I think i may be infected

[Hexxxxxxxxxx]

Hey all started having some random slow downs in some games and then i started to have shut down problems and when my computer shut down the screen it would freeze when i came back to it. i have no sleep mode or hibernate enabled. now when i try to run a virus scan i get the blue screen and a restart. windows 8 64 bit.

DDS

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK

Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.17.2

Run by Hexx at 2:48:59 on 2013-04-17

Microsoft Windows 8 Pro with Media Center 6.2.9200.0.1252.1.1033.18.6135.5118 [GMT -4:00]

.

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\svchost.exe -k DcomLaunch

C:\WINDOWS\system32\svchost.exe -k RPCSS

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k netsvcs

C:\WINDOWS\system32\dwm.exe

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uProxyOverride = <local>

mWinlogon: Userinit = userinit.exe

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ips\ipsbho.dll

BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll

uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRunOnce: [GrpConv] grpconv -o

StartupFolder: C:\Users\Hexx\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\_uninst_.lnk - C:\Users\Hexx\AppData\Local\Temp\_uninst_.bat

IE: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr/200

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-00109-0002-0009-ABCDEFFEDCBC} - <orphaned>

Trusted Zone: clonewarsadventures.com

Trusted Zone: freerealms.com

Trusted Zone: soe.com

Trusted Zone: sony.com

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{28BE62CE-7CE7-495F-8034-C9B692C2B42C} : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{28BE62CE-7CE7-495F-8034-C9B692C2B42C}\341626C65675966496 : DHCPNameServer = 10.250.255.72 10.250.255.73

TCP: Interfaces\{BD5C5257-AA6C-4E01-B05F-66650794D61B} : DHCPNameServer = 192.168.1.1

AppInit_DLLs= C:\PROGRA~2\NVIDIA~1\3DVISI~1\nvStInit.dll

SSODL: WebCheck - <orphaned>

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-SSODL: WebCheck - <orphaned>

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Hexx\AppData\Roaming\Mozilla\Firefox\Profiles\s0huy5ch.default\

FF - prefs.js: browser.search.selectedEngine - Ask.com

FF - prefs.js: browser.startup.homepage - www.google.com

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll

FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll

FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll

FF - plugin: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll

FF - plugin: C:\WINDOWS\SysWOW64\npDeployJava1.dll

FF - plugin: C:\WINDOWS\SysWOW64\npmproxy.dll

.

---- FIREFOX POLICIES ----

FF - user.js: network.http.pipelining.maxrequests - 8

FF - user.js: network.http.request.max-start-delay - 0

FF - user.js: network.http.max-connections - 48

FF - user.js: network.http.max-connections-per-server - 16

FF - user.js: network.http.max-persistent-connections-per-proxy - 16

FF - user.js: network.http.max-persistent-connections-per-server - 8

FF - user.js: browser.turbo.enabled - true

FF - user.js: browser.display.show_image_placeholders - true

FF - user.js: browser.chrome.favicons - false

FF - user.js: browser.urlbar.autocomplete.enabled - true

FF - user.js: browser.cache.memory.capacity - 65536

FF - user.js: content.notify.ontimer - true

FF - user.js: content.interrupt.parsing - true

FF - user.js: content.max.tokenizing.time - 2250000

FF - user.js: content.switch.threshold - 750000

FF - user.js: plugin.expose_full_path - true

FF - user.js: ui.submenuDelay - 0

.

============= SERVICES / DRIVERS ===============

.

