Infected, Trojan/spyware

[Bobshe]

I'm having trouble with some type of Trojan or spyware that keeps popping up in my extensions. I noticed it today, it seems to have deleted all of my extensions except LastPass. I've since gone and added AdBlock Plus just to get rid of the intrusive ads it keeps playing,

 

I've run Malwarebytes and it removed over 1000 unwanted/suspicious files after performing a full system scan as well as HitmanPro which removed a supposed Trojan from my system. I'm still having trouble with this extension popping up after removing it, and the ads are beyond intrusive.

 

Here is the extension I'm referring to:

 

http://postimg.org/image/xe1pa2nlh/

 

Any help would be appreciated.

attach.txt

dds.txt

[Bobshe]

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 

Internet Explorer: 8.0.7601.17514  BrowserJavaVersion: 10.45.2

Run by Dan at 18:40:20 on 2014-01-01

Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8075.6294 [GMT -8:00]

.

AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Program Files\Microsoft Security Client\MsMpEng.exe

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Program Files\Sandboxie\SbieSvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Intel\iCLS Client\HeciServer.exe

C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Windows Sidebar\sidebar.exe

Z:\Steam\Steam.exe

Z:\Dxtory2.0\UpdateChecker.exe

C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe

C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Sony\Content Manager Assistant\CMAWatcher.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Program Files\Microsoft Security Client\NisSrv.exe

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

C:\Program Files\Microsoft Security Client\MpCmdRun.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit = userinit.exe,

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [steam] "Z:\Steam\steam.exe" -silent

uRun: [Dxtory Update Checker 2.0] Z:\Dxtory2.0\UpdateChecker.exe

uRun: [GameFly Download Manager] "C:\Users\Dan\AppData\Local\Apps\2.0\HLLOVHQG.WBL\RMT0TEZY.R1O\game..tion_2b523ae39a779562_0001.0000_8a34b578af7aefe3\GameFly.Digital.Client.Driver.exe" -minimized

mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60

mRun: [uSB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CONTEN~1.LNK - C:\Program Files (x86)\Sony\Content Manager Assistant\CMA.exe

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

Trusted Zone: cantireu.com

Trusted Zone: icanelearn.com

Trusted Zone: plateau.com

TCP: NameServer = 207.54.102.193 207.54.98.226

TCP: Interfaces\{F8032450-2310-4864-AD2D-DCEE9EDD0372} : DHCPNameServer = 207.54.102.193 207.54.98.226

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: intu-tt2012 - {02F985EF-502B-4597-993F-6BF9E004C138} - <orphaned>

AppInit_DLLs= c:\progra~3\filtel~1\filtel~1.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe

x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe

x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe

x64-Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: intu-tt2012 - {02F985EF-502B-4597-993F-6BF9E004C138} - <orphaned>

x64-Notify: igfxcui - igfxdev.dll

x64-SSODL: WebCheck - <orphaned>

.

============= SERVICES / DRIVERS ===============

.

R0 asahci64;asahci64;C:\Windows\System32\drivers\asahci64.sys [2011-9-21 49760]

R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2012-12-28 647736]

R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2012-12-28 28216]

R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2012-12-28 16152]

R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2013-9-27 248240]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-28 283200]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2012-12-19 240640]

R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-12-28 14904]

R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]

R2 Intel® ME Service;Intel® ME Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [2012-12-28 129856]

R2 ISCTAgent;ISCT Always Updated Agent;C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [2012-2-9 133632]

R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe [2012-12-28 166720]

R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2012-8-30 134944]

R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2011-3-4 126952]

R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2011-3-4 390632]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2012-11-6 96256]

R3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-1-1 32512]

R3 ikbevent;Intel Upper keyboard Class Filter Driver;C:\Windows\System32\drivers\ikbevent.sys [2012-2-9 25536]

R3 imsevent;Intel Upper Mouse Class Filter Driver;C:\Windows\System32\drivers\imsevent.sys [2012-2-9 25536]

R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-12-28 342528]

R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-18 46568]

R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2012-12-28 356120]

R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2012-12-28 788760]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000]

R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2012-12-28 32344]

R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-10-23 348376]

R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-12-16 202632]

R3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);C:\Windows\System32\drivers\WPRO_41_2001.sys [2012-12-28 34752]

S2 3f0ddfac;Filteligent;C:\Windows\System32\rundll32.exe [2009-7-13 45568]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]

S2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-12-28 365344]

S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;Z:\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [2013-1-19 25832]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2013-4-8 130976]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2012-12-28 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-11-12 56832]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2012-12-28 30208]

S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-12-28 1255736]

.

