Dogwithrabiez

Results of screen317's Security Check version 0.99.78 Windows 7 Service Pack 1 x64 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Sophos Anti-Rootkit 1.5.4 Malwarebytes Anti-Malware version 1.75.0.1300 JavaFX 2.1.1 Java 7 Update 45 Adobe Flash Player 11.9.900.170 Mozilla Firefox 25.0.1 Firefox out of Date! Google Chrome 31.0.1650.57 Google Chrome 31.0.1650.63 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````

TopArcadeHits extension. I guess it put itself there, as I haven't downloaded it or accepted any agreements that would install it. I removed it from Chrome, but does this completely get rid of the rest of it so that I no longer have to worry about it gathering information and such?

Aha, that worked. I got rid of the extension, and that seemed to have fixed everything. Will it be continuing to gather information and such, or is it fairly benign now?

Firefox seems to have been cured-- Chrome, however, still suffers.

Both TFC and Farbar have finished running, as has MalwareBytes. The problem still persists, unfortunately.

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 03-01-2014 Ran by Gurn at 2014-01-03 16:33:01 Run:1 Running from C:\Users\Gurn\Downloads Boot Mode: Normal ============================================== Content of fixlist: ***************** HKCU\...\Run: [taskhost] - rundll32 "C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.dll",_EntryPoint_RunDll32@16 SearchScopes: HKLM - DefaultScope value is missing. FF Extension: TopArcadeHits - C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} CHR Extension: () - C:\Users\Gurn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp ***************** HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\taskhost => Value deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\Extensions\{0113D088-8ED1-468C-B225-585A9C53B5E3} => Moved successfully. CHR Extension: () - C:\Users\Gurn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdgdlcjhlbaphcjmagicjhhgfnkiihp directory not found. ==== End of Fixlog ====

Malwarebytes is still running, but has not caught anything as of yet. FRST.txt Addition.txt

Both Chrome and Firefox are affected.

# AdwCleaner v3.016 - Report created 03/01/2014 at 13:35:27 # Updated 23/12/2013 by Xplode # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits) # Username : Gurn - ARTEMIS-02 # Running from : C:\Users\Gurn\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\StumbleUpon ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v25.0.1 (en-US) [ File : C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\prefs.js ] -\\ Google Chrome v [ File : C:\Users\Gurn\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [3898 octets] - [03/01/2014 02:41:48] AdwCleaner[R1].txt - [1104 octets] - [03/01/2014 13:31:59] AdwCleaner[s0].txt - [3913 octets] - [03/01/2014 02:45:41] AdwCleaner[s1].txt - [1030 octets] - [03/01/2014 13:35:27] ########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1090 octets] ########## I am currently running Malwarebytes full scan. As of this moment, nothing has changed and TopArcadeHits still continues to give me random popups and highlights words on pages to link to ad sites.

RogueKiller V8.8.0 _x64_ [Dec 27 2013] by Tigzy mail : tigzyRK<at>gmail<dot>com Feedback : http://www.adlice.com/forum/ Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Started in : Normal mode User : Gurn [Admin rights] Mode : Scan -- Date : 01/03/2014 12:52:28 | ARK || FAK || MBR | ¤¤¤ Bad processes : 0 ¤¤¤ ¤¤¤ Registry Entries : 10 ¤¤¤ [RUN][sUSP PATH] HKCU\[...]\Run : taskhost (rundll32 "C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.dll",_EntryPoint_RunDll32@16 [x][-][x]) -> FOUND [HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : DisableRegistryTools (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> FOUND [HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND [HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND ¤¤¤ Scheduled tasks : 0 ¤¤¤ ¤¤¤ Startup Entries : 0 ¤¤¤ ¤¤¤ Web browsers : 0 ¤¤¤ ¤¤¤ Browser Addons : 0 ¤¤¤ ¤¤¤ Particular Files / Folders: ¤¤¤ ¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤ ¤¤¤ External Hives: ¤¤¤ -> F:\windows\system32\config\SYSTEM | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND] -> F:\windows\system32\config\SOFTWARE | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND] -> F:\windows\system32\config\SECURITY | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND] -> F:\windows\system32\config\SAM | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND] -> F:\windows\system32\config\DEFAULT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND] -> F:\Users\Default\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> F:\Users\Default User\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> F:\Users\Gurn\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - FOUND] -> F:\Users\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> F:\Documents and Settings\Default\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> F:\Documents and Settings\Default User\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> F:\Documents and Settings\Gurn\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] -> F:\Documents and Settings\UpdatusUser\NTUSER.DAT | DRVINFO [Drv - F:] | SYSTEMINFO [sys - C:] [sys32 - FOUND] | USERINFO [startup - NOT_FOUND] ¤¤¤ Infection : ¤¤¤ ¤¤¤ HOSTS File: ¤¤¤ --> %SystemRoot%\System32\drivers\etc\hosts 127.0.0.1 localhost ¤¤¤ MBR Check: ¤¤¤ +++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) WDC WD1001FALS-00Y6A0 ATA Device +++++ --- User --- [MBR] 255c3cf1e5f04c2e593f7c556f437437 [bSP] 09bbebd4e263a40444ff2e044cd00111 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 953767 Mo User = LL1 ... OK! User = LL2 ... OK! +++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) WDC WD5000AADS-00S9B0 ATA Device +++++ --- User --- [MBR] 3cb728527b73759917e10abb859fc121 [bSP] 3c6f1447cc25f2a566443ae58d756341 : Windows 7/8 MBR Code Partition table: 0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo 1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 476838 Mo User = LL1 ... OK! User = LL2 ... OK! Finished : << RKreport[0]_S_01032014_125228.txt >>

