Hi thanks for the quick reply!
I've done all the scans now and there are as below;
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.31.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DE :: DEANS-COMP [administrator]
31/08/2012 22:15:36
mbam-log-2012-08-31 (22-15-36).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 240415
Time elapsed: 11 minute(s), 2 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
============================================================
GMER 1.0.15.15641 -
http://www.gmer.net
Rootkit scan 2012-09-01 01:51:08
Windows 6.1.7601 Service Pack 1
Running: gmer.exe
---- Registry - GMER 1.0.15 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 E:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7C 0xFD 0x00 0x3E ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x14 0x25 0xC3 0x44 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7D 0xF8 0xA8 0xF7 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 E:\Program Files (x86)\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0x00 0x00 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x7C 0xFD 0x00 0x3E ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x14 0x25 0xC3 0x44 ...
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7D 0xF8 0xA8 0xF7 ...
---- EOF - GMER 1.0.15 ----
============================================================
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by DE at 12:13:18 on 2012-09-01
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.8187.5801 [GMT 1:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
E:\Program Files (x86)\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.exe
C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe
C:\Windows\system32\mfevtps.exe
E:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\rundll32.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Razer\Lycosa\razerhid.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\McAfee.com\Agent\mcagent.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Users\DE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\sppsvc.exe
C:\Users\DE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\DE\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Common Files\McAfee\Core\mchost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = localhost; 127.0.0.1; <local>
mSearchAssistant = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
mWinlogon: Userinit=userinit.exe,
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: DivX Plus Web Player HTML5 <video>: {326e768d-4182-46fd-9c16-1449a49795f4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll
BHO: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Windows Live Messenger Companion Helper: {9fdde16b-836f-4806-ab1f-1455cbeff289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - E:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO: Yontoo: {fd72061e-9fde-484d-a58a-0bab4151cad8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll
TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll"
TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
uRun: [Google Update] "C:\Users\DE\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SUPERAntiSpyware] E:\Program Files (x86)\SUPERAntiSpyware.exe
uRun: [RoboForm] "C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
mRun: [DRPU PC Data Manager(Basic)] "e:\Program Files (x86)\DRPU PC Data Manager(Basic)\pcdm.exe" "hd"
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files (x86)\McAfee Security Scan\3.0.207\SSScheduler.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Customize Menu - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
IE: E&xport to Microsoft Excel - E:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Fill Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComFillForms.html
IE: Free YouTube Download - C:\Users\DE\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - C:\Users\DE\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Save Forms - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComSavePass.html
IE: Se&nd to OneNote - E:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Show avast! EasyPass Toolbar - file://C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
IE: {0000036B-C524-4050-81A0-243669A86B9F} - {B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F46} - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {320AF880-6646-11D3-ABEE-C5DBF3571F49} - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {724d43aa-0d85-11d4-9908-00400523e39a} - {724d43aa-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - E:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
LSP: pcapwsp.dll
LSP: mswsock.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.0.1
TCP: Interfaces\{74E801AF-9F6C-486C-80A1-852EA5D9E29B} : DhcpNameServer = 192.168.0.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll
BHO-X64: Increase performance and video formats for your HTML5 <video> - No File
BHO-X64: CescrtHlpr Object: {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\bh\facemoods.dll
BHO-X64: facemoods Helper - No File
BHO-X64: avast! EasyPass Toolbar Helper: {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
BHO-X64: RoboForm BHO - No File
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
BHO-X64: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll
BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Windows Live Messenger Companion Helper: {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll
BHO-X64: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll
BHO-X64: Yontoo: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll
BHO-X64: Yontoo Layers - No File
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll
TB-X64: facemoods Toolbar: {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.6\facemoodsTlbr.dll
TB-X64: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BingExt.dll"
TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll
TB-X64: avast! EasyPass Toolbar: {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll
TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
mRun-x64: [DRPU PC Data Manager(Basic)] "e:\Program Files (x86)\DRPU PC Data Manager(Basic)\pcdm.exe" "hd"
mRun-x64: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun-x64: [Lycosa] "C:\Program Files (x86)\Razer\Lycosa\razerhid.exe"
mRun-x64: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun-x64: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - E:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DE\AppData\Roaming\Mozilla\Firefox\Profiles\k5ta0gia.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://
www.google.co.uk/
FF - prefs.js: keyword.URL - hxxp://uk.search.yahoo.com/search?fr=mcafee&p=
FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\DE\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - plugin: E:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: E:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
.
