15 GiB total, 3.277 GiB free.

G: is CDROM ()

Z: is NetworkDisk (FAT) - 0 GiB total, 0 GiB free.

.

==== Disabled Device Manager Items =============

.

Class GUID: {4d36e96c-e325-11ce-bfc1-08002be10318}

Description: DroidCam Virtual Audio

Device ID: ROOT\MEDIA\0000

Manufacturer: Dev47Apps

Name: DroidCam Virtual Audio

PNP Device ID: ROOT\MEDIA\0000

Service: DroidCam

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: SCDEmu

Device ID: ROOT\LEGACY_SCDEMU\0000

Manufacturer:

Name: SCDEmu

PNP Device ID: ROOT\LEGACY_SCDEMU\0000

Service: SCDEmu

.

==== System Restore Points ===================

.

RP499: 7/2/2012 3:07:24 AM - Scheduled Checkpoint

.

==== Installed Programs ======================

.

µTorrent

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Adobe Shockwave Player 11.5

Algebra Solved!

AMD Fusion Utility

AMD OverDrive

AMD VISION Engine Control Center

Apple Application Support

Apple Software Update

ASUS E-Green Uninstall

ASUS PC Diagnostics

ATI Catalyst Registration

BeadSurgeInstaller

Boson NetSim for CCNP 7.0

Boson NetSim for CCNP BETA 3

CameraHelperMsi

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

Chinese Simplified Fonts Support For Adobe Reader X

Cisco Connect

Combined Community Codec Pack 2011-07-30

Content Manager Assistant for PlayStation®

Creative WaveStudio 7

dBpoweramp Windows Media Audio 10 Codec

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

Epson Event Manager

EPSON Scan

EpsonNet Print

EpsonNet Setup

eReg

Futuremark SystemInfo

Galaxy Nexus ToolKit

Geometry Solved!

GIMP 2.6.11

Google Chrome

Google Drive

Google Talk Plugin

Google Update Helper

ImgBurn

Java Auto Updater

Java 6 Update 26

Java 7 Update 4

JavaFX 2.1.0

Locomotion

Logitech Webcam Software

LogMeTT 2.9.9

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Malwarebytes Anti-Malware version 1.61.0.1400

Marvell Miniport Driver

Max Payne 3

Max Payne 3 version 1.02

Microsoft .NET Framework 1.1

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219

Mobipocket Creator 4.2

Mozilla Firefox 13.0.1 (x86 en-US)

Mozilla Maintenance Service

Mp3tag v2.49

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Mumble 1.2.3

NBA 2K12

NEC Electronics USB 3.0 Host Controller Driver

Nero 7 Ultra Edition

NVIDIA PhysX

OnLive

ooVoo

OpenAL

Optimum Link

PdaNet for Android 3.02

Perler

Platform

PowerISO

PunkBuster Services

QuickTime

ResumeMaker Professional

Rockstar Games Social Club

Security Update for CAPICOM (KB931906)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

SimpleOCR 3.1

Skype Click to Call

Skype™ 5.5

Sound Blaster X-Fi MB

SplitMediaLabs VH Screen Capture Driver (x86)

Steam

SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49

System Requirements Lab CYRI

Team Fortress 2

Tera Term 4.71

The Lord of the Rings FREE Trial

The Walking Dead - Episode 1

The Walking Dead © 3 version 1

Tom Clancy's Ghost Recon Future Soldier

TTLEditor 1.2.1

Ubisoft Game Launcher

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2473228)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft Office 2010 (KB2494150)

Update for Microsoft Office 2010 (KB2553092)

VIA Platform Device Manager

VLC media player 1.1.11

VobSub v2.23 (Remove Only)

XviD4PSP 5.10.234.0

Yahoo! Messenger

Yahoo! Software Update

.

==== Event Viewer Messages From Past Week ========

.