R0 mv91cons;Marvell 91xx Config Device Driver;C:\WINDOWS\System32\Drivers\mv91cons.sys [2012-6-25 28008]

R0 SymDS;Symantec Data Store;C:\WINDOWS\System32\Drivers\NISx64\1403010.016\symds64.sys [2013-4-15 493656]

R0 SymEFA;Symantec Extended File Attributes;C:\WINDOWS\System32\Drivers\NISx64\1403010.016\symefa64.sys [2013-4-15 1139800]

R3 mv91xx;mv91xx;C:\WINDOWS\System32\Drivers\mv91xx.sys [2010-8-6 293416]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\WINDOWS\System32\Drivers\netr28x.sys [2012-6-2 1737760]

R3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\Drivers\Rt630x64.sys [2012-6-2 589824]

S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\Drivers\NISx64\1403010.016\symelam.sys [2013-4-15 23448]

S1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\BASHDefs\20130412.001\BHDrvx64.sys [2013-4-12 1390680]

S1 ccSet_NIS;Norton Internet Security Settings Manager;C:\WINDOWS\System32\Drivers\NISx64\1403010.016\ccsetx64.sys [2013-4-15 168096]

S1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.1.1.2\Definitions\IPSDefs\20130416.001\IDSviA64.sys [2013-4-16 513184]

S1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\Drivers\NISx64\1403010.016\ironx64.sys [2013-4-15 224416]

S1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\Drivers\NISx64\1403010.016\symnets.sys [2013-4-15 432800]

S2 !SASCORE;SAS Core Service;"C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE" --> C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [?]

S2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccsvchst.exe [2013-4-15 144520]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-1-18 383264]

S2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2012-12-14 2148816]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudbus.sys [2013-2-6 102936]

S3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2013-4-4 138912]

S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2013-2-17 160256]

S3 LADF_CaptureOnly;LADF Capture Filter Driver;C:\WINDOWS\System32\Drivers\ladfGSCamd64.sys [2011-4-11 410184]

S3 LADF_RenderOnly;LADF Render Filter Driver;C:\WINDOWS\System32\Drivers\ladfGSRamd64.sys [2011-4-11 341832]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\Drivers\ssudmdm.sys [2013-2-6 203544]

S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]

S3 vmbusr;Virtual Machine Bus Provider;C:\WINDOWS\System32\Drivers\vmbusr.sys [2012-7-25 117248]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\Drivers\WUDFRd.sys [2012-7-25 198656]

.

=============== Created Last 30 ================

.

2013-04-17 06:14:32 -------- d-----w- C:\ProgramData\Kaspersky Lab

2013-04-17 05:55:56 -------- d-----w- C:\Program Files (x86)\NirSoft

2013-04-17 05:47:24 35792 ----a-w- C:\WINDOWS\System32\TURegOpt.exe

2013-04-17 05:47:23 27088 ----a-w- C:\WINDOWS\System32\authuitu.dll

2013-04-17 05:47:23 22480 ----a-w- C:\WINDOWS\SysWow64\authuitu.dll

2013-04-17 05:47:15 -------- d-----w- C:\Users\Hexx\AppData\Roaming\AVG

2013-04-17 05:47:11 -------- d-----w- C:\Program Files (x86)\AVG

2013-04-17 05:47:01 -------- d-----w- C:\ProgramData\AVG

2013-04-17 05:32:32 -------- d-----w- C:\Users\Hexx\AppData\Roaming\Malwarebytes

2013-04-17 05:32:27 -------- d-----w- C:\ProgramData\Malwarebytes

2013-04-17 05:32:26 25928 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys

2013-04-17 05:32:26 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2013-04-17 05:25:48 -------- d-----w- C:\Program Files (x86)\ESET

2013-04-17 05:10:38 -------- d-----w- C:\Users\Hexx\AppData\Local\NPE

2013-04-17 04:16:22 -------- d-sh--w- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}

2013-04-17 04:16:22 -------- d--h--w- C:\ProgramData\Common Files

2013-04-16 02:36:30 493656 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1403010.016\symds64.sys

2013-04-16 02:36:30 432800 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1403010.016\symnets.sys

2013-04-16 02:36:30 36952 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1403010.016\srtspx64.sys

2013-04-16 02:36:30 23448 ----a-r- C:\WINDOWS\System32\drivers\NISx64\1403010.016\symelam.sys