I recently came back from a vacation and booted my computer up, only to see this TopArcadeHits thing popping all sorts of ads and such across websites. I immediately ran a full Malwarebytes check, which caught it and removed it-- Or so it said. Here's the log for that: Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.01.03.01 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476Gurn :: ARTEMIS-02 [administrator] 1/2/2014 8:32:07 PMmbam-log-2014-01-02 (20-32-07).txt Scan type: Full scan (C:\|D:\|E:\|F:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 940679Time elapsed: 3 hour(s), 18 minute(s), 24 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 9HKCR\CLSID\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.HKCR\CLSID\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A9D7E7-E0C0-4202-9F13-6A06BD073CDA} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.HKCR\TypeLib\{39A17362-9C1D-4907-9428-0D28A94DC79D} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.HKCR\Interface\{627A968A-03E6-41C7-B11B-4E442B376F95} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF190686-9E72-403C-B99D-682ABDB63C5B} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C3E833-420E-4D78-9BA7-86AEBB272384} (Adware.GameVance) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C1C3E833-420E-4D78-9BA7-86AEBB272384} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Consumer Input Chrome Extension (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully. Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 8C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits (Adware.GameVance) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Local\TopArcadeHits (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3} (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Program Files (x86)\Consumer Input (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.C:\Program Files (x86)\Consumer Input\Chrome (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully. Files Detected: 23C:\Users\Gurn\AppData\Local\TopArcadeHits\Toparcadehits.dll (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Local\TopArcadeHits\uninstaller.exe (Adware.GameVance) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Local\TopArcadeHits\updater.exe (Adware.GameVance) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.exe (PUP.Bitminer) -> Quarantined and deleted successfully.C:\Users\Gurn\Downloads\coretemp_1236.exe (PUP.Optional.InstallIQ) -> Quarantined and deleted successfully.C:\Users\Gurn\Downloads\Doctor_Who_2005_S07E07_480p_HDTV_x264_(VectoR) (1).exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.C:\Users\Gurn\Downloads\Doctor_Who_2005_S07E07_480p_HDTV_x264_(VectoR).exe (PUP.BundleInstaller.DW) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Play Toparcadehits Online.url (Adware.GameVance) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TopArcadeHits\Uninstall Toparcadehits.lnk (Adware.GameVance) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Local\TopArcadeHits\tah.config (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Local\TopArcadeHits\Toparcadehitsbrkr.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Local\TopArcadeHits\uninstaller.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Local\TopArcadeHits\updater.exe (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Windows\Tasks\TopArcadeHits.job (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome.manifest (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\icon.png (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\install.rdf (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\browser.xul (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\chrome\content\toparcadehits.js (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Users\Gurn\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{0113D088-8ED1-468C-B225-585A9C53B5E3}\skin\style.css (PUP.Optional.TopArcadeHits.A) -> Quarantined and deleted successfully.C:\Program Files (x86)\Consumer Input\Chrome\cicr-3.1.0-2123.crx (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.C:\Program Files (x86)\Consumer Input\Chrome\uninstall.exe (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully.C:\Program Files (x86)\Consumer Input\Chrome\uninstall.ico (PUP.Optional.Consumer.Input.A) -> Quarantined and deleted successfully. (end) Unfortunately, when my computer restarted, nothing was solved. I've downloaded and used the dds. Here's the logs for that: DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.9600.16428 BrowserJavaVersion: 10.45.2Run by Gurn at 2:55:05 on 2014-01-03Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8191.5630 [GMT -8:00].AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:\Windows\system32\lsm.exeC:\Windows\system32\svchost.exe -k DcomLaunchC:\Windows\system32\nvvsvc.exeC:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exeC:\Windows\system32\svchost.exe -k RPCSSc:\Program Files\Microsoft Security Client\MsMpEng.exeC:\Windows\System32\svchost.exe -k LocalServiceNetworkRestrictedC:\Windows\System32\svchost.exe -k LocalSystemNetworkRestrictedC:\Windows\system32\svchost.exe -k LocalServiceC:\Windows\system32\svchost.exe -k netsvcsC:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exeC:\Windows\system32\svchost.exe -k NetworkServiceC:\Program Files\NVIDIA Corporation\Display\nvxdsync.exeC:\Windows\system32\nvvsvc.exeC:\Windows\System32\spoolsv.exeC:\Windows\system32\svchost.exe -k LocalServiceNoNetworkC:\Program Files\SUPERAntiSpyware\SASCORE64.EXEC:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exeC:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.exeC:\Program Files\Bonjour\mDNSResponder.exeC:\Windows\SysWOW64\PnkBstrA.exeC:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exeC:\Windows\system32\taskhost.exeC:\Windows\system32\Dwm.exeC:\Windows\Explorer.EXEC:\Windows\system32\taskeng.exeC:\Windows\system32\svchost.exe -k imgsvcC:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exeC:\Users\Gurn\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exeC:\Program Files\Microsoft Security Client\msseces.exeC:\Program Files\Microsoft Mouse and Keyboard Center\itype.exeC:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exeC:\Windows\System32\rundll32.exeC:\Windows\SysWOW64\rundll32.exeC:\Program Files (x86)\Razer\Synapse\RzSynapse.exeC:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exeC:\Program Files (x86)\Common Files\Java\Java Update\jusched.exeC:\Program Files\NVIDIA Corporation\Display\nvtray.exec:\Program Files\Microsoft Security Client\NisSrv.exeC:\Windows\system32\SearchIndexer.exeC:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonationC:\Windows\system32\sppsvc.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Program Files\Steam\Steam.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exeC:\Windows\servicing\TrustedInstaller.exeC:\Malwarebytes' Anti-Malware\mbam.exeC:\Users\Gurn\AppData\Local\Google\Chrome\Application\chrome.exe\\?\C:\Windows\system32\wbem\WMIADAP.EXEC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\system32\SearchProtocolHost.exeC:\Windows\system32\SearchFilterHost.exec:\Program Files\Microsoft Security Client\MpCmdRun.exeC:\Windows\system32\wbem\wmiprvse.exeC:\Windows\System32\cscript.exe.============== Pseudo HJT Report ===============.BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dllBHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dllBHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dllTB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dlluRun: [taskhost] rundll32 "C:\Users\Gurn\AppData\Roaming\Microsoft\Windows\taskhost.dll",_EntryPoint_RunDll32@16mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"mRun: [iJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCEmRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"dRunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601uPolicies-Explorer: NoDriveTypeAutoRun = dword:145uPolicies-Explorer: NoDrives = dword:0mPolicies-Explorer: NoDrives = dword:0mPolicies-System: ConsentPromptBehaviorAdmin = dword:0mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableLUA = dword:0mPolicies-System: EnableUIADesktopToggle = dword:0mPolicies-System: PromptOnSecureDesktop = dword:0IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htmIE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htmTCP: NameServer = 192.168.1.254TCP: Interfaces\{07A6B49D-CD07-4687-BEF0-67B09726261C} : DHCPNameServer = 192.168.1.254Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dllSSODL: WebCheck - <orphaned>x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dllx64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkeyx64-Run: [intelliType Pro] "c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe"x64-Run: [intelliPoint] "c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe"x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - <orphaned>x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:\Users\Gurn\AppData\Roaming\Mozilla\Firefox\Profiles\42hg9yui.default\FF - prefs.js: network.proxy.type - 0FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dllFF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dllFF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dllFF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dllFF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dllFF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dllFF - plugin: C:\Users\Gurn\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dllFF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dllFF - ExtSQL: !HIDDEN! 2013-03-15 12:53; {ACAA314B-EEBA-48e4-AD47-84E31C44796C}; C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff.============= SERVICES / DRIVERS ===============.R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2012-7-11 140672]R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE [2013-8-30 193696]R2 CodeMeter.exe;CodeMeter Runtime Server;C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe [2012-12-6 2568120]R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-3-20 134944]R2 RzMaelstromVADStreamingService;Razer Surround Audio Service;C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [2013-5-17 4241920]R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]R2 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]R3 Ctafiltv;Ctafiltv;C:\Windows\System32\drivers\Ctafiltv.sys [2008-8-14 24064]R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\System32\drivers\lvrs64.sys [2012-7-2 327576]R3 LVUVC64;Logitech Webcam 500(UVC);C:\Windows\System32\drivers\lvuvc64.sys [2012-7-2 6377496]R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-8-12 346144]R3 rzdaendpt;Razer DeathAdder end point;C:\Windows\System32\drivers\rzdaendpt.sys [2013-5-16 25600]R3 RZMAELSTROMVADService;Razer Surround Audio Enhancer Service;C:\Windows\System32\drivers\RzMaelstromVAD.sys [2013-5-17 40696]R3 rzudd;Razer Keyboard Driver;C:\Windows\System32\drivers\rzudd.sys [2013-5-16 126464]R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\Windows\System32\drivers\rzvkeyboard.sys [2013-5-16 23040]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-9-5 171680]S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE [2013-8-30 240288]S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2013-6-4 103448]S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2013-12-11 111616]S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;C:\Windows\System32\drivers\nx6000.sys [2010-1-29 36720]S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2013-6-4 203672]S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2012-7-2 59392]S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-4-25 52736]S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-7-2 1255736]S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464].=============== Created Last 30 ================.2014-01-03 10:41:45 -------- d-----w- C:\AdwCleaner2014-01-03 04:20:53 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{9AE8F813-89B8-4113-AA6C-8AADC867604D}\mpengine.dll2013-12-29 15:32:52 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll2013-12-11 11:02:55 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe2013-12-11 11:02:55 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe2013-12-11 11:02:54 12625920 ----a-w- C:\Windows\System32\wmploc.DLL2013-12-11 11:02:54 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL2013-12-11 05:47:13 335360 ----a-w- C:\Windows\System32\msieftp.dll2013-12-11 05:47:13 3155968 ----a-w- C:\Windows\System32\win32k.sys2013-12-11 05:47:13 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll2013-12-11 05:47:12 465920 ----a-w- C:\Windows\System32\WMPhoto.dll2013-12-11 05:47:12 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll2013-12-11 05:47:11 81408 ----a-w- C:\Windows\System32\imagehlp.dll2013-12-11 05:47:11 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll2013-12-11 05:43:56 2048 ----a-w- C:\Windows\SysWow64\tzres.dll2013-12-11 05:43:56 2048 ----a-w- C:\Windows\System32\tzres.dll2013-12-11 05:43:54 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys2013-12-11 05:43:54 150016 ----a-w- C:\Windows\System32\wshom.ocx2013-12-11 05:43:54 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys2013-12-11 05:43:53 202752 ----a-w- C:\Windows\System32\scrrun.dll2013-12-11 05:43:53 168960 ----a-w- C:\Windows\System32\wscript.exe2013-12-11 05:43:53 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll2013-12-11 05:43:53 156160 ----a-w- C:\Windows\System32\cscript.exe2013-12-11 05:43:53 141824 ----a-w- C:\Windows\SysWow64\wscript.exe2013-12-11 05:43:53 126976 ----a-w- C:\Windows\SysWow64\cscript.exe2013-12-11 05:43:53 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx2013-12-06 06:14:35 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{13D4DD4A-9411-48ED-A85B-672326D6F87B}\gapaengine.dll.==================== Find3M ====================.2013-12-13 11:09:21 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe2013-12-13 10:50:18 214392 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex02013-12-11 16:34:16 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl2013-12-11 16:34:16 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe2013-12-03 14:25:41 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe2013-11-26 10:19:07 2724864 ----a-w- C:\Windows\System32\mshtml.tlb2013-11-26 10:18:23 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll2013-11-26 09:48:07 66048 ----a-w- C:\Windows\System32\iesetup.dll2013-11-26 09:46:25 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll2013-11-26 09:23:02 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb2013-11-26 09:18:39 139264 ----a-w- C:\Windows\System32\ieUnatt.exe2013-11-26 09:18:09 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe2013-11-26 09:16:57 708608 ----a-w- C:\Windows\System32\jscript9diag.dll2013-11-26 08:35:02 5769216 ----a-w- C:\Windows\System32\jscript9.dll2013-11-26 08:28:16 553472 ----a-w- C:\Windows\SysWow64\jscript9diag.dll2013-11-26 08:16:12 4243968 ----a-w- C:\Windows\SysWow64\jscript9.dll2013-11-26 08:02:16 1995264 ----a-w- C:\Windows\System32\inetcpl.cpl2013-11-26 07:32:06 1928192 ----a-w- C:\Windows\SysWow64\inetcpl.cpl2013-11-26 07:07:57 2334208 ----a-w- C:\Windows\System32\wininet.dll2013-11-26 06:33:33 1820160 ----a-w- C:\Windows\SysWow64\wininet.dll2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL2013-10-08 15:50:37 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll.============= FINISH: 2:55:51.80 =============== .UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2012-11-20.01).Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1Install Date: 6/30/2012 4:02:26 PMSystem Uptime: 1/3/2014 2:48:43 AM (0 hours ago).Motherboard: ASRock | | 870 Extreme3Processor: AMD Phenom II X6 1055T Processor | CPUSocket | 2800/200mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 931 GiB total, 344.004 GiB free.D: is CDROM (CDFS)E: is FIXED (NTFS) - 0 GiB total, 0.069 GiB free.F: is FIXED (NTFS) - 466 GiB total, 318.664 GiB free..==== Disabled Device Manager Items =============.Class GUID: {4d36e96b-e325-11ce-bfc1-08002be10318}Description: Standard PS/2 KeyboardDevice ID: ACPI\PNP0303\4&8AB8035&0Manufacturer: (Standard keyboards)Name: Standard PS/2 KeyboardPNP Device ID: ACPI\PNP0303\4&8AB8035&0Service: i8042prt.==== System Restore Points ===================.RP224: 12/18/2013 7:33:00 AM - Windows UpdateRP225: 12/22/2013 7:33:07 AM - Windows UpdateRP226: 12/26/2013 7:33:02 AM - Windows UpdateRP227: 1/2/2014 8:20:00 PM - Windows Update.==== Installed Programs ======================.µTorrent7-Zip 9.20 (x64 edition)AbiWord 2.8.6Active@ UNDELETE 7Adobe Flash Player 11 PluginAIM 7Amazon Cloud PlayerApple Application SupportApple Mobile Device SupportApple Software UpdateArtemis ArtemisBastionBattlefield 3™Battlefield 4™Battlelog Web PluginsBing BarBonjourBorderlands 2C3Canon IJ Network Scanner Selector EXCanon IJ Network ToolCanon IJ Scan UtilityCanon MG5400 series MP DriversCCleanerChivalry: Medieval WarfareChivalry: Medieval Warfare Dedicated ServerCMUD 3.34Core Temp 1.0 RC5Corrupt Open Office Salvager version 1.2Counter-Strike: Global OffensiveCrysisCrysis WarheadCrysis WarsDivekickERUNT 1.1jESET Online Scanner v3ESN Sonarf.luxFoxit ReaderFraps (remove only)Free YouTube to MP3 Converter version 3.12.0.128GIMP 2.8.0GOM PlayerGOMTV StreamerGoogle ChromeHalo Combat EvolvedICY Hexplorer (remove only)iTunesJade Empire: Special EditionJava 7 Update 45Java Auto UpdaterJavaFX 2.1.1Kernel for Writer Evaluation ver 8.12.01Logitech High Quality VideoLogitech Webcam Software Driver PackageMagickaMalwarebytes Anti-Malware version 1.75.0.1300Mass Effect™ 3MechWarrior OnlineMetro 2033Microsoft .NET Framework 4 Client ProfileMicrosoft .NET Framework 4 ExtendedMicrosoft Application Error ReportingMicrosoft Mouse and Keyboard CenterMicrosoft Security ClientMicrosoft Security EssentialsMicrosoft SilverlightMicrosoft Visual C++ 2005 RedistributableMicrosoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610Microsoft XNA Framework Redistributable 3.1Microsoft XNA Framework Redistributable 4.0 RefreshMount & Blade: WarbandMozilla Firefox 25.0.1 (x86 en-US)Mozilla Maintenance ServiceMUSHclient (remove only)Nexus Mod ManagerNo More Room in HellNotepad++NVIDIA 3D Vision Controller Driver 314.07NVIDIA 3D Vision Driver 314.07NVIDIA Control Panel 314.07NVIDIA Graphics Driver 314.07NVIDIA HD Audio Driver 1.3.23.1NVIDIA Install ApplicationNVIDIA PhysXNVIDIA PhysX System Software 9.12.1031NVIDIA Stereoscopic 3D DriverNVIDIA Update 1.12.12NVIDIA Update ComponentsOpenOffice.org 3.4.1OriginPAYDAY 2PunkBuster ServicesRainmeterRazer SurroundRazer Synapse 2.0Recover My FilesRune ClassicSecurity Update for CAPICOM (KB931906)Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2)Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2)Security Update for Microsoft .NET Framework 4 Extended (KB2487367)Security Update for Microsoft .NET Framework 4 Extended (KB2656351)Security Update for Microsoft .NET Framework 4 Extended (KB2736428)Security Update for Microsoft .NET Framework 4 Extended (KB2742595)Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2)Skype™ 6.10Skyrim NPC EditorSophos Anti-Rootkit 1.5.4Source SDKSpec Ops: The LineStarCraft IISUPERAntiSpywareSyTools Open Office Writer RecoveryThe Elder Scrolls Online BetaThe Stanley ParableThe Walking DeadTorchlight IIUpdate for Microsoft .NET Framework 4 Client Profile (KB2468871)Update for Microsoft .NET Framework 4 Client Profile (KB2533523)Update for Microsoft .NET Framework 4 Client Profile (KB2600217)Update for Microsoft .NET Framework 4 Client Profile (KB2836939)Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3)Update for Microsoft .NET Framework 4 Extended (KB2468871)Update for Microsoft .NET Framework 4 Extended (KB2533523)Update for Microsoft .NET Framework 4 Extended (KB2600217)Update for Microsoft .NET Framework 4 Extended (KB2836939)Update for Microsoft .NET Framework 4 Extended (KB2836939v3)Urban Terror 4.1War of the RosesWarhammer 40,000 Space MarineWarhammer® 40,000™: Dawn of War® IIWindows 7 USB/DVD Download ToolWinRAR 4.20 (32-bit).==== Event Viewer Messages From Past Week ========.12/29/2013 2:37:43 AM, Error: Schannel [36888] - The following fatal alert was generated: 40. The internal error state is 252.1/3/2014 2:51:22 AM, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).1/3/2014 2:51:22 AM, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.1/2/2014 8:10:11 PM, Error: Service Control Manager [7034] - The Skype Updater service terminated unexpectedly. It has done this 1 time(s)..==== End Of File ===========================