7/3/2012 2:52:58 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

7/3/2012 2:52:58 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891

7/3/2012 2:52:33 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SCDEmu

7/3/2012 2:52:31 PM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified.

7/2/2012 2:36:38 AM, Error: volsnap [36] - The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

7/2/2012 11:25:20 AM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start.

7/2/2012 11:25:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

7/2/2012 11:25:20 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

7/2/2012 11:25:14 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

7/2/2012 11:25:09 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

7/2/2012 11:23:06 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: discache MpFilter SASDIFSV SASKUTIL SCDEmu spldr sptd Wanarpv6

7/2/2012 11:23:06 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B}

7/2/2012 11:23:00 AM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.

7/2/2012 11:22:30 AM, Error: sptd [4] - Driver detected an internal error in its data structures for .

7/2/2012 11:18:57 AM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: Cannot create a file when that file already exists.

7/1/2012 2:34:44 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: Not enough storage is available to complete this operation.

6/30/2012 9:28:18 PM, Error: volsnap [35] - The shadow copies of volume C: were aborted because the shadow copy storage failed to grow.

6/30/2012 10:10:10 PM, Error: Microsoft-Windows-WLAN-AutoConfig [10000] - WLAN Extensibility Module has failed to start. Module Path: C:\Windows\system32\athExt.dll Error Code: 126

.

==== End Of File ===========================

[Redirect Malware Help.]

Thanks screen, your help is much appreciated here are the logs below

VVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV

Malwarebytes Anti-Malware (Trial) 1.61.0.1400

www.malwarebytes.org

Database version: v2012.07.02.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Ron :: RON-PC [administrator]

Protection: Enabled

7/2/2012 7:53:18 PM

mbam-log-2012-07-02 (19-53-18).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 220017

Time elapsed: 3 minute(s), 23 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 2

C:\Users\Ron\Local Settings\TempDIR\BetterInstaller.exe (PUP.BundleInstaller.Somoto) -> No action taken.

C:\Windows\Installer\{4d23d243-38d4-1960-c9ba-7d7551897c95}\U\00000008.@ (Trojan.Dropper.BCMiner) -> Quarantined and deleted successfully.

(end)

and here is the second log

VVVVVVVVVVVVVVVVVVVVVV

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.4.1

Run by Ron at 21:08:44 on 2012-07-02

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.4094.2588 [GMT -4:00]

.

AV: Microsoft Security Essentials *Disabled/Updated* {9765EA51-0D3C-7DFB-6091-10E4E1F341F6}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Disabled/Updated* {2C040BB5-2B06-7275-5A21-2B969A740B4B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\SysWOW64\WLTRYSVC.EXE

C:\Windows\SysWOW64\bcmwltry.exe

C:\Windows\System32\spoolsv.exe

C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE

C:\Windows\system32\svchost.exe -k bthsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\SysWOW64\SAgent4.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Windows\system32\svchost.exe -k bthaudiosvc

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe

C:\Program Files\Logitech\SetPointP\SetPoint.exe

C:\Windows\SysWOW64\WLTRAY.EXE

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe

C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE

C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\AMBSpiE.exe

C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe

C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

"C:\Windows\SysWOW64\svchost.exe" -k LocalServiceDns

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://mystart.incredibar.com/mb133?a=6OyzUebbLz&i=26

uWindow Title = Internet Explorer, optimized for Bing and MSN

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: SteadyVideoBHO Class: {6c680bae-655c-4e3d-8fc4-e6a520c3d928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

uRun: [Epson Stylus NX510(Network)] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIFIA.EXE /FU "C:\Users\Ron\AppData\Local\Temp\E_S88ED.tmp" /EF "HKCU"

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\Users\Ron\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PDANET~1.LNK - C:\Program Files (x86)\PdaNet for Android\PdaNetPC.exe

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTEN~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office14\EXCEL.EXE/3000

IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~3\Office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

LSP: mswsock.dll

DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab

DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} - hxxp://clients.futuremark.com/openapi/receivers/FMSI.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.3.1.0.cab