=============== Created Last 30 ================

.

2014-01-02 02:38:16 32512 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys

2014-01-02 01:49:32 -------- d-----w- C:\Program Files\HitmanPro

2014-01-02 01:49:07 -------- d-----w- C:\ProgramData\HitmanPro

2014-01-02 01:33:54 -------- d-----w- C:\Users\Dan\AppData\Roaming\Malwarebytes

2014-01-02 01:33:46 -------- d-----w- C:\ProgramData\Malwarebytes

2014-01-02 01:33:45 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys

2014-01-02 01:27:28 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4B507E1-1DAD-4739-9D5D-AD72AEB580B1}\mpengine.dll

2014-01-02 01:20:23 -------- d-----w- C:\Program Files (x86)\DDEaeLoEExpress

2014-01-02 01:20:20 -------- d-----w- C:\Program Files (x86)\MiNimmummPRice

2013-12-31 05:11:13 10315576 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll

2013-12-31 05:08:09 -------- d-----w- C:\ProgramData\MiNimmummPRice

2013-12-31 05:08:09 -------- d-----w- C:\ProgramData\gaoghnnobeamollkheklnmmiechiahgi

2013-12-31 05:07:54 -------- d-----w- C:\ProgramData\DDEaeLoEExpress

2013-12-29 06:35:13 -------- d-----w- C:\ProgramData\Filteligent

2013-12-15 06:53:41 -------- d-----w- C:\ProgramData\QuickSet

2013-12-15 06:53:36 -------- d-----w- C:\Program Files (x86)\Sk_Enabler

2013-12-15 06:53:16 -------- d-----w- C:\ProgramData\surf and ikeeep

2013-12-15 06:53:15 -------- d-----w- C:\Program Files (x86)\surf and ikeeep

2013-12-13 07:55:15 230400 ----a-w- C:\Windows\System32\drivers\portcls.sys

2013-12-13 07:55:15 116736 ----a-w- C:\Windows\System32\drivers\drmk.sys

2013-12-13 06:28:50 167424 ----a-w- C:\Program Files\Windows Media Player\wmplayer.exe

2013-12-13 06:28:50 164864 ----a-w- C:\Program Files (x86)\Windows Media Player\wmplayer.exe

2013-12-13 06:28:50 12625920 ----a-w- C:\Windows\System32\wmploc.DLL

2013-12-13 06:28:50 12625408 ----a-w- C:\Windows\SysWow64\wmploc.DLL

2013-12-13 06:23:59 2048 ----a-w- C:\Windows\SysWow64\tzres.dll

2013-12-13 06:23:59 2048 ----a-w- C:\Windows\System32\tzres.dll

2013-12-12 01:32:52 -------- d-----w- C:\Windows\PCHEALTH

2013-12-12 01:32:05 -------- d-----w- C:\Program Files (x86)\Microsoft Visual Studio 8

2013-12-09 05:08:37 -------- d-----w- C:\Windows\Migration

2013-12-07 04:30:25 965000 ------w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{09FD02C5-813B-43BC-AC2D-905EE4492A64}\gapaengine.dll

2013-12-06 22:56:23 -------- d-----w- C:\Users\Dan\AppData\Local\calibre-cache

2013-12-06 22:55:59 -------- d-----w- C:\Users\Dan\AppData\Roaming\calibre

2013-12-06 22:55:51 -------- d-----w- C:\Program Files (x86)\Calibre2

2013-12-05 05:10:55 -------- d-----w- C:\Program Files (x86)\Sony

.

==================== Find3M  ====================

.

