Please Help - getting Trojan.Dropper.BCMINER warnings (among others!)

[Blueoctober2]

Hello,

I really hope you can help me. I recently became infected with malware and I've tried several things, including using Avast and Malwarebytes Anti-Malware to fix it to no avail. Avast keeps dinging warnings every few minutes and I keep getting an Adobe Flash updater that I know isn't genuine. I ran the dds file and will post both below. Any help is appreciated!

Dan

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_31

Run by Dan at 21:31:40 on 2012-08-13

Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.6142.4584 [GMT -4:00]

.

AV: Lavasoft Ad-Aware *Enabled/Updated* {445B48C3-0FA4-6B16-8F07-6506F305D800}

SP: Lavasoft Ad-Aware *Enabled/Updated* {FF3AA927-299E-6498-B5B7-5E74888292BD}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Lavasoft Ad-Aware *Disabled* {7C60C9E6-45CB-6A4E-A458-CC330DD69F7B}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\svchost.exe -k apphost

C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe

C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Users\Dan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Dan\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler.exe

C:\Users\Dan\AppData\Local\Google\Update\1.3.21.115\GoogleCrashHandler64.exe

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

-netsvcs

C:\Windows\system32\conhost.exe

C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\SysWOW64\ctfmon.exe

C:\Windows\system32\taskeng.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Users\Dan\AppData\Local\Google\Chrome\Application\chrome.exe

C:\Windows\system32\RunDll32.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

uURLSearchHooks: H - No File

mWinlogon: Userinit=userinit.exe,

BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File

BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

{e7df6bff-55a5-4eb7-a673-4ed3e9456d39}

uRun: [spotify Web Helper] "C:\Users\Dan\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

uRun: [Google Update] "C:\Users\Dan\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

dRun: [powstak] rundll32 "C:\Windows\system32\config\systemprofile\AppData\Local\powstak.dll",powstak

dRunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f

dRunOnce: [adaware_XP] reg.exe delete "HKCU\Software\adaware" /f

dRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f

dRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

LSP: mswsock.dll

Trusted Zone: cinemanow.com

Trusted Zone: roxio.com

Trusted Zone: roxionow.com

Trusted Zone: sonic.com

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab

DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/110926/CTPID.cab

TCP: DhcpNameServer = 192.168.0.1

TCP: Interfaces\{615C01E9-380F-4C2D-A020-81B8F56998FD} : DhcpNameServer = 192.168.0.1

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

Notify: powstak - C:\Windows\system32\config\systemprofile\AppData\Local\powstak.dll

BHO-X64: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll

BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

TB-X64: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File

TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File

mRun-x64: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12

mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

.

============= SERVICES / DRIVERS ===============

.

R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]

R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]

R1 ElRawDisk;ElRawDisk;\??\C:\Windows\system32\drivers\ElRawDsk.sys --> C:\Windows\system32\drivers\ElRawDsk.sys [?]

R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]

R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]

R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-12 44808]

R2 ioloSystemService;iolo System Service;C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe [2012-8-4 1027792]

R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-12 655944]

R2 PDFsFilter;PDFsFilter;C:\Windows\system32\DRIVERS\PDFsFilter.sys --> C:\Windows\system32\DRIVERS\PDFsFilter.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 CompFilter64;UVCCompositeFilter;C:\Windows\system32\DRIVERS\lvbflt64.sys --> C:\Windows\system32\DRIVERS\lvbflt64.sys [?]

R3 CT20XUT.SYS;CT20XUT.SYS;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

R3 CTEXFIFX.SYS;CTEXFIFX.SYS;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

R3 CTHWIUT.SYS;CTHWIUT.SYS;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

R3 ha20x22k;Creative 20X2 HAL Driver;C:\Windows\system32\drivers\ha20x22k.sys --> C:\Windows\system32\drivers\ha20x22k.sys [?]

R3 LVRS64;Logitech RightSound Filter Driver;C:\Windows\system32\DRIVERS\lvrs64.sys --> C:\Windows\system32\DRIVERS\lvrs64.sys [?]