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{50D78396-8E52-4043-B3EF-48EB7131B47A} : DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{606C35E8-A48D-4CAF-AD83-BD1E626DE376} : DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{674608C5-8793-48CD-9C57-4927C580C171} : DhcpNameServer = 8.8.8.8

TCP: Interfaces\{75DA459F-063D-44BA-A8BF-C3B0A01ECE8F}\2456C6B696E6F5E4B2F5444313646303 : DhcpNameServer = 192.168.2.1 192.168.2.1

TCP: Interfaces\{75DA459F-063D-44BA-A8BF-C3B0A01ECE8F}\34963736F63363730323 : DhcpNameServer = 167.206.254.1 167.206.254.2 192.168.1.1

TCP: Interfaces\{75DA459F-063D-44BA-A8BF-C3B0A01ECE8F}\54E6475627028656275612 : DhcpNameServer = 167.206.254.2 167.206.254.1 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL

Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO-X64: 0x1 - No File

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll

BHO-X64: AMD SteadyVideo BHO - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

BHO-X64: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll

BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO-X64: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

BHO-X64: SkypeIEPluginBHO - No File

BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL

BHO-X64: URLRedirectionBHO - No File

BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll

mRun-x64: [NUSB3MON] "C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun-x64: [VolPanel] "C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe" /r

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Ron\AppData\Roaming\Mozilla\Firefox\Profiles\e7a11fbw.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - about:home

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll

FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll

FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll

FF - plugin: C:\Users\Ron\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll

FF - plugin: C:\Users\Ron\AppData\Roaming\Mozilla\Firefox\Profiles\e7a11fbw.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\plugins\np-mswmp.dll

FF - plugin: C:\Users\Ron\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll

FF - plugin: C:\Users\Ron\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: extensions.incredibar_i.newTab - false

FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6OyzUebbLz&loc=IB_TB&i=26&search=

FF - user.js: extensions.incredibar_i.id - 3680d53e000000000000001a70b26574

FF - user.js: extensions.incredibar_i.instlDay - 15455

FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14

FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.140:34:18

FF - user.js: extensions.incredibar_i.prtnrId - Incredibar

FF - user.js: extensions.incredibar_i.prdct - incredibar

FF - user.js: extensions.incredibar_i.aflt - orgnl

FF - user.js: extensions.incredibar_i.smplGrp - none

FF - user.js: extensions.incredibar_i.tlbrId - base

FF - user.js: extensions.incredibar_i.instlRef -

FF - user.js: extensions.incredibar_i.dfltLng -

FF - user.js: extensions.incredibar_i.excTlbr - false

FF - user.js: extensions.incredibar_i.ms_url_id -

FF - user.js: extensions.incredibar_i.upn2 - 6OyzUebbLz

FF - user.js: extensions.incredibar_i.upn2n - 92261298974656761

FF - user.js: extensions.incredibar_i.productid - 26

FF - user.js: extensions.incredibar_i.installerproductid - 26

FF - user.js: extensions.incredibar_i.did - 10643

FF - user.js: extensions.incredibar_i.ppd - 1

.

============= SERVICES / DRIVERS ===============

.

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\system32\DRIVERS\MpFilter.sys --> C:\Windows\system32\DRIVERS\MpFilter.sys [?]

R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]

R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672]

R2 AODDriver4.01;AODDriver4.01;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]

R2 cpuz135;cpuz135;\??\C:\Windows\system32\drivers\cpuz135_x64.sys --> C:\Windows\system32\drivers\cpuz135_x64.sys [?]

R2 HFGService;Handsfree Headset Service;C:\Windows\system32\svchost.exe -k bthaudiosvc [2009-7-13 20992]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-7-2 654408]

R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2011-8-19 450848]

R3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\system32\DRIVERS\MijXfilt.sys --> C:\Windows\system32\DRIVERS\MijXfilt.sys [?]