2014-01-02 02:38:17 94656 ----a-w- C:\Windows\System32\WPRO_41_2001woem.tmp

2014-01-02 02:38:17 34752 ----a-w- C:\Windows\System32\drivers\WPRO_41_2001.sys

2013-11-23 18:26:20 417792 ----a-w- C:\Windows\SysWow64\WMPhoto.dll

2013-11-23 17:47:34 465920 ----a-w- C:\Windows\System32\WMPhoto.dll

2013-11-19 10:21:41 267936 ------w- C:\Windows\System32\MpSigStub.exe

2013-11-05 20:08:53 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr

2013-11-05 20:08:53 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe

2013-10-30 02:32:01 335360 ----a-w- C:\Windows\System32\msieftp.dll

2013-10-30 02:19:52 301568 ----a-w- C:\Windows\SysWow64\msieftp.dll

2013-10-30 01:24:31 3155968 ----a-w- C:\Windows\System32\win32k.sys

2013-10-19 02:18:57 81408 ----a-w- C:\Windows\System32\imagehlp.dll

2013-10-19 01:36:59 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll

2013-10-18 05:31:14 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

2013-10-12 02:32:04 150016 ----a-w- C:\Windows\System32\wshom.ocx

2013-10-12 02:31:48 1188864 ----a-w- C:\Windows\System32\wininet.dll

2013-10-12 02:31:04 202752 ----a-w- C:\Windows\System32\scrrun.dll

2013-10-12 02:30:42 830464 ----a-w- C:\Windows\System32\nshwfp.dll

2013-10-12 02:29:21 859648 ----a-w- C:\Windows\System32\IKEEXT.DLL

2013-10-12 02:29:08 324096 ----a-w- C:\Windows\System32\FWPUCLNT.DLL

2013-10-12 02:04:36 121856 ----a-w- C:\Windows\SysWow64\wshom.ocx

2013-10-12 02:04:18 981504 ----a-w- C:\Windows\SysWow64\wininet.dll

2013-10-12 02:03:31 163840 ----a-w- C:\Windows\SysWow64\scrrun.dll

2013-10-12 02:03:08 656896 ----a-w- C:\Windows\SysWow64\nshwfp.dll

2013-10-12 02:01:25 216576 ----a-w- C:\Windows\SysWow64\FWPUCLNT.DLL

2013-10-12 01:33:39 156160 ----a-w- C:\Windows\System32\cscript.exe

2013-10-12 01:33:26 168960 ----a-w- C:\Windows\System32\wscript.exe

2013-10-12 01:32:57 1638912 ----a-w- C:\Windows\System32\mshtml.tlb

2013-10-12 01:15:48 141824 ----a-w- C:\Windows\SysWow64\wscript.exe

2013-10-12 01:15:48 126976 ----a-w- C:\Windows\SysWow64\cscript.exe

2013-10-12 01:15:03 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb

2013-10-05 20:25:35 1474048 ----a-w- C:\Windows\System32\crypt32.dll

2013-10-05 19:57:25 1168384 ----a-w- C:\Windows\SysWow64\crypt32.dll

.

============= FINISH: 18:40:29.43 ===============

 

 

 

 

 

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium 

Boot Device: \Device\HarddiskVolume2

Install Date: 12/28/2012 12:47:27 PM

System Uptime: 1/1/2014 6:37:57 PM (0 hours ago)

.

Motherboard: ASRock |  | Z77 Extreme4

Processor: Intel® Core i5-3570K CPU @ 3.40GHz | CPUSocket | 3401/100mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 112 GiB total, 59.373 GiB free.

E: is CDROM ()

F: is CDROM ()

G: is CDROM ()

Z: is FIXED (NTFS) - 932 GiB total, 720.204 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP200: 12/12/2013 10:28:00 PM - Windows Update

RP201: 12/12/2013 11:55:16 PM - Windows Update

RP202: 12/17/2013 11:46:34 AM - Windows Update

RP203: 12/20/2013 9:55:33 PM - Windows Update

RP204: 12/23/2013 10:37:03 PM - Windows Update

RP205: 12/28/2013 9:22:43 PM - Windows Update

RP206: 1/1/2014 5:27:07 PM - Windows Update

.

==== Installed Programs ======================

.

