IE says everything downloaded is virus

[qazxxxx]

Hello,

Yesterday I found out that my computer has some malware, as IE download wasn't working and some random music started to play from svchost.exe process. I downloaded Malwarebytes and cleaned some garbage. Now computer seems to work just fine, it is not slow or anything, but IE download is still not working. No matter what file I download, IE would always say it is a virus and thus is removed, at the bottom of the screen. I also noticed my windows defender is not working, I cannot start it at all and I am wondering if it has anything to do with my problem. Maybe IE uses windows defender to check download files? I have no problem with the windows defender itself as I never use it anyways, but if anyone can help me get the download function back for my Internet Explorer that will be very nice

On a side note, firefox downloads with no issue at all.

The required log file is attached below. Thanks for any help.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.21.2

Run by Henry at 18:52:28 on 2013-05-21

Microsoft Windows 7 Home Premium 6.1.7601.1.936.86.1033.18.6058.3595 [GMT -4:00]

.

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: 360°²È«ÎÀÊ¿ *Disabled/Updated* {1B9CA0DF-D058-CF02-4191-CE0E96A510E8}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files (x86)\360\360Safe\deepscan\ZhuDongFangYu.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe

C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\System32\igfxpers.exe

C:\Windows\System32\igfxtray.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\hkcmd.exe

C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\IME14\SHARED\IMECMNT.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\system32\wuauclt.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Windows\System32\MsSpellCheckingFacility.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\Windows\splwow64.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

uSearch Bar = Preserve

mWinlogon: Userinit = userinit.exe,

BHO: {0EA37B17-6B8B-4085-8257-F3A4AA69C27A} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: ѸÀ×ÏÂÔØÖ§³Ö: {889D2FEB-5411-4565-8998-1DD2C5261283} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO7.2.90.92.dll

BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL

BHO: SafeMon Class: {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360Safe\safemon\safemon.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: ÏÔʾïýÂó(Xmlbar)¹¤¾ßÌõ: {6B896ADB-4A82-46e2-858C-13134782CE34} - C:\Program Files (x86)\Xmlbar\FLV Downloader\IEBar\xbietb.dll

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

mRun: [360Safetray] "C:\Program Files (x86)\360\360Safe\safemon\360Tray.exe" /start

mRun: [Dell Webcam Central] "C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" /mode2

uPolicies-Explorer: NoDriveTypeAutoRun = dword:221

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll

IE: {612F6E5C-B314-4bab-93D1-D266AAFBE700} - C:\Program Files (x86)\Xmlbar\FLV Downloader\FLVDownloader(xmlbar).exe

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

LSP: C:\Program Files\NetGameCar\ngcm4_2.dll

LSP: C:\Windows\System32\xunyount.dll

LSP: C:\Windows\System32\geiliLSP.dll

Trusted Zone: rising.com.cn

Trusted Zone: sdo.com

DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab

DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab

DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

DPF: {E758BC30-C8C3-4379-B27B-B50E146460A9} - hxxp://update.tv.sina.com.cn/live/p2p/install_service_v4.cab

DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} - hxxp://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

TCP: NameServer = 64.71.255.204 64.71.255.198

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE} : DHCPNameServer = 64.71.255.204 64.71.255.198

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\14E697771697 : DHCPNameServer = 192.168.1.1

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F6765627370303238323 : DHCPNameServer = 64.71.255.198

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F676562737330313 : NameServer = 8.8.8.8,4.4.4.4

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F676562737330313 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F6765627374313435393 : NameServer = 8.8.8.8,4.4.4.4

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\25F6765627374313435393 : DHCPNameServer = 192.168.0.1

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\5777D257E637563657275646 : DHCPNameServer = 129.97.2.1 129.97.129.10 129.97.2.2

TCP: Interfaces\{57BA276D-AEA0-476E-AC27-AC07BEF487DE}\8616E6 : DHCPNameServer = 202.106.195.68 192.168.0.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