R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;C:\Windows\system32\DRIVERS\nusb3hub.sys --> C:\Windows\system32\DRIVERS\nusb3hub.sys [?]

R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;C:\Windows\system32\DRIVERS\nusb3xhc.sys --> C:\Windows\system32\DRIVERS\nusb3xhc.sys [?]

R3 pneteth;PdaNet Broadband;C:\Windows\system32\DRIVERS\pneteth.sys --> C:\Windows\system32\DRIVERS\pneteth.sys [?]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;C:\Windows\system32\drivers\viahduaa.sys --> C:\Windows\system32\drivers\viahduaa.sys [?]

R3 VMfilt;VMfilt;C:\Windows\system32\drivers\VMfilt64.sys --> C:\Windows\system32\drivers\VMfilt64.sys [?]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?]

S2 AODDriver4.1;AODDriver4.1;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2012-3-5 53888]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S3 athur;Atheros AR9271 Wireless Network Adapter Service;C:\Windows\system32\DRIVERS\athurx.sys --> C:\Windows\system32\DRIVERS\athurx.sys [?]

S3 BthAudioHF;BthAudioHF Service;C:\Windows\system32\DRIVERS\BthAudioHF.sys --> C:\Windows\system32\DRIVERS\BthAudioHF.sys [?]

S3 BthAvrcp;Bluetooth AVRCP Profile;C:\Windows\system32\DRIVERS\BthAvrcp.sys --> C:\Windows\system32\DRIVERS\BthAvrcp.sys [?]

S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2010-12-25 79360]

S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2010-12-25 79360]

S3 csr_a2dp;Bluetooth AV Profile;C:\Windows\system32\drivers\bthav.sys --> C:\Windows\system32\drivers\bthav.sys [?]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudbus.sys --> C:\Windows\system32\DRIVERS\ssudbus.sys [?]

S3 DroidCam;DroidCam Virtual Audio;C:\Windows\system32\drivers\droidcam.sys --> C:\Windows\system32\drivers\droidcam.sys [?]

S3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

S3 LVUVC64;Logitech HD Webcam C310(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]

S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2002-1-1 113120]

S3 NisDrv;Microsoft Network Inspection System;C:\Windows\system32\DRIVERS\NisDrvWFP.sys --> C:\Windows\system32\DRIVERS\NisDrvWFP.sys [?]

S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2012-3-26 291696]

S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\system32\DRIVERS\ssudmdm.sys --> C:\Windows\system32\DRIVERS\ssudmdm.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 VIA_USB_ETS;VIA Telecom USB ETS Driver;C:\Windows\system32\DRIVERS\VIA_USB_ETS.sys --> C:\Windows\system32\DRIVERS\VIA_USB_ETS.sys [?]

S3 ViaUsbModemDriver;VIA Telecom USB MODEM Driver;C:\Windows\system32\DRIVERS\VIA_USB_MODEM.sys --> C:\Windows\system32\DRIVERS\VIA_USB_MODEM.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-12 250056]

S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

S4 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2012-4-5 361984]

S4 AMD FusionUtility Service;AMD FusionUtility Service;C:\Program Files (x86)\AMD\Fusion Utility for Desktop\FusionUtility2Service.exe [2010-4-14 275832]

S4 AODService;AODService;C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [2010-7-1 136616]

S4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2010-12-25 128928]

S4 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-1 116648]

S4 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-5-1 116648]

.

=============== File Associations ===============

.

.reg=Regedit.Document

.

=============== Created Last 30 ================

.