---- FIREFOX POLICIES ----
FF - user.js: extentions.y2layers.installId - 04264f49-2fcd-425d-912c-2dea6dd45e54
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,ezLooker,pagerage,buzzdock,toprelatedtopics,twittube
.
FF - user.js: extensions.autoDisableScopes - 14
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?]
R1 aswSnx;aswSnx;C:\Windows\system32\drivers\aswSnx.sys --> C:\Windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\Windows\system32\drivers\aswSP.sys --> C:\Windows\system32\drivers\aswSP.sys [?]
R1 SASDIFSV;SASDIFSV;E:\Program Files (x86)\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;E:\Program Files (x86)\saskutil64.sys [2011-7-12 12368]
R2 !SASCORE;SAS Core Service;E:\Program Files (x86)\SASCore64.exe [2011-8-12 140672]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-4-4 63928]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\drivers\aswFsBlk.sys --> C:\Windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\Windows\system32\drivers\aswMonFlt.sys --> C:\Windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-31 44808]
R2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\BBSvc.EXE [2012-2-20 193816]
R2 fssfltr;fssfltr;C:\Windows\system32\DRIVERS\fssfltr.sys --> C:\Windows\system32\DRIVERS\fssfltr.sys [?]
R2 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2011-5-13 1492840]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-8-31 655944]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [2012-8-30 103472]
R2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-29 200728]
R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-29 200728]
R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-8-29 237920]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-8-29 218320]
R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?]
R2 pcapsvc;ProxyCap Service;E:\Program Files\Proxy Labs\ProxyCap\pcapsvc.exe [2011-10-9 1850368]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-5-15 382272]
R3 Lycosa;Lycosa Keyboard;C:\Windows\system32\drivers\Lycosa.sys --> C:\Windows\system32\drivers\Lycosa.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-8-29 200728]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-4-12 1262400]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-15 250056]
S3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.1.364.0\SeaPort.EXE [2012-2-20 240408]
S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\system32\drivers\HipShieldK.sys --> C:\Windows\system32\drivers\HipShieldK.sys [?]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files (x86)\McAfee Security Scan\3.0.207\McCHSvc.exe [2011-6-17 237008]
S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;E:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2010-1-21 30963576]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 113120]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 pbfilter;pbfilter;E:\Program Files\PeerBlock\pbfilter.sys [2011-6-15 24176]
S3 Razerlow;Razer Pro|Solutions;C:\Windows\system32\drivers\DB3G.sys --> C:\Windows\system32\drivers\DB3G.sys [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 usbet;USB 2.0 PC CAMERA;C:\Windows\system32\DRIVERS\ETdrv.sys --> C:\Windows\system32\DRIVERS\ETdrv.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2010-11-11 306416]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-08-31 21:14:46--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-08-30 21:32:22--------d-----w-C:\Users\DE\AppData\Roaming\RoboForm