AppInit_DLLs= C:\Windows\SysWOW64\nvinit.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: ѸÀ×ÏÂÔØÖ§³Ö: {004B0726-A010-4ABF-8556-FCDB7F1FCA1E} - C:\Program Files (x86)\Thunder Network\Thunder\BHO\XunleiBHO647.2.3.3254.dll

x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

x64-BHO: QQµçÄԹܼÒÍøÒ³·À»ðǽ: {7C260B4B-F7A0-40B5-B403-BEFCDC6A4C3B} -

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -

x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s

x64-Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3

x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [FreeFallProtection] C:\Program Files (x86)\STMicroelectronics\AccelerometerP11\FF_Protection.exe

x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

x64-DPF: {E787FD25-8D7C-4693-AE67-9406BC6E22DF} - hxxps://www.tenpay.com/download/tenpaycert64.cab

x64-DPF: {EF0D1A14-1033-41A2-A589-240C01EDC078} - hxxp://download.pplive.com/config/pplite/pluginsetup.cab

x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\umxyc5mo.default\

FF - prefs.js: browser.startup.homepage - hxxps://www.google.ca

FF - prefs.js: network.proxy.http - 202.171.253.98

FF - prefs.js: network.proxy.http_port - 80

FF - prefs.js: network.proxy.type - 0

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL

FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL

FF - plugin: C:\Program Files (x86)\360\360Safe\MobileMgr\np360MMPlugin.dll

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Common Files\duowan\yy4.0\YYSSO\1.0.0.3\npChecker.dll

FF - plugin: C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll

FF - plugin: C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.2.1\Bin\npSSOAxCtrlForPTLogin.dll

FF - plugin: C:\Program Files (x86)\Internet Explorer\PPLite\plugin\1.0.0.54\npplugin2.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll

FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll

FF - plugin: C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll

FF - plugin: C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll

FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

FF - plugin: C:\ProgramData\Thunder Network\Thunder\data\npxunlei1.0.0.2.dll

FF - plugin: C:\Users\Henry\AppData\Roaming\Mozilla\Firefox\Profiles\umxyc5mo.default\extensions\coba@mozilla.com.cn\plugins\npcoba32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll

FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - plugin: C:\Windows\SysWOW64\npptools.dll

.

============= SERVICES / DRIVERS ===============

.

R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2013-5-21 30496]

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2011-6-28 55856]

R0 stdcfltn;Disk Class Filter Driver for Accelerometer;C:\Windows\System32\drivers\stdcfltn.sys [2011-6-28 21616]

R1 360AntiHacker;360Safe Anti Hacker Service;C:\Windows\System32\drivers\360AntiHacker64.sys [2012-4-1 62848]

R1 360Box64;360Box mini-filter driver;C:\Windows\System32\drivers\360Box64.sys [2011-12-7 297336]

R1 360Camera;360Safe Camera Filter Service;C:\Windows\System32\drivers\360Camera64.sys [2012-11-12 40688]

R1 360FsFlt;360FsFlt mini-filter driver;C:\Windows\System32\drivers\360fsflt.sys [2011-7-6 211336]

R1 360netmon;360netmon;C:\Windows\System32\drivers\360netmon.sys [2011-7-6 57984]

R1 BAPIDRV;BAPIDRV;C:\Windows\System32\drivers\BAPIDRV64.SYS [2011-7-6 188808]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-9 283200]

R1 nvkflt;nvkflt;C:\Windows\System32\drivers\nvkflt.sys [2013-5-21 284448]

R2 360AntiARP;360AntiARP;C:\Windows\System32\drivers\360AntiARP.sys [2012-1-2 30808]

R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2011-6-28 98208]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-3-14 383264]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\System32\drivers\TurboB.sys [2010-11-29 16120]

R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-6-28 2656280]

R2 ZhuDongFangYu;Ö÷¶¯·ÀÓù;C:\Program Files (x86)\360\360Safe\deepscan\ZhuDongFangYu.exe [2011-7-6 286568]

R3 Acceler;Accelerometer Service;C:\Windows\System32\drivers\Accelern.sys [2011-6-28 27760]

R3 CtClsFlt;Creative Camera Class Upper Filter Driver;C:\Windows\System32\drivers\CtClsFlt.sys [2011-6-28 175168]

R3 debutfilter;Debut Filter Driver v6.10.01;C:\Windows\System32\drivers\debutfilterx64.sys [2013-2-6 32024]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2011-6-28 317440]

R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2011-6-28 82432]

R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2011-6-28 181760]

R3 qicflt;upper Device Filter Driver;C:\Windows\System32\drivers\qicflt.sys [2011-6-28 29288]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]

S3 BaiduUpdater;Baidu Updater;C:\Program Files (x86)\baidu\BaiduUpdate\bdupdate.exe [2012-11-10 552568]