2074-05-07 23:38:48 203576 ------w- C:\Program Files (x86)\Microsoft Games\Age of Empires III\autopatcher2.exe

2012-07-02 23:52:43 -------- d-----w- C:\Users\Ron\AppData\Roaming\Malwarebytes

2012-07-02 23:52:40 -------- d-----w- C:\ProgramData\Malwarebytes

2012-07-02 23:52:39 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-07-02 23:52:39 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-07-02 23:26:37 -------- d-----w- C:\Program Files (x86)\Sony

2012-07-01 23:44:55 -------- d-----w- C:\ProgramData\3DMGAME

2012-07-01 23:35:46 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-07-01 07:06:30 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5CDF57E5-740E-49A4-887E-BEC011B1791C}\mpengine.dll

2012-06-30 17:43:43 9013136 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2012-06-23 03:13:36 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2012-06-23 03:13:31 -------- d-----w- C:\Users\Ron\AppData\Local\PunkBuster

2012-06-23 03:08:56 -------- d-----w- C:\Users\Ron\AppData\Local\Ubisoft Game Launcher

2012-06-23 02:55:59 -------- d-----w- C:\Users\Ron\AppData\Roaming\Ubisoft

2012-06-21 08:37:14 3166792 ------w- C:\Windows\SysWow64\pbsvc.exe

2012-06-21 01:29:25 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-21 01:29:17 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-21 01:29:02 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-21 01:29:02 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-14 00:09:08 -------- d-----w- C:\Users\Ron\AppData\Local\Ironclad Games

2012-06-14 00:06:37 -------- d-----w- C:\ProgramData\Ironclad Games

2012-06-14 00:02:34 -------- d-----w- C:\Program Files (x86)\Stardock

2012-06-13 17:27:10 927800 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3BB6A39E-C244-4873-A07F-58BA01F2E99B}\gapaengine.dll

2012-06-13 17:21:07 -------- d-----w- C:\Users\Ron\AppData\Local\Macromedia

2012-06-12 18:53:23 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe

2012-06-11 05:39:29 -------- d-----w- C:\Users\Ron\AppData\Roaming\Individual Software

2012-06-11 05:36:44 -------- d-----w- C:\ProgramData\Individual Software

2012-06-11 05:36:15 -------- d-----w- C:\Program Files (x86)\ResumeMaker Professional

2012-06-06 05:26:29 -------- d-----w- C:\BCM_REL_4_100_15_5_WHQL

2012-06-04 03:57:28 -------- d-----w- C:\Users\Ron\AppData\Local\Chromium

2012-06-04 03:53:59 -------- d-----w- C:\Program Files (x86)\Rockstar Games

2012-06-04 00:51:14 -------- d-----w- C:\Program Files (x86)\Black_Box

2012-06-03 05:41:50 -------- d-----w- C:\Program Files (x86)\Oracle

2012-06-03 05:41:20 772504 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

.

==================== Find3M ====================

.

2012-07-01 18:43:36 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-07-01 18:43:36 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-06-30 02:41:41 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2012-06-28 23:37:15 282696 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0

2012-06-23 03:02:57 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe

2012-06-10 18:08:35 119296 ----a-w- C:\Windows\SysWow64\zlib.dll

2012-05-27 00:28:10 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll

2012-05-18 02:06:48 2311680 ----a-w- C:\Windows\System32\jscript9.dll

2012-05-18 01:59:14 1392128 ----a-w- C:\Windows\System32\wininet.dll

2012-05-18 01:58:39 1494528 ----a-w- C:\Windows\System32\inetcpl.cpl

2012-05-18 01:55:22 173056 ----a-w- C:\Windows\System32\ieUnatt.exe

2012-05-18 01:51:30 2382848 ----a-w- C:\Windows\System32\mshtml.tlb

2012-05-17 22:45:37 1800192 ----a-w- C:\Windows\SysWow64\jscript9.dll

2012-05-17 22:35:47 1129472 ----a-w- C:\Windows\SysWow64\wininet.dll

2012-05-17 22:35:39 1427968 ----a-w- C:\Windows\SysWow64\inetcpl.cpl

2012-05-17 22:29:45 142848 ----a-w- C:\Windows\SysWow64\ieUnatt.exe

2012-05-17 22:24:45 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2012-05-15 01:32:33 3146752 ----a-w- C:\Windows\System32\win32k.sys