R3 LVUVC64;Logitech HD Webcam C525(UVC);C:\Windows\system32\DRIVERS\lvuvc64.sys --> C:\Windows\system32\DRIVERS\lvuvc64.sys [?]

R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]

S3 amdiox64;AMD IO Driver;C:\Windows\system32\DRIVERS\amdiox64.sys --> C:\Windows\system32\DRIVERS\amdiox64.sys [?]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver;C:\Windows\system32\Drivers\ssadadb.sys --> C:\Windows\system32\Drivers\ssadadb.sys [?]

S3 CT20XUT;CT20XUT;C:\Windows\system32\drivers\CT20XUT.SYS --> C:\Windows\system32\drivers\CT20XUT.SYS [?]

S3 CTEXFIFX;CTEXFIFX;C:\Windows\system32\drivers\CTEXFIFX.SYS --> C:\Windows\system32\drivers\CTEXFIFX.SYS [?]

S3 CTHWIUT;CTHWIUT;C:\Windows\system32\drivers\CTHWIUT.SYS --> C:\Windows\system32\drivers\CTHWIUT.SYS [?]

S3 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]

S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2010-9-23 1493352]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);C:\Windows\system32\DRIVERS\ssadbus.sys --> C:\Windows\system32\DRIVERS\ssadbus.sys [?]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter);C:\Windows\system32\DRIVERS\ssadmdfl.sys --> C:\Windows\system32\DRIVERS\ssadmdfl.sys [?]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers;C:\Windows\system32\DRIVERS\ssadmdm.sys --> C:\Windows\system32\DRIVERS\ssadmdm.sys [?]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]

S4 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928]

S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-8-12 250056]

S4 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

S4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2011-3-18 79360]

S4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2011-7-21 79360]

S4 Creative Media Toolbox 6 Licensing Service;Creative Media Toolbox 6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\MT6Licensing.exe [2011-7-22 79360]

S4 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2011-8-2 400368]

S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-4-5 158856]

S4 UMVPFSrv;UMVPFSrv;C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\UMVPFSrv.exe [2012-1-18 450848]

.

=============== File Associations ===============

.

JSEFile=NOTEPAD.EXE %1

VBEFile=NOTEPAD.EXE %1

VBSFile=NOTEPAD.EXE %1

.

=============== Created Last 30 ================

.

2012-08-14 01:19:31 20480 ----a-w- C:\Windows\svchost.exe

2012-08-13 05:27:21 -------- d-----w- C:\sh4ldr

2012-08-13 05:27:21 -------- d-----w- C:\Program Files\Enigma Software Group

2012-08-13 05:26:30 -------- d-----w- C:\Windows\F896D02690164122B9BD957FF092FFE9.TMP

2012-08-13 05:26:28 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard

2012-08-13 03:44:15 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-08-13 03:44:15 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-08-13 01:52:24 54072 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys

2012-08-13 01:52:22 958400 ----a-w- C:\Windows\System32\drivers\aswSnx.sys

2012-08-13 01:52:19 71064 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys

2012-08-13 01:51:23 41224 ----a-w- C:\Windows\avastSS.scr

2012-08-13 01:51:11 -------- d-----w- C:\ProgramData\AVAST Software

2012-08-13 01:51:11 -------- d-----w- C:\Program Files\AVAST Software

2012-08-12 10:48:56 -------- d-----w- C:\Users\Dan\AppData\Roaming\GetRightToGo

2012-08-12 09:04:33 -------- d-----w- C:\Users\Dan\AppData\Roaming\Malwarebytes

2012-08-12 09:04:26 -------- d-----w- C:\ProgramData\Malwarebytes

2012-08-12 08:45:54 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-08-12 08:45:54 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2012-08-12 07:02:42 -------- d-----w- C:\Program Files (x86)\AVG

2012-08-08 07:37:52 -------- d-sh--w- C:\Windows\SysWow64\%APPDATA%

2012-08-02 05:10:14 -------- d-sh--w- C:\found.006

2012-07-30 08:36:09 82160 ----a-w- C:\Windows\System32\drivers\PDFsFilter.sys

2012-07-30 08:35:52 74703 ----a-w- C:\Windows\SysWow64\mfc45.dat

2012-07-29 13:28:09 -------- d-----w- C:\Users\Dan\AppData\Local\{7014D4C6-A2BC-4C2E-A6CF-7B22567CA548}

.