2013-04-16 02:36:30 1139800 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1403010.016\symefa64.sys

2013-04-16 02:36:29 796248 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1403010.016\srtsp64.sys

2013-04-16 02:36:29 224416 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1403010.016\ironx64.sys

2013-04-16 02:36:29 168096 ----a-w- C:\WINDOWS\System32\drivers\NISx64\1403010.016\ccsetx64.sys

2013-04-16 02:36:25 -------- d-----w- C:\WINDOWS\System32\drivers\NISx64\1403010.016

2013-04-15 19:42:46 2558240 ----a-w- C:\WINDOWS\System32\nvsvcr.dll

2013-04-15 19:40:21 4041728 ----a-w- C:\WINDOWS\System32\win32k.sys

2013-04-15 19:40:01 3958784 ----a-w- C:\WINDOWS\System32\jscript9.dll

2013-04-15 19:38:29 884512 ----a-w- C:\WINDOWS\System32\nvvsvc.exe

2013-04-15 19:38:29 6390048 ----a-w- C:\WINDOWS\System32\nvcpl.dll

2013-04-15 19:38:29 63776 ----a-w- C:\WINDOWS\System32\nvshext.dll

2013-04-15 19:38:29 3460896 ----a-w- C:\WINDOWS\System32\nvsvc64.dll

2013-04-15 19:38:29 2953448 ----a-w- C:\WINDOWS\System32\nvcoproc.bin

2013-04-15 19:38:29 118560 ----a-w- C:\WINDOWS\System32\nvmctray.dll

2013-04-15 19:38:22 -------- d-----w- C:\ProgramData\NVIDIA Corporation

2013-04-15 16:26:17 -------- d-----w- C:\Users\Hexx\AppData\Local\ElevatedDiagnostics

2013-04-14 04:11:45 6991592 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2013-04-14 02:45:04 -------- d-----w- C:\Program Files (x86)\SlimDrivers

2013-04-12 03:09:00 26520 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugin-hang-ui.exe

2013-04-04 01:12:28 -------- d-sh--w- C:\found.001

2013-04-04 01:12:28 -------- d-sh--w- C:\found.000

2013-04-03 02:43:51 26432 ----a-w- C:\WINDOWS\System32\RegistryDefragBootTime.exe

2013-04-03 02:39:53 -------- d-----w- C:\ProgramData\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A}

2013-04-03 02:39:52 -------- d-----w- C:\ProgramData\IObit

2013-04-03 02:39:51 -------- d-----w- C:\Users\Hexx\AppData\Roaming\IObit

2013-04-03 02:39:48 -------- d-----w- C:\Program Files (x86)\IObit

2013-04-02 14:09:52 4550656 ----a-w- C:\WINDOWS\SysWow64\GPhotos.scr

2013-03-30 02:10:15 -------- d-----w- C:\ProgramData\Samsung

2013-03-27 23:34:16 -------- d-----w- C:\Users\Hexx\AppData\Local\Warframe

2013-03-26 01:28:20 -------- d-----w- C:\Users\Hexx\AppData\Local\Geckofx

2013-03-26 01:28:15 -------- d-----w- C:\Users\Hexx\AppData\Roaming\Firefly Studios

2013-03-26 01:25:14 -------- d-----w- C:\ProgramData\Firefly Studios

2013-03-26 01:24:18 -------- d-----w- C:\Program Files (x86)\Firefly Studios

2013-03-26 01:24:09 -------- d-----w- C:\Users\Hexx\AppData\Local\Programs

2013-03-21 17:32:44 20992 ----a-w- C:\WINDOWS\System32\drivers\usb8023.sys

2013-03-19 00:02:47 -------- d-----w- C:\Users\Hexx\AppData\Roaming\ftblauncher

.

==================== Find3M ====================

.