2012-05-04 20:18:07 8744608 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe

2012-05-04 11:06:22 5559664 ----a-w- C:\Windows\System32\ntoskrnl.exe

2012-05-04 10:03:53 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2012-05-04 10:03:50 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2012-05-01 05:40:20 209920 ----a-w- C:\Windows\System32\profsvc.dll

2012-04-28 05:32:05 1112064 ----a-w- C:\Windows\System32\rdpcorets.dll

2012-04-28 03:55:21 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys

2012-04-26 05:41:56 77312 ----a-w- C:\Windows\System32\rdpwsx.dll

2012-04-26 05:41:55 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll

2012-04-24 05:37:37 184320 ----a-w- C:\Windows\System32\cryptsvc.dll

2012-04-24 05:37:37 140288 ----a-w- C:\Windows\System32\cryptnet.dll

2012-04-24 05:37:36 1462272 ----a-w- C:\Windows\System32\crypt32.dll

2012-04-24 04:36:42 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll

2012-04-24 04:36:42 1158656 ----a-w- C:\Windows\SysWow64\crypt32.dll

2012-04-24 04:36:42 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll

2012-04-07 12:31:40 3216384 ----a-w- C:\Windows\System32\msi.dll

2012-04-07 11:26:29 2342400 ----a-w- C:\Windows\SysWow64\msi.dll

2012-04-06 05:22:40 11174400 ----a-w- C:\Windows\System32\drivers\atikmdag.sys

2012-04-06 02:34:26 187392 ----a-w- C:\Windows\System32\clinfo.exe

2012-04-06 02:34:10 74752 ----a-w- C:\Windows\System32\OpenVideo64.dll

2012-04-06 02:34:04 64512 ----a-w- C:\Windows\SysWow64\OpenVideo.dll

2012-04-06 02:33:56 63488 ----a-w- C:\Windows\System32\OVDecode64.dll

2012-04-06 02:33:52 56320 ----a-w- C:\Windows\SysWow64\OVDecode.dll

2012-04-06 02:33:44 16457216 ----a-w- C:\Windows\System32\amdocl64.dll

2012-04-06 02:32:56 13007872 ----a-w- C:\Windows\SysWow64\amdocl.dll

2012-04-06 02:22:00 159744 ----a-w- C:\Windows\System32\atiapfxx.exe

2012-04-06 02:21:52 909312 ----a-w- C:\Windows\SysWow64\aticfx32.dll

2012-04-06 02:20:04 1067520 ----a-w- C:\Windows\System32\aticfx64.dll

2012-04-06 02:16:52 442368 ----a-w- C:\Windows\System32\ATIDEMGX.dll

2012-04-06 02:16:46 503808 ----a-w- C:\Windows\System32\atieclxx.exe

2012-04-06 02:16:02 236544 ----a-w- C:\Windows\System32\atiesrxx.exe

2012-04-06 02:14:44 120320 ----a-w- C:\Windows\System32\atitmm64.dll

2012-04-06 02:14:30 21504 ----a-w- C:\Windows\System32\atimuixx.dll

2012-04-06 02:14:26 59392 ----a-w- C:\Windows\System32\atiedu64.dll

2012-04-06 02:14:20 43520 ----a-w- C:\Windows\SysWow64\ati2edxx.dll

2012-04-06 02:13:42 6800896 ----a-w- C:\Windows\SysWow64\atidxx32.dll

2012-04-06 02:10:50 26181632 ----a-w- C:\Windows\System32\atio6axx.dll

2012-04-06 02:00:10 64000 ----a-w- C:\Windows\System32\coinst.dll

2012-04-06 01:54:46 7479296 ----a-w- C:\Windows\System32\atidxx64.dll