S3 BAPIDRV64;BAPIDRV64;C:\Program Files (x86)\360\360Safe\firstaid\Fix\BAPIDRV64.sys [2013-5-21 188808]

S3 HPLoader;HPLoader;C:\Windows\System32\drivers\HPLoader.sys [2012-9-28 164792]

S3 ImeDictUpdateService;Microsoft IME Dictionary Update;C:\Program Files\Common Files\Microsoft Shared\IME14\SHARED\IMEDICTUPDATE.EXE [2010-10-20 83312]

S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-6-28 158976]

S3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2011-6-28 172632]

S3 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]

S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2010-12-17 340240]

S3 RoxMediaDB12OEM;RoxMediaDB12OEM;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [2010-11-25 1116656]

S3 RoxWatch12;Roxio Hard Drive Watcher 12;C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [2010-11-25 219632]

S3 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-2-28 161384]

S3 TesSafe;TesSafe;C:\Windows\System32\TesSafe.sys [2011-7-6 159160]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]

S3 TurboBoost;Intel® Turbo Boost Technology Monitor 2.0;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-6 1255736]

S3 XLaccService;XLaccService;C:\Users\Henry\Desktop\ipacc\xlacc\bin\XLaccService.exe --> C:\Users\Henry\Desktop\ipacc\xlacc\bin\XLaccService.exe [?]

S3 XLServicePlatform;XLServicePlatform;C:\Windows\System32\svchost -k XLServicePlatform --> C:\Windows\System32\svchost -k XLServicePlatform [?]

S3 YDYDriver;YDYDriver;C:\Windows\System32\drivers\YDYDriver.sys [2012-9-28 146152]

.

=============== Created Last 30 ================

.

2013-05-21 04:34:34 -------- d-----w- C:\Users\Henry\AppData\Roaming\360SuperKiller

2013-05-21 04:34:16 -------- d-----w- C:\Users\Henry\AppData\Roaming\360DiagnoseScan

2013-05-21 04:23:44 866720 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll

2013-05-21 04:23:34 95648 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-05-21 02:17:05 3153920 ----a-w- C:\Windows\System32\win32k.sys

2013-05-21 01:52:53 -------- d-----w- C:\Users\Henry\AppData\Roaming\Malwarebytes

2013-05-21 01:52:41 -------- d-----w- C:\ProgramData\Malwarebytes

2013-05-21 01:52:26 -------- d-----w- C:\Users\Henry\AppData\Local\Programs

2013-05-21 01:49:17 65424 ----a-w- C:\Windows\System32\drivers\360AvFlt.sys

2013-05-11 10:37:28 209472 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll

2013-05-09 00:48:47 -------- d-----w- C:\Users\Henry\AppData\Roaming\Mumble

2013-05-09 00:48:25 -------- d-----w- C:\Program Files (x86)\Mumble

2013-05-01 22:32:16 1656680 ----a-w- C:\Windows\System32\drivers\ntfs.sys

2013-05-01 22:32:06 223752 ----a-w- C:\Windows\System32\drivers\fvevol.sys

2013-05-01 22:13:31 -------- d-----w- C:\Program Files (x86)\Cryptic Studios

2013-05-01 00:37:15 -------- d-----w- C:\Program Files\Ventrilo

2013-04-25 17:00:12 -------- d-----w- C:\Users\Henry\AppData\Local\{F5EDF173-AF11-495C-8C8A-67E7DE9CBF93}

2013-04-24 18:20:53 -------- d-----w- C:\Users\Henry\AppData\Local\{082FF1A4-689E-4188-9B4D-D8128E642D48}

2013-04-24 05:45:39 -------- d-----w- C:\Users\Henry\AppData\Local\{F122F1BF-3148-46F5-B282-435EAD399160}

2013-04-24 03:27:03 -------- d-----w- C:\Program Files (x86)\TeamSpeak 3 Client

2013-04-23 17:45:00 -------- d-----w- C:\Users\Henry\AppData\Local\{E59934E1-181E-4BA1-B1E9-D7B1D678FCBF}

2013-04-23 05:24:23 -------- d-----w- C:\Users\Henry\AppData\Local\{2338F71D-31CE-4108-B9B5-C3BEA9C148A9}

2013-04-22 17:23:44 -------- d-----w- C:\Users\Henry\AppData\Local\{9979046C-A2F8-4DFC-97DA-BBAD7CFC467C}

2013-04-21 23:36:57 -------- d-----w- C:\Users\Henry\AppData\Local\{2214B2F5-E216-42BD-A654-7EEB1629C9C8}

.