2013-04-17 04:02:04 177312 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS

2013-04-02 22:08:01 78176 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl

2013-04-02 22:08:01 692576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe

2013-03-05 03:33:59 95648 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll

2013-03-05 03:33:59 861088 ----a-w- C:\WINDOWS\SysWow64\npDeployJava1.dll

2013-03-05 03:33:59 782240 ----a-w- C:\WINDOWS\SysWow64\deployJava1.dll

2013-03-02 10:57:48 337128 ----a-w- C:\WINDOWS\System32\drivers\USBXHCI.SYS

2013-03-02 10:57:46 77544 ----a-w- C:\WINDOWS\System32\drivers\storahci.sys

2013-03-02 10:57:46 332520 ----a-w- C:\WINDOWS\System32\drivers\storport.sys

2013-03-02 10:57:46 283880 ----a-w- C:\WINDOWS\System32\drivers\spaceport.sys

2013-03-02 10:45:20 148712 ----a-w- C:\WINDOWS\System32\drivers\tpm.sys

2013-03-02 10:45:19 194792 ----a-w- C:\WINDOWS\System32\drivers\sdbus.sys

2013-03-02 10:45:10 125160 ----a-w- C:\WINDOWS\System32\drivers\dumpsd.sys

2013-03-02 10:39:39 495336 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys

2013-03-02 10:39:38 69864 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys

2013-03-02 10:39:32 327912 ----a-w- C:\WINDOWS\System32\drivers\Classpnp.sys

2013-03-02 09:59:37 2231528 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys

2013-03-02 09:59:36 411880 ----a-w- C:\WINDOWS\System32\drivers\FWPKCLNT.SYS

2013-03-02 08:24:08 34304 ----a-w- C:\WINDOWS\SysWow64\wuapp.exe

2013-03-02 08:23:43 83968 ----a-w- C:\WINDOWS\SysWow64\wudriver.dll

2013-03-02 08:23:43 125952 ----a-w- C:\WINDOWS\SysWow64\wuwebv.dll

2013-03-02 08:23:30 893952 ----a-w- C:\WINDOWS\SysWow64\winmde.dll

2013-03-02 08:23:30 1338880 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll

2013-03-02 08:23:28 601088 ----a-w- C:\WINDOWS\SysWow64\Windows.Globalization.dll

2013-03-02 08:23:28 504320 ----a-w- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll

2013-03-02 08:23:19 8857088 ----a-w- C:\WINDOWS\SysWow64\twinui.dll

2013-03-02 08:23:19 246784 ----a-w- C:\WINDOWS\SysWow64\ubpm.dll

2013-03-02 08:23:04 356352 ----a-w- C:\WINDOWS\SysWow64\SettingSync.dll

2013-03-02 08:23:04 100864 ----a-w- C:\WINDOWS\SysWow64\SettingSyncInfo.dll

2013-03-02 08:23:00 375808 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll

2013-03-02 08:22:36 357888 ----a-w- C:\WINDOWS\SysWow64\netcfgx.dll

2013-03-02 08:22:32 5091840 ----a-w- C:\WINDOWS\SysWow64\mstscax.dll

2013-03-02 08:22:18 361984 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll

2013-03-02 08:22:17 850944 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll

2013-03-02 08:21:56 550912 ----a-w- C:\WINDOWS\SysWow64\drvstore.dll

2013-03-02 08:21:52 36352 ----a-w- C:\WINDOWS\SysWow64\DevDispItemProvider.dll

2013-03-02 08:21:40 309760 ----a-w- C:\WINDOWS\SysWow64\BCP47Langs.dll

2013-03-02 08:21:39 2033664 ----a-w- C:\WINDOWS\SysWow64\authui.dll

2013-03-02 08:21:32 145408 ----a-w- C:\WINDOWS\SysWow64\powercfg.cpl

2013-03-02 02:44:59 448512 ----a-w- C:\WINDOWS\System32\SettingSync.dll

2013-03-02 02:44:59 128512 ----a-w- C:\WINDOWS\System32\SettingSyncInfo.dll

2013-03-02 02:44:56 1011200 ----a-w- C:\WINDOWS\System32\reseteng.dll

2013-03-02 02:44:41 455168 ----a-w- C:\WINDOWS\System32\netcfgx.dll

2013-03-02 02:44:41 117248 ----a-w- C:\WINDOWS\System32\NdisImPlatform.dll

2013-03-02 02:44:38 5978624 ----a-w- C:\WINDOWS\System32\mstscax.dll

2013-03-02 02:44:30 468992 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll

2013-03-02 02:44:29 1151488 ----a-w- C:\WINDOWS\System32\mcmde.dll

2013-03-02 02:44:29 1048576 ----a-w- C:\WINDOWS\System32\mfasfsrcsnk.dll

2013-03-02 02:44:08 703488 ----a-w- C:\WINDOWS\System32\drvstore.dll

2013-03-02 02:44:07 150016 ----a-w- C:\WINDOWS\System32\discan.dll

2013-03-02 02:44:05 49152 ----a-w- C:\WINDOWS\System32\DevDispItemProvider.dll

2013-03-02 02:43:59 1933312 ----a-w- C:\WINDOWS\System32\wbem\cimwin32.dll

2013-03-02 02:43:56 389120 ----a-w- C:\WINDOWS\System32\BCP47Langs.dll

2013-03-02 02:43:55 2302464 ----a-w- C:\WINDOWS\System32\authui.dll

2013-03-02 02:43:51 2146304 ----a-w- C:\WINDOWS\System32\actxprxy.dll

2013-03-02 02:43:50 156160 ----a-w- C:\WINDOWS\System32\powercfg.cpl

2013-03-02 02:15:53 26112 ----a-w- C:\WINDOWS\System32\drivers\mouhid.sys

2013-03-01 04:56:18 30720 ----a-w- C:\WINDOWS\System32\drivers\monitor.sys

2013-02-21 10:30:16 1766912 ----a-w- C:\WINDOWS\SysWow64\wininet.dll

2013-02-21 10:29:39 2877440 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll

2013-02-21 10:29:37 61440 ----a-w- C:\WINDOWS\SysWow64\iesetup.dll

2013-02-21 10:29:37 109056 ----a-w- C:\WINDOWS\SysWow64\iesysprep.dll

2013-02-21 10:15:07 2240512 ----a-w- C:\WINDOWS\System32\wininet.dll

2013-02-21 10:15:00 915968 ----a-w- C:\WINDOWS\System32\uxtheme.dll

2013-02-21 10:14:05 136704 ----a-w- C:\WINDOWS\System32\iesysprep.dll

2013-02-19 09:53:00 534528 ----a-w- C:\WINDOWS\SysWow64\uxtheme.dll

2013-02-15 07:58:59 39936 ----a-w- C:\WINDOWS\apppatch\apppatch64\acspecfc.dll

2013-02-15 06:35:40 444416 ----a-w- C:\WINDOWS\apppatch\AcSpecfc.dll

2013-02-12 01:30:04 44032 ----a-w- C:\WINDOWS\SysWow64\UXInit.dll

2013-02-12 00:56:19 53760 ----a-w- C:\WINDOWS\System32\UXInit.dll

2013-02-07 01:33:01 754176 ----a-w- C:\WINDOWS\SysWow64\actxprxy.dll

2013-02-06 11:42:10 203544 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys

2013-02-06 11:42:08 102936 ----a-w- C:\WINDOWS\System32\drivers\ssudbus.sys

2013-02-05 22:31:11 622080 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys

2013-02-05 22:29:09 370688 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys

2013-02-05 22:28:48 247808 ----a-w- C:\WINDOWS\System32\drivers\srvnet.sys

2013-02-05 22:28:36 215552 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys

2013-02-02 11:19:44 496872 ----a-w- C:\WINDOWS\System32\drivers\usbhub.sys

2013-02-02 11:19:44 446184 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS

2013-02-02 11:19:33 61672 ----a-w- C:\WINDOWS\System32\drivers\crashdmp.sys

2013-02-02 10:54:54 1933544 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys

2013-02-02 10:28:54 993512 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys

2013-02-02 09:42:07 2207232 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll

2013-02-02 08:40:58 375808 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiPrvSE.exe

2013-02-02 08:40:55 80896 ----a-w- C:\WINDOWS\SysWow64\tasklist.exe

2013-02-02 08:40:55 79360 ----a-w- C:\WINDOWS\SysWow64\taskkill.exe

2013-02-02 08:40:36 155136 ----a-w- C:\WINDOWS\SysWow64\XpsRasterService.dll

2013-02-02 08:40:35 370688 ----a-w- C:\WINDOWS\SysWow64\WWanAPI.dll

2013-02-02 08:40:27 131072 ----a-w- C:\WINDOWS\SysWow64\wbem\WmiDcPrv.dll

2013-02-02 08:40:26 410624 ----a-w- C:\WINDOWS\SysWow64\wlroamextension.dll

2013-02-02 08:40:22 197632 ----a-w- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll

2013-02-02 08:40:22 10792448 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll

2013-02-02 08:39:59 325632 ----a-w- C:\WINDOWS\SysWow64\schannel.dll

2013-02-02 08:39:47 18432 ----a-w- C:\WINDOWS\SysWow64\npmproxy.dll

2013-02-02 08:39:34 55296 ----a-w- C:\WINDOWS\SysWow64\nlaapi.dll

2013-02-02 08:39:34 15872 ----a-w- C:\WINDOWS\SysWow64\nlmproxy.dll

2013-02-02 08:39:34 12288 ----a-w- C:\WINDOWS\SysWow64\nlmsprep.dll

2013-02-02 08:39:33 115712 ----a-w- C:\WINDOWS\SysWow64\netprofm.dll

2013-02-02 08:39:15 157696 ----a-w- C:\WINDOWS\SysWow64\mbsmsapi.dll

2013-02-02 08:38:54 567808 ----a-w- C:\WINDOWS\SysWow64\duser.dll

.

============= FINISH: 2:49:09.58 ===============

[Maurice Naggar]

Hello and welcome to MalwareBytes forum.

Task 1

To show all files:

• Press and hold Windows-key & then press R key to get the RUN menu.
  
• Type in

  explorer.exe

  and press Enter
  

• When in Windows Explorer, press ALT-key then V key to get VIEW menu
  
• Look at the top ribbon, right side. {the Show/Hide block}
  
• Look at the line Hidden items. IF it has no checkmark, then Click the box one time so that it is checked.
  

Task 2

Please download AdwCleaner © Xplode from >>here<< and save it on your Desktop.

If your are running Windows XP, double click adwcleaner.exe to start it.

Otherwise, Right-click on adwcleaner.exe and select Run As Administrator to launch the application.

Now click on the Search tab.

Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\AdwCleaner[XX].txt where XX Denotes the number of times the application has been ran, so in this should be something like R1.

Task 3

• Download & SAVE to your Desktop Tigzy's RogueKiller >> from here << or
  >> from here <<
  
• Quit all programs that you may have started.
  
• Please disconnect any USB or external drives from the computer before you run this scan!
  
• For Vista or Windows 7 / 8, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
  For Windows XP, double-click to start.
  
• Wait until Prescan has finished ...
  
• Then Click on Scan button at upper right of screen.
  
• Wait until the Status box shows "Scan Finished"
  
• Click on Report and copy/paste the content of the Notepad into your next reply.
  
• The log should be found in RKreport[1].txt on your Desktop
  
• Do NOT press any Fix button.
  