2012-08-30 21:30:24--------d-----w-C:\Program Files (x86)\Siber Systems
2012-08-30 21:29:5954072----a-w-C:\Windows\System32\drivers\aswRdr2.sys
2012-08-30 21:29:56969200----a-w-C:\Windows\System32\drivers\aswSnx.sys
2012-08-30 21:29:5171600----a-w-C:\Windows\System32\drivers\aswMonFlt.sys
2012-08-30 21:29:2241224----a-w-C:\Windows\avastSS.scr
2012-08-30 21:29:09--------d-----w-C:\ProgramData\AVAST Software
2012-08-30 21:29:09--------d-----w-C:\Program Files\AVAST Software
2012-08-30 00:58:34--------d-----w-C:\Users\DE\AppData\Roaming\SUPERAntiSpyware.com
2012-08-30 00:58:00--------d-----w-C:\ProgramData\SUPERAntiSpyware.com
2012-08-30 00:34:2316200----a-w-C:\Windows\stinger.sys
2012-08-30 00:34:12--------d-----w-C:\Program Files (x86)\stinger
2012-08-29 22:26:52196440----a-w-C:\Windows\System32\drivers\HipShieldK.sys
2012-08-29 22:26:32--------d-----w-C:\Program Files (x86)\McAfee.com
2012-08-29 22:26:2710288----a-w-C:\Windows\System32\drivers\mfeclnk.sys
2012-08-29 22:26:26--------d-----w-C:\Program Files (x86)\Common Files\McAfee
2012-08-29 22:26:2469672----a-w-C:\Windows\System32\drivers\cfwids.sys
2012-08-29 22:26:24513456----a-w-C:\Windows\System32\drivers\mfefirek.sys
2012-08-29 22:26:24300392----a-w-C:\Windows\System32\drivers\mfeavfk.sys
2012-08-29 22:26:24106112----a-w-C:\Windows\System32\drivers\mferkdet.sys
2012-08-29 22:26:07--------d-----w-C:\Program Files\McAfee.com
2012-08-29 22:26:07--------d-----w-C:\Program Files\McAfee
2012-08-29 22:15:26--------d-----w-C:\Program Files\Common Files\McAfee
2012-08-29 22:15:14--------d-----w-C:\Program Files (x86)\McAfee
2012-08-29 22:00:57177144----a-w-C:\Windows\System32\mfevtps.exe
2012-08-29 21:35:53--------d-----w-C:\Users\DE\AppData\Roaming\McAfee
2012-08-28 17:46:459310152----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A8C074BD-4440-4832-A19C-438A80B60A8D}\mpengine.dll
2012-08-25 13:14:20281088----a-w-C:\Program Files (x86)\Microsoft Games\Pinball\pinball.exe
2012-08-25 13:14:20--------d-----w-C:\Program Files (x86)\Microsoft Games
2012-08-21 23:44:30--------d-----w-C:\Windows\SysWow64\directx
2012-08-21 21:51:04--------d-----w-C:\Users\DE\AppData\Local\CrashRpt
2012-08-17 21:24:27--------d-----w-C:\Users\DE\AppData\Local\Macromedia
2012-08-15 20:39:46503808----a-w-C:\Windows\System32\srcore.dll
2012-08-15 20:39:4543008----a-w-C:\Windows\SysWow64\srclient.dll
2012-08-15 20:39:403148800----a-w-C:\Windows\System32\win32k.sys
2012-08-15 20:39:3759392----a-w-C:\Windows\System32\browcli.dll
2012-08-15 20:39:37136704----a-w-C:\Windows\System32\browser.dll
2012-08-15 20:39:3541984----a-w-C:\Windows\SysWow64\browcli.dll
2012-08-15 20:39:31751104----a-w-C:\Windows\System32\win32spl.dll
2012-08-15 20:39:31559104----a-w-C:\Windows\System32\spoolsv.exe
2012-08-15 20:39:3067072----a-w-C:\Windows\splwow64.exe
2012-08-15 20:39:30492032----a-w-C:\Windows\SysWow64\win32spl.dll
2012-08-15 20:39:28956928----a-w-C:\Windows\System32\localspl.dll
2012-08-04 17:39:11--------d-----w-C:\ProgramData\Spybot - Search & Destroy
.
==================== Find3M ====================
.