µTorrent

3DMark Vantage

A Game of Thrones version 0.4.7

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Adobe Reader XI (11.0.05)

AMD Accelerated Video Transcoding

AMD APP SDK Runtime

AMD Catalyst Install Manager

AMD Drag and Drop Transcoding

AMD Media Foundation Decoders

Amnesia: The Dark Descent

Anno 2070

Asmedia ASM104x USB 3.0 Host Controller Driver

Asmedia ASM106x SATA Host Controller Driver

Braid

Broadcom NetLink Controller

calibre

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

ccc-utility64

CCC Help Chinese Standard

CCC Help Chinese Traditional

CCC Help Czech

CCC Help Danish

CCC Help Dutch

CCC Help English

CCC Help Finnish

CCC Help French

CCC Help German

CCC Help Greek

CCC Help Hungarian

CCC Help Italian

CCC Help Japanese

CCC Help Korean

CCC Help Norwegian

CCC Help Polish

CCC Help Portuguese

CCC Help Russian

CCC Help Spanish

CCC Help Swedish

CCC Help Thai

CCC Help Turkish

CCleaner

Content Manager Assistant for PlayStation®

CPUID CPU-Z 1.63.0

Crusader Kings II

Deus Ex New Vision

Deus Ex: Invisible War

Dragon Age: Origins - Ultimate Edition

Dxtory version 2.0.122

F1 2012

Far Cry 3

FEZ

Filteligent

Fraps (remove only)

Futuremark SystemInfo

GameFly Download Manager

Geneforge 1

GOG.com Downloader version 3.4.8

Google Chrome

Google Drive

Google Update Helper

HitmanPro 3.7

Intel® Control Center

Intel® Manageability Engine Firmware Recovery Agent

Intel® Management Engine Components

Intel® Processor Graphics

Intel® Rapid Storage Technology

Intel® SDK for OpenCL - CPU Only Runtime Package

Intel® Smart Connect Technology 2.0 x64

Intel® USB 3.0 eXtensible Host Controller Driver

Intel® Trusted Connect Service Client

Java 7 Update 45

Java Auto Updater

LastPass(uninstall only)

Macromedia Authorware Web Player

Malwarebytes Anti-Malware version 1.75.0.1300

Microsoft .NET Framework 4.5.1

Microsoft Games for Windows - LIVE Redistributable

Microsoft Games for Windows Marketplace

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office Office 64-bit Components 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared 64-bit MUI (English) 2007

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Security Client

Microsoft Security Essentials

Microsoft Silverlight

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106

Microsoft WSE 3.0 Runtime

Microsoft XNA Framework Redistributable 4.0

Nexus Mod Manager

Nox

NVIDIA PhysX

Oblivion mod manager 1.1.9

OpenAL

Pharaoh Gold

Planescape Torment

Pokemon Showdown

Project64 1.6

PunkBuster Services

Realtek High Definition Audio Driver

Red Faction: Armageddon

Rockstar Games Social Club

Sacred 2 Gold

Saints Row 2

Saints Row: The Third

Sandboxie 3.76 (64-bit)

Sid Meier's Civilization V

Speccy

Star Wolves

Starbound

Steam

System Requirements Lab CYRI

TeamSpeak 3 Client

Temple of Elemental Evil

Terraria

The Elder Scrolls III: Morrowind

The Elder Scrolls V: Skyrim

The Witcher: Enhanced Edition

Trine 1.03

Trine 2

Tropico 4

Under the Ocean

Uplay

VLC media player 2.0.8

Windows Live ID Sign-in Assistant

WinRAR 4.20 (64-bit)

.

==== Event Viewer Messages From Past Week ========

.

1/1/2014 6:38:19 PM, Error: Service Control Manager [7024]  - The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error The operation completed successfully..

.

==== End Of File ===========================

 

[Bobshe]

Sorry to triple post but I can't edit. Here is my first scan with MalwareBytes. I'll add as an attachment.

mbam-log-2014-01-01 (17-35-25).txt

[Maniac]

Hello Bobshe and ! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

• If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
• I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
• Make sure you read all of the instructions and fixes thoroughly before continuing with them.
• Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
• Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
• Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

P2P/Piracy Warning:

If you're using Peer 2 Peer software such as µTorrent or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have illegal/cracked software, cracks, keygens etc. on the system, please remove or uninstall them now and read the policy on Piracy.

[Bobshe]

Okay I've gone ahead and got rid of anything piracy related I could find. How should we proceed?

[Maniac]

Please generate a new fresh DDS log files and post them in your next reply.

[AdvancedSetup]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!