==================== Find3M ====================

.

2013-05-21 05:04:03 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-05-21 05:04:02 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-05-21 04:23:24 788896 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-05-02 06:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe

2013-04-05 06:52:14 2242048 ----a-w- C:\Windows\System32\wininet.dll

2013-04-05 06:50:36 3958784 ----a-w- C:\Windows\System32\jscript9.dll

2013-04-05 06:50:31 67072 ----a-w- C:\Windows\System32\iesetup.dll

2013-04-05 06:50:31 136704 ----a-w- C:\Windows\System32\iesysprep.dll

2013-04-05 05:28:24 1767424 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-04-05 05:26:26 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll

2013-04-05 05:26:21 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll

2013-04-05 05:26:21 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll

2013-04-05 04:43:00 2706432 ----a-w- C:\Windows\System32\mshtml.tlb

2013-04-05 04:29:45 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-04-05 03:51:11 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe

2013-04-05 03:38:25 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe

2013-03-27 04:28:07 8192 ----a-w- C:\Windows\SysWow64\srvany.exe

2013-03-19 06:04:06 5550424 ----a-w- C:\Windows\System32\ntoskrnl.exe

2013-03-19 05:46:56 43520 ----a-w- C:\Windows\System32\csrsrv.dll

2013-03-19 05:04:13 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe

2013-03-19 05:04:10 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe

2013-03-19 04:47:50 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll

2013-03-19 03:06:33 112640 ----a-w- C:\Windows\System32\smss.exe

2013-03-17 20:31:05 9728 ---ha-w- C:\Windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

2013-03-15 05:53:06 968408 ----a-w- C:\Windows\SysWow64\nvumdshim.dll

2013-03-15 04:16:18 3477280 ----a-w- C:\Windows\System32\nvsvc64.dll

2013-03-15 04:16:17 6398240 ----a-w- C:\Windows\System32\nvcpl.dll

2013-03-15 04:16:10 877856 ----a-w- C:\Windows\System32\nvvsvc.exe

2013-03-15 04:16:10 76064 ----a-w- C:\Windows\System32\nv3dappshextr.dll

2013-03-15 04:16:10 63776 ----a-w- C:\Windows\System32\nvshext.dll

2013-03-15 04:16:10 2555680 ----a-w- C:\Windows\System32\nvsvcr.dll

2013-03-15 04:16:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll

2013-03-15 04:16:10 1016096 ----a-w- C:\Windows\System32\nv3dappshext.dll

2013-03-15 02:07:52 559904 ----a-w- C:\Windows\SysWow64\nvStreaming.exe

2013-03-13 16:24:01 3065455 ----a-w- C:\Windows\System32\nvcoproc.bin

.

============= FINISH: 18:53:08.87 ===============

attach.txt

[qazxxxx]

Internet explorer is like this..

[Maurice Naggar]

Hello qaz and welcome to MalwareBytes forums.

Going forward, do not attach log reports. I will need for you to Copy & paste all contents directly into main-body of reply box.

I don't see an Anti Virus Program running on your machine

Download and install an antivirus program, and make sure that you keep it updated

New viruses come out every minute, so it is essential that you have the latest signatures for your antivirus program to provide you with the best possible protection from malicious software.

Two good antivirus programs free for non-commercial home use are Avira Free Antivirus and Microsoft Security Essentials

Choose one of them.

Note: You should only have one antivirus installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as impairing the performance of your PC.

After the antivirus program is installed, Close all browsers plus any open programs you started.

Then do an Update run with your Antivirus, and then do a Full scan with it. Let me know the result.

[qazxxxx]

Ok unfortunately before i was able to do that my computer all of a sudden failed to boot. (blue screen of death on boot every time)

So now I reinstalled windows and everything is okay. Lost some files but it's fine.

Thank you very much for you help!

[Maurice Naggar]

Did you get a fresh Antivirus program installed? Please advise.

IF your Windows is from a pc-manufacturer & they bundled something like Norton & Mcafee ----those are "trial" editions of limited time and would now be very out of date. If that is so, you need to Uninstall that & get your own fresh-new antivirus.

Please tell me what you do have. Also, if you get & run a fresh new DDS report, I will be happy to review.

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!