2012-08-31 20:19:23280856----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
2012-08-31 20:19:23280856----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2012-08-31 15:18:23280792----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2012-08-19 13:17:0670344----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-19 13:17:06426184----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2012-07-03 12:46:4424904----a-w-C:\Windows\System32\drivers\mbam.sys
2012-06-29 03:56:342312704----a-w-C:\Windows\System32\jscript9.dll
2012-06-29 03:49:111392128----a-w-C:\Windows\System32\wininet.dll
2012-06-29 03:48:071494528----a-w-C:\Windows\System32\inetcpl.cpl
2012-06-29 03:43:49173056----a-w-C:\Windows\System32\ieUnatt.exe
2012-06-29 03:39:482382848----a-w-C:\Windows\System32\mshtml.tlb
2012-06-29 00:16:581800704----a-w-C:\Windows\SysWow64\jscript9.dll
2012-06-29 00:09:011129472----a-w-C:\Windows\SysWow64\wininet.dll
2012-06-29 00:08:591427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:452382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2012-06-22 06:38:16335784----a-w-C:\Windows\System32\drivers\mfewfpk.sys
2012-06-22 06:36:12752672----a-w-C:\Windows\System32\drivers\mfehidk.sys
2012-06-22 06:34:00169320----a-w-C:\Windows\System32\drivers\mfeapfk.sys
2012-06-06 06:06:162004480----a-w-C:\Windows\System32\msxml6.dll
2012-06-06 06:06:161881600----a-w-C:\Windows\System32\msxml3.dll
2012-06-06 06:02:541133568----a-w-C:\Windows\System32\cdosys.dll
2012-06-06 05:05:521390080----a-w-C:\Windows\SysWow64\msxml6.dll
2012-06-06 05:05:521236992----a-w-C:\Windows\SysWow64\msxml3.dll
2012-06-06 05:03:06805376----a-w-C:\Windows\SysWow64\cdosys.dll
.
============= FINISH: 12:15:02.48 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 24/11/2010 13:41:25
System Uptime: 01/09/2012 12:06:38 (0 hours ago)
.
Motherboard: Gigabyte Technology Co., Ltd. | | P55-US3L
Processor: Intel(R) Core(TM) i7 CPU 860 @ 2.80GHz | Socket 1156 | 2794/133mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 466 GiB total, 141.87 GiB free.
D: is CDROM ()
E: is FIXED (NTFS) - 1397 GiB total, 829.866 GiB free.
F: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: McAfee Inc. mfeapfk
Device ID: ROOT\LEGACY_MFEAPFK\0000
Manufacturer:
Name: McAfee Inc. mfeapfk
PNP Device ID: ROOT\LEGACY_MFEAPFK\0000
Service: mfeapfk
.
==== System Restore Points ===================
.
RP324: 21/08/2012 19:48:12 - Windows Update
RP325: 28/08/2012 18:46:12 - Windows Update
RP326: 30/08/2012 22:28:55 - avast! Free Antivirus Setup
.
==== Installed Programs ======================
.
«Achtung Panzer - Kharkov 1943 Demo»
1ClickDownloader
888casino
Adobe AIR
Adobe Community Help
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Media Player
Adobe Photoshop CS5
Adobe Reader X (10.1.3)
Adobe Shockwave Player 11.6
Advanced Tactical Center™ 1.0
ANNO 1404
Anno 2070
Apple Application Support
Apple Software Update
ArtMoney SE v7.38
µTorrent
avast! EasyPass
avast! Free Antivirus
Battlefield 3™
Battlelog Web Plugins
Bing Bar
Black & White® 2
Blitzkrieg
Botanicula
Company of Heroes
Crysis(R)
D3DX10
DAEMON Tools Toolbar
DarthMod: Shogun II (v2.4)
DarthMod: Shogun II (v2.7)
Dear Esther
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DelinvFile - 4.04
DivX Setup
Dual-Core Optimizer
Duke Nukem Forever
EB Documentation 1.1
EB Trivial Script 0.125
Empire: Total War
ESN Sonar
Europa Barbarorum 1.1
Europa Barbarorum 1.2
EVGA Precision 1.9.5
Express Zip File Compression Software
Facemoods Toolbar
Fallout: New Vegas
Free Audio CD Burner version 1.4.7
Free Studio version 5.1.5
Free YouTube Download 3 version 3.0.11.727
Free YouTube to MP3 Converter version 3.9.35.324