==================== Find3M ====================

.

2012-08-02 16:45:44 56472 ----a-w- C:\Windows\System32\iolobtdfg.exe

2012-08-02 16:45:34 25072 ----a-w- C:\Windows\System32\smrgdf.exe

2012-08-02 15:27:36 2154576 ----a-w- C:\Windows\System32\Incinerator64.dll

2012-08-02 15:27:34 2096360 ----a-w- C:\Windows\SysWow64\Incinerator32.dll

2012-06-12 03:02:52 3147264 ----a-w- C:\Windows\System32\win32k.sys

2012-06-06 05:50:50 2003968 ----a-w- C:\Windows\System32\msxml6.dll

2012-06-06 05:50:50 1880064 ----a-w- C:\Windows\System32\msxml3.dll

2012-06-06 05:09:46 1389568 ----a-w- C:\Windows\SysWow64\msxml6.dll

2012-06-06 05:09:46 1236992 ----a-w- C:\Windows\SysWow64\msxml3.dll

2012-06-02 22:15:31 2622464 ----a-w- C:\Windows\System32\wucltux.dll

2012-06-02 22:15:08 99840 ----a-w- C:\Windows\System32\wudriver.dll

2012-06-02 19:19:42 186752 ----a-w- C:\Windows\System32\wuwebv.dll

2012-06-02 19:15:12 36864 ----a-w- C:\Windows\System32\wuapp.exe

2012-06-02 05:38:26 95088 ----a-w- C:\Windows\System32\drivers\ksecdd.sys

2012-06-02 05:38:24 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys

2012-06-02 05:37:45 459216 ----a-w- C:\Windows\System32\drivers\cng.sys

2012-06-02 05:27:02 340992 ----a-w- C:\Windows\System32\schannel.dll

2012-06-02 05:27:00 307200 ----a-w- C:\Windows\System32\ncrypt.dll

2012-06-02 04:48:39 22016 ----a-w- C:\Windows\SysWow64\secur32.dll

2012-06-02 04:48:35 225280 ----a-w- C:\Windows\SysWow64\schannel.dll

2012-06-02 04:47:31 219136 ----a-w- C:\Windows\SysWow64\ncrypt.dll

2012-06-02 04:42:51 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll

.

============= FINISH: 21:32:24.79 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 12/14/2009 2:25:13 PM

System Uptime: 8/13/2012 9:18:07 PM (0 hours ago)

.

Motherboard: ASUSTeK Computer INC. | | M4A77TD PRO

Processor: AMD Phenom™ II X4 955 Processor | AM3 | 3200/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 298 GiB total, 16.702 GiB free.

D: is CDROM ()

E: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: SBRE

Device ID: ROOT\LEGACY_SBRE\0000

Manufacturer:

Name: SBRE

PNP Device ID: ROOT\LEGACY_SBRE\0000

Service: SBRE

.

Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Description: AODDriver4.01

Device ID: ROOT\LEGACY_AODDRIVER4.01\0000

Manufacturer:

Name: AODDriver4.01

PNP Device ID: ROOT\LEGACY_AODDRIVER4.01\0000

Service: AODDriver4.01

.

==== System Restore Points ===================

.