My email is constantly flooded with MAILER-DAEMON failed send messages now. My email's being used to spam apparently hundreds, if not thousands of people. I've tried changing my password, and it continued happening. What can I do?

Well, I tried all the methods suggested, but I encountered a lot of problems. MalwareBytes and AVG won't start, though AVG got its files completely corrupted while MalwareBytes is just unable to start. Can't access any sites to download new ones, and I have to use my repair disc quite often, as one of the viruses seems to be a boot-sector virus. One of them also likes to download porn applications-- I disabled my internet and am using another computer to try and get fixes. These viruses just came out of nowhere, just a day after I scanned my computer for viruses. A couple problems I have, the main one being that I can't get MalwareBytes to start. I followed the instructions, but... 1. Tdssserv.sys doesn't show up on the non plug and play. 2. RootRepeal comes up with a few dozen hits, with things like C:\WINDOWS\System32\Drivers\Fastfat.SYS C:\Windows\System32\DRIVERS\ELmou.sys C"\WINDOWS\System32\DRIVERS\e1e5132.sys C:\WINDOWS\System32\DLA\DLApoolM.SYS atapi.sys ACPI.sys PrtMr.sys pciide.sys Ntfs.sys NDIS.sys Mup.sys DRVMCB.SYS And so on. It goes on for quite a large list, and I don't know what to do. My system is a Windows XP Media Edition, if that helps. In retrospect, it might've been one of the song lyric sites I went on(totally forgot to have Securemaker on), but I dunno. Any help please?