2012-04-06 01:50:56 19753984 ----a-w- C:\Windows\SysWow64\atioglxx.dll

2012-04-06 01:35:24 1120768 ----a-w- C:\Windows\System32\atiumd6v.dll

2012-04-06 01:34:50 1831424 ----a-w- C:\Windows\SysWow64\atiumdmv.dll

2012-04-06 01:34:34 4731904 ----a-w- C:\Windows\System32\atiumd6a.dll

2012-04-06 01:34:04 6203392 ----a-w- C:\Windows\SysWow64\atiumdag.dll

2012-04-06 01:30:16 51200 ----a-w- C:\Windows\System32\aticalrt64.dll

2012-04-06 01:30:14 46080 ----a-w- C:\Windows\SysWow64\aticalrt.dll

2012-04-06 01:30:08 44544 ----a-w- C:\Windows\System32\aticalcl64.dll

2012-04-06 01:30:06 44032 ----a-w- C:\Windows\SysWow64\aticalcl.dll

2012-04-06 01:29:54 16090624 ----a-w- C:\Windows\System32\aticaldd64.dll

2012-04-06 01:25:30 13764096 ----a-w- C:\Windows\SysWow64\aticaldd.dll

2012-04-06 01:23:24 7431680 ----a-w- C:\Windows\System32\atiumd64.dll

2012-04-06 01:22:54 4795904 ----a-w- C:\Windows\SysWow64\atiumdva.dll

2012-04-06 01:11:28 514560 ----a-w- C:\Windows\System32\atiadlxx.dll

2012-04-06 01:11:20 360448 ----a-w- C:\Windows\SysWow64\atiadlxy.dll

2012-04-06 01:11:06 17408 ----a-w- C:\Windows\System32\atig6pxx.dll

2012-04-06 01:11:04 14848 ----a-w- C:\Windows\SysWow64\atiglpxx.dll

2012-04-06 01:11:04 14848 ----a-w- C:\Windows\System32\atiglpxx.dll

2012-04-06 01:11:00 41984 ----a-w- C:\Windows\System32\atig6txx.dll

2012-04-06 01:10:52 33280 ----a-w- C:\Windows\SysWow64\atigktxx.dll

2012-04-06 01:10:44 343040 ----a-w- C:\Windows\System32\drivers\atikmpag.sys

2012-04-06 01:09:56 54784 ----a-w- C:\Windows\System32\atiuxp64.dll

2012-04-06 01:09:48 41984 ----a-w- C:\Windows\SysWow64\atiuxpag.dll

2012-04-06 01:09:42 44544 ----a-w- C:\Windows\System32\atiu9p64.dll

2012-04-06 01:09:34 32256 ----a-w- C:\Windows\SysWow64\atiu9pag.dll

2012-04-06 01:09:02 53248 ----a-w- C:\Windows\System32\drivers\ati2erec.dll

2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\atimpc64.dll

2012-04-06 01:06:08 54784 ----a-w- C:\Windows\System32\amdpcom64.dll

2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\atimpc32.dll

2012-04-06 01:06:04 53760 ----a-w- C:\Windows\SysWow64\amdpcom32.dll

2012-04-04 22:47:02 687504 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2006-05-03 16:06:54 163328 --sha-r- C:\Windows\SysWOW64\flvDX.dll

2007-02-21 17:47:16 31232 --sha-r- C:\Windows\SysWOW64\msfDX.dll

2008-03-16 19:30:52 216064 --sha-r- C:\Windows\SysWOW64\nbDX.dll

2010-01-07 04:00:00 107520 --sha-r- C:\Windows\SysWOW64\TAKDSDecoder.dll

.

============= FINISH: 21:09:21.74 ===============

[Redirect Malware Help.]

Hello there forum members, my computer seems to be infected with some sort of search engine redirect virus. I ran a complete SuperAntiSpyware scan in normal and safe mode but the problem is still there. pages also pop up randomly filled with ads. Any help would be greatly appreciated thanks.