GIMP 2.6.11
Google Chrome
GPL MPEG-1/2 DirectShow Decoder Filter
Grand Theft Auto IV
Grand Theft Auto: Episodes From Liberty City
Hawke BRC 1.0.9
Java Auto Updater
Java(TM) 6 Update 31
Java(TM) 7 Update 5
JavaFX 2.1.1
Junk Mail filter update
Just Cause 2
LIMBO
Magic ISO Maker v5.5 (build 0281)
MagicDisc 2.7.106
Malwarebytes Anti-Malware version 1.62.0.1300
Mass Effect 2
McAfee AntiVirus Plus
McAfee Security Scan Plus
McAfee Virtual Technician
Medieval II Total War
Medieval II Total War : Kingdoms : Americas
Medieval II Total War : Kingdoms : Britannia
Medieval II Total War : Kingdoms : Crusades
Medieval II Total War : Kingdoms : Teutonic
Men of War
Mesh Runtime
Messenger Companion
Microsoft .NET Framework 1.1
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170)
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual J# .NET Redistributable Package 1.1
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Minecraft Cracked
Mount & Blade: Warband
Mount&Blade With Fire and Sword
Mozilla Firefox 14.0.1 (x86 en-GB)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
Norton Security Scan
NVIDIA 3D Vision Controller Driver
NVIDIA Photoshop Plug-ins 64 bit
NVIDIA PhysX
NVIDIA Stereoscopic 3D Driver
NVIDIA Supersonic Sled demo
ObjectDock Free
Oblivion
Oblivion mod manager 1.1.12
OpenVPN 2.2.1
Origin
OverTargetMarkers Editor
PDF Settings CS5
PlayStation(R)Network Downloader
PlayStation(R)Store
Porrasturvat - Stair Dismount
PunkBuster Services
QuickTime
Rainmeter (remove only)
Razer Lycosa
Recruitment Viewer 0.9
Red Orchestra 2: Heroes of Stalingrad
Rockstar Games Social Club
RollerCoaster Tycoon® 3
Rome - Total War(TM)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Slice Audio File Splitter
Sniper Elite V2
Stainless Steel
Stainless Steel 3.2 Patch Final
Stainless_Steel_6.0_Part1of2
Stainless_Steel_6.0_Part2of2
Steam
Stronghold 3
swMSM
The Elder Scrolls V: Skyrim
Theatre of War
Theatre of War 2: Africa 1943
Theatre of War 2: Kursk 1943
Third Age - Total War 1.0 Part1
Third Age - Total War 1.0 Part2
Third Age - Total War Hotfix1
Third Age - Total War Patch 1.1
Third Age - Total War Patch 1.2
Third Age - Total War Patch 1.3
Third Age - Total War Patch 1.4
thriXXX 3DSexVilla2-114.001
Total War: SHOGUN 2
Truck Dismount (remove only)
Uninstall 1.0.0.1
Universe Sandbox
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553092)
VC80CRTRedist - 8.0.50727.6195
VLC media player 1.1.11
Warhammer 40,000 Space Marine
WavePad Sound Editor
WebCam
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Messenger Companion Core
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
World of Tanks - Physics Preview
World of Tanks 0.7.0_test1
World of Tanks v.0.7.4_CT
wxDownload Fast 0.6.0
XPS2OneNote
Your Freedom 20111109-01
.
==== Event Viewer Messages From Past Week ========
.
30/08/2012 01:34:32, Error: Service Control Manager [7034] - The PnkBstrA service terminated unexpectedly. It has done this 1 time(s).
30/08/2012 01:34:32, Error: Service Control Manager [7034] - The Adobe Acrobat Update Service service terminated unexpectedly. It has done this 1 time(s).
30/08/2012 01:34:32, Error: Service Control Manager [7031] - The Windows Live Family Safety Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
30/08/2012 01:02:19, Error: Service Control Manager [7034] - The McAfee Scanner service terminated unexpectedly. It has done this 1 time(s).
25/08/2012 20:51:31, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
25/08/2012 20:51:31, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
01/09/2012 12:10:24, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the McAfee Scanner service to connect.