• Exit/Close RogueKiller
  

[Maurice Naggar]

Have you resolved your issue? Do you still need help? Please advise very soon.

[Hexxxxxxxxxx]

I apologize that i did not get back to you earlier. i no longer need help. i have resolved the issue by doing a full reset. i could not get any tools to operate properly and most of my scans failed. Super anti spyware came back with a CSRSS.exe virus but couldnt clean it. i really appreciate your time and what you all do here. Thank you so much for getting back to me and trying to help!

[Hexxxxxxxxxx]

i am not running norton internet security 2013 and i purchased malwarebytes pro. norton didnt pick up anything the first time at all.

[Maurice Naggar]

Since you have resolved your issue and no longer need help, I am closing this thread. I wish you well.

Some suggested reading and general stuff:

One of the very early things you want to do is to make a Windows 8 rescue disc and store away for a rainy day

See Grinler's article http://www.bleepingcomputer.com/tutorials/create-a-windows-system-repair-disc/

The other safe practice is to make backups of your system on a regular basis.

How to create a Windows system image in Windows 7 and Windows 8

http://www.bleepingcomputer.com/tutorials/create-system-image-in-windows-7-8/

How to use System Image Recovery in the Windows 7 and Windows 8 Recovery Environment

http://www.bleepingcomputer.com/tutorials/system-image-recovery-in-windows-7-8/

Safer practices & malware prevention

• Have a hardware router between the incoming internet-modem and your computer.
  
• Use a Standard user account rather than an administrator-rights account when "surfing" the web.
  
• Configure your Antivirus software to check for updates daily, at a time in which you are sure the computer will be on.
  
• Check in at Windows Update and install any Important Updates offered.
  
• Make certain that Automatic Updates is enabled.
  How to configure and use Automatic Updates in Windows
  http://support.microsoft.com/kb/306525
  
• Check on other update issues as well, by getting, installing and using Secunia Personal Software Inspector (OSI) on a monthly basis.
  See How to detect vulnerable and out-dated programs using Secunia Personal Software Inspector
  
• Download, install, and keep updated Spyware Blaster (free): http://www.javacoolsoftware.com/spywareblaster.html (all Protections should be enabled at all times)
  Tutorial for Spywareblaster: Using SpywareBlaster to protect your computer from Spyware, Hijackers, and Malware
  
• I'd recommend that you get and use MVP Mike Burgess' custom hosts file http://mvps.org/winhelp2002/hosts.htm
  See the FAQ page http://mvps.org/winhelp2002/hostsfaq.htm
  That would help to keep your browser away from known spyware/malware sites.
  Get notified when the MVPS HOSTS file is updated
  http://winhelp2002.mvps.org/updates.htm
  
• Make regular backups of your system to removable media: DVD, USB external hard drive, etc.
  Having a total image backup of your system stored on DVD/CD is highly important.
  Get and make use of imaging-backup utilities and save them to offline media. That way you have something to fall back to if a disaster hits.
  
• Consider using Web of Trust WOT add-on for your browser(s)
  http://www.mywot.com/en/download
  http://www.mywot.com/en/faq/add-on
  
• Take extreme care if you share USB-flash/thumb drives from other people {even from friends, roommates, relatives}
  Don't plug in an unknown flash/thumb drive into your PC.
  IF you must do so, hold down the SHIFT-key when you insert the drive.
  Scan any file with your Antivirus prior to opening or using.
  On some regular schedule, it is a good idea to do an online scan for viruses and malware. Here is a very short list of sites where this may be done:
  
  ESET Online Scanner
  BitDefender Quickscan
  Trend Micro Housecall
  F-Secure Online Scanner
  Microsoft Safety Scanner
  Panda ActiveScan
  
  
• See Six tips to help you stay safer online
  
• Never, ever download free games, free tools, videos, mutli-media files or anything free unless you can be absolutely sure the source is safe !