RP477: 8/5/2012 3:40:21 PM - Scheduled Checkpoint

RP478: 8/6/2012 3:00:13 AM - Windows Update

RP479: 8/6/2012 12:53:45 PM - Windows Update

RP480: 8/7/2012 3:00:11 AM - Windows Update

RP481: 8/7/2012 4:53:06 AM - Windows Update

RP482: 8/8/2012 3:00:10 AM - Windows Update

RP483: 8/12/2012 3:02:25 AM - Installed AVG 2012

RP484: 8/12/2012 3:02:51 AM - Installed AVG 2012

RP485: 8/12/2012 4:57:06 AM - Removed Apple Application Support

RP486: 8/12/2012 4:58:32 AM - Removed Apple Software Update

RP487: 8/12/2012 6:57:11 AM - Removed AVG 2012

RP488: 8/12/2012 6:59:26 AM - Removed AVG 2012

RP489: 8/12/2012 9:51:00 PM - avast! Free Antivirus Setup

RP490: 8/13/2012 1:26:38 AM - Installed SpyHunter

.

==== Installed Programs ======================

.

2010 DR PEPPER EA GAMES EVERY BOTTLE/CUP WINS PROMOTION

Acrobat.com

Adobe AIR

Adobe Flash Player 11 Plugin

Adobe Reader X (10.1.3)

Amazon MP3 Downloader 1.0.15

And Yet It Moves

Android Sync Manager WiFi

ASUSUpdate

Atom Zombie Smasher

avast! Free Antivirus

Braid

Call of Duty® 4 - Modern Warfare™

Call of Duty® 4 - Modern Warfare™ 1.6 Patch

Call of Duty® 4 - Modern Warfare™ 1.7 Patch

CameraHelperMsi

Cogs

Company of Heroes

Company of Heroes - FAKEMSI

Crayon Physics Deluxe

Creative 3DMIDI Player

Creative ALchemy

Creative Audio Control Panel

Creative Console Launcher

Creative Media Toolbox 6

Creative Media Toolbox 6 (Shared Components)

Creative Software AutoUpdate

Creative Sound Blaster Properties x64 Edition

Creative WaveStudio 7

D3DX10

dcmsvc 1.0

Diablo III

Digital Copy

Dolby Digital Live Pack

erLT

Fallout 3

Fallout: New Vegas

Google Chrome

Grand Theft Auto IV

GTA San Andreas

Hammerfight

Impulse

iolo technologies' System Mechanic

Java Auto Updater

Java™ 6 Update 31

Junk Mail filter update

Kies mini

L.A. Noire

Left 4 Dead

Left 4 Dead 2

Logitech Webcam Software

LWS Facebook

LWS Gallery

LWS Help_main

LWS Launcher

LWS Motion Detection

LWS Pictures And Video

LWS Twitter

LWS Video Mask Maker

LWS Webcam Software

LWS WLM Plugin

LWS YouTube Plugin

Machinarium

Malwarebytes Anti-Malware version 1.62.0.1300

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Search Enhancement Pack

Microsoft SQL Server 2005 Compact Edition [ENU]

Microsoft Visual C++ Compilers 2010 Standard - enu - x86

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

Mozilla Thunderbird 14.0 (x86 en-US)

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

OpenAL

Origin

Osmos

Overlord

Plants vs. Zombies: Game of the Year

Portal

Portal 2

QuickTime

Realtek 8136 8168 8169 Ethernet Driver

Revenge of the Titans

Rockstar Games Social Club

RoxioNow Player

Sid Meier's Civilization 4 - Beyond the Sword

Sid Meier's Civilization 4 Gold

Sid Meier's Pirates!

Sins of a Solar Empire

Skype™ 5.9

SPORE™

SPORE™ Creepy & Cute Parts Pack

SPORE™ Galactic Adventures

Spotify

Star Wars: The Old Republic

StarCraft II

Steam

Steel Storm: Burning Retribution

swMSM

The Movies™

The Movies™ Stunts & Effects

The Sims 2

The Sims 2 Family Fun Stuff

The Sims 2 Glamour Life Stuff

The Sims 2 Nightlife

The Sims 2 Open For Business

The Sims 2 Pets

The Sims 2 University

The Sims™ 2 Apartment Life

The Sims™ 2 Bon Voyage

The Sims™ 2 Celebration! Stuff

The Sims™ 2 FreeTime

The Sims™ 2 H&M® Fashion Stuff

The Sims™ 2 IKEA® Home Stuff

The Sims™ 2 Kitchen & Bath Interior Design Stuff

The Sims™ 2 Mansion and Garden Stuff

The Sims™ 2 Seasons

The Sims™ 2 Teen Style Stuff

Tinker

Tropico

Visual C++ 8.0 Runtime Setup Package (x64)