01/09/2012 12:10:24, Error: Service Control Manager [7000] - The McAfee Scanner service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
01/09/2012 12:10:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service MCODS with arguments "" in order to run the server: {C98F04D7-CD30-4BB0-B7D7-8DD7448520F2}
01/09/2012 12:09:56, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed.
01/09/2012 12:09:47, Error: Service Control Manager [7038] - The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: Logon failure: the specified account password has expired. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
01/09/2012 12:09:47, Error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The service did not start due to a logon failure.
01/09/2012 12:09:24, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
01/09/2012 12:09:24, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
01/09/2012 12:07:39, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: mfeapfk
01/09/2012 12:07:31, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
01/09/2012 12:07:30, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
01/09/2012 12:07:27, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
.
==== End Of File ===========================
============================================================
Bootkit Remover
(c) 2009 Esage Lab
www.esagelab.com
Program version: 1.2.0.1
OS Version: Microsoft Windows 7 Home Premium Edition Service Pack 1 (build 7601)
, 64-bit
System volume is \\.\C:
\\.\C: -> \\.\PhysicalDrive0 at offset 0x00000000`06500000
Boot sector MD5 is: bb4f1627d8b9beda49ac0d010229f3ff
Size Device Name MBR Status
--------------------------------------------
465 GB \\.\PhysicalDrive0 OK (DOS/Win32 Boot code found)
Done;
Press any key to quit...
============================================================
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-08-31 15:01:45
-----------------------------
15:01:45.231 OS Version: Windows x64 6.1.7601 Service Pack 1
15:01:45.231 Number of processors: 8 586 0x1E05
15:01:45.232 ComputerName: DEANS-COMP UserName: DE
15:01:46.945 Initialize success
15:01:47.060 AVAST engine defs: 12083100
15:02:42.893 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2
15:02:42.897 Disk 0 Vendor: MDT_MD5000AAKS-00A7B0 01.03B01 Size: 476940MB BusType: 3
15:02:42.909 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP2T1L0-4
15:02:42.914 Disk 1 Vendor: SAMSUNG_HD154UI 1AG01118 Size: 1430799MB BusType: 3
15:02:42.926 Disk 0 MBR read successfully
15:02:42.931 Disk 0 MBR scan
15:02:42.937 Disk 0 Windows 7 default MBR code
15:02:42.951 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
15:02:42.961 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 476838 MB offset 206848
15:02:42.985 Disk 0 scanning C:\Windows\system32\drivers
15:02:57.383 Service scanning
15:03:10.140 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
15:03:16.293 Modules scanning
15:03:16.645 Disk 0 trace - called modules:
15:03:16.682 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys >>UNKNOWN [0xfffffa80074762c0]<<spmw.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys
15:03:16.687 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007949060]
15:03:16.690 3 CLASSPNP.SYS[fffff8800168b43f] -> nt!IofCallDriver -> [0xfffffa8007619580]
15:03:16.694 5 ACPI.sys[fffff880011927a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-2[0xfffffa80075ff680]
15:03:16.697 \Driver\atapi[0xfffffa80075da920] -> IRP_MJ_CREATE -> 0xfffffa80074762c0
15:03:19.484 AVAST engine scan C:\Windows
15:04:23.263 AVAST engine scan C:\Windows\system32
15:07:07.456 File: C:\Windows\assembly\GAC_32\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
15:07:11.629 File: C:\Windows\assembly\GAC_64\Desktop.ini **INFECTED** Win32:Sirefef-PL [Rtk]
15:09:12.805 AVAST engine scan C:\Windows\system32\drivers
15:09:26.526 AVAST engine scan C:\Users\DE
15:32:26.641 AVAST engine scan C:\ProgramData
15:41:33.719 Scan finished successfully
15:58:07.097 Disk 0 MBR has been saved successfully to "C:\Users\DE\Desktop\MBR.dat"
15:58:07.097 The log file has been saved successfully to "C:\Users\DE\Desktop\aswMBR.txt"
============================================================