Visual Studio 2008 x64 Redistributables

VVVVVV

Warner Bros. Digital Copy Manager

Winamp

Winamp Detector Plug-in

Windows Live Communications Platform

Windows Live Essentials

Windows Live Installer

Windows Live Mail

Windows Live Messenger

Windows Live Movie Maker

Windows Live Photo Common

Windows Live Photo Gallery

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live Sync

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows SDK IntellisenseNFX

.

==== Event Viewer Messages From Past Week ========

.

8/13/2012 9:19:07 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SBRE

8/13/2012 9:19:03 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

8/13/2012 9:18:53 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Presentation Foundation Font Cache 3.0.0.0 service to connect.

8/13/2012 9:18:53 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

8/13/2012 9:18:53 PM, Error: Service Control Manager [7000] - The Windows Presentation Foundation Font Cache 3.0.0.0 service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

8/13/2012 9:18:37 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.

8/13/2012 9:18:34 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891

8/13/2012 9:18:34 PM, Error: Service Control Manager [7000] - The AODDriver4.01 service failed to start due to the following error: The system cannot find the path specified.

8/13/2012 7:00:37 PM, Error: Service Control Manager [7034] - The iolo System Service service terminated unexpectedly. It has done this 1 time(s).

8/13/2012 2:31:57 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}

8/13/2012 2:31:50 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}

8/13/2012 2:31:41 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO aswSnx aswSP aswTdi discache ElRawDisk SBRE spldr Wanarpv6

8/13/2012 2:31:35 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.

8/13/2012 2:06:22 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}

8/13/2012 1:35:47 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80003067117, 0x0000000000000000, 0x000000007efa0000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 081312-35973-01.

8/12/2012 9:10:27 PM, Error: Service Control Manager [7034] - The AMD FUEL Service service terminated unexpectedly. It has done this 1 time(s).

8/12/2012 8:54:24 PM, Error: Service Control Manager [7000] - The AODDriver4.1 service failed to start due to the following error: The system cannot find the file specified.

8/12/2012 8:49:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}

8/12/2012 8:49:04 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

8/12/2012 8:48:39 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO discache ElRawDisk PCTSD SBRE spldr Wanarpv6

8/12/2012 8:48:24 PM, Error: Service Control Manager [7001] - The Creative Audio Service service depends on the Windows Audio service which failed to start because of the following error: The dependency service or group failed to start.

8/12/2012 8:11:44 AM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000001e (0xffffffffc0000005, 0xfffff80003025820, 0x0000000000000000, 0xffffffffffffffff). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 081212-51527-01.

8/12/2012 2:29:58 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AsIO discache ElRawDisk spldr Wanarpv6

8/12/2012 11:41:33 PM, Error: Service Control Manager [7034] - The avast! Antivirus service terminated unexpectedly. It has done this 3 time(s).

8/12/2012 11:40:32 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

8/12/2012 11:38:31 PM, Error: Service Control Manager [7031] - The avast! Antivirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 5000 milliseconds: Restart the service.

.

==== End Of File ===========================

[MrCharlie]

Welcome to the forum.

Please remove any usb or external drives from the computer before you run this scan!

Please download and run RogueKiller to your desktop.

For Windows XP, double-click to start.

For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.

Click Scan to scan the system.

When the scan completes > Close out the program > Don't Fix anything!

Don't run any other options, they're not all bad!!!!!!!

Post back the report which should be located on your desktop.

MrC

[Maurice Naggar]

This thread is Closed due to lack of response.