I have ESET Smart Security 5 and it has started warning me that I have the above threat on my computer. and I have already followed the 4-Step preliminary instructions.
from MBAM
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.02.27.12
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Alex :: MANDALORE [administrator]
Protection: Enabled
2/28/2013 5:06:37 PM
mbam-log-2013-02-28 (17-06-37).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244828
Time elapsed: 1 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
from DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.15.2
Run by Alex at 17:09:53 on 2013-02-28
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.16351.12789 [GMT -5:00]
.
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\explorer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\notepad.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>;*.local
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe"
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [ZumoCast] C:\Program Files (x86)\Zecter\ZumoCast\ZumoLauncher.lnk
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
mRun: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Alex\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{15DA0D4B-EF5A-4888-92DA-A1670F41D93F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{44AEE0CB-EBCB-442A-8186-4535BBA7A90E} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORDTSUPTBT
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-11-16 62024]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2011-11-11 27440]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-12-31 56208]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-30 283200]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-11-16 209808]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-3-28 38288]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2012-12-30 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2012-12-30 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-12-30 586880]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 DTSAudioService;DTSAudioService;C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2013-2-8 210024]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-16 913184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-8 166720]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-12-18 376320]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-1-2 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-1-1 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-27 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-27 682344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-10-19 3141424]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-1-21 613760]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2012-12-30 26136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-27 24176]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-8 553576]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2012-11-7 22016]
R3 rzjoystk;Razer VJoystick;C:\Windows\System32\drivers\rzjoystk.sys [2012-10-18 19968]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2012-11-7 113664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-1 160944]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-31 1432400]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-1-21 13728]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2012-7-15 30720]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-1-21 81312]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-1-21 15776]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-02-28 19:07:04--------d-sh--w-C:\$RECYCLE.BIN
2013-02-28 15:26:29--------d-----w-C:\ComboFix
2013-02-28 14:36:00256000----a-w-C:\Windows\PEV.exe
2013-02-28 14:36:00208896----a-w-C:\Windows\MBR.exe
2013-02-28 14:35:5998816----a-w-C:\Windows\sed.exe
2013-02-28 02:00:22--------d-----w-C:\FRST
2013-02-27 22:32:36--------d-----w-C:\Users\Alex\AppData\Roaming\Malwarebytes
2013-02-27 22:32:3124176----a-w-C:\Windows\System32\drivers\mbam.sys
2013-02-27 22:32:31--------d-----w-C:\ProgramData\Malwarebytes
2013-02-27 22:32:31--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-27 19:08:559162192----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3287CD1-72E7-4BB1-9994-A186AB995AF9}\mpengine.dll
2013-02-27 18:37:33--------d-sh--w-C:\Windows\SysWow64\%APPDATA%
2013-02-21 18:24:0295648----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-21 17:26:54--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-21 17:26:54--------d-----w-C:\Program Files\iTunes
2013-02-21 17:26:54--------d-----w-C:\Program Files\iPod
2013-02-21 17:26:54--------d-----w-C:\Program Files (x86)\iTunes
2013-02-19 18:45:23--------d-----w-C:\Users\Alex\AppData\Local\NVIDIA
2013-02-17 17:13:55996352----a-w-C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 17:13:55768000----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 17:11:565500776----a-w-C:\Windows\System32\ntoskrnl.exe
2013-02-17 17:11:543957608----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-17 17:11:543902312----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-02-17 17:11:531893224----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-02-17 17:11:52287576----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-17 17:11:393150848----a-w-C:\Windows\System32\win32k.sys
2013-02-09 23:43:52555808----a-w-C:\Windows\SysWow64\nvStreaming.exe
2013-02-08 23:53:10--------d-----w-C:\Program Files (x86)\Renesas Electronics
2013-02-08 21:13:2815168----a-w-C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-02-08 21:12:2362784----a-w-C:\Windows\System32\drivers\HECIx64.sys
2013-02-08 21:10:14--------d-----w-C:\Users\Alex\AppData\Local\Matrox
2013-02-08 21:07:57--------d-----w-C:\Program Files (x86)\Marvell
2013-02-08 21:06:05315904----a-w-C:\Windows\SysWow64\Difxc336.rra
2013-02-08 21:06:03--------d-----w-C:\Windows\RaidTool
2013-02-08 21:05:48753664----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-02-08 21:05:4869714----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-02-08 21:05:4863488----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2013-02-08 21:05:485632----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-02-08 21:05:4832768----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-02-08 21:05:48274432----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-02-08 21:05:48184320----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-02-08 21:05:47331908----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-02-08 21:05:47200836----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-02-08 21:05:47120920----a-w-C:\Windows\System32\drivers\jraid.sys
2013-02-08 21:04:5374272----a-w-C:\Windows\System32\RtNicProp64.dll
2013-02-08 21:04:53553576----a-w-C:\Windows\System32\drivers\Rt64win7.sys
2013-02-08 20:49:2153248----a-w-C:\Windows\SysWow64\CSVer.dll
2013-02-08 20:37:58--------d-----w-C:\Program Files (x86)\Realtek
2013-02-08 20:32:47538496----a-w-C:\Windows\System32\PROUnstl.exe
2013-02-08 20:26:01--------d-----w-C:\Users\Alex\AppData\Local\SlimWare Utilities Inc
2013-02-08 20:25:39--------d-----w-C:\Program Files (x86)\SlimDrivers
2013-02-07 03:51:19--------d-----w-C:\ProgramData\Atheros
2013-02-05 15:59:41--------d-----w-C:\Users\Alex\AppData\Local\Apple Computer
2013-02-05 15:59:3833240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-02-05 15:59:11--------d-----w-C:\Users\Alex\AppData\Local\Apple
2013-02-05 15:59:00--------d-----w-C:\Program Files\Bonjour
2013-02-05 15:59:00--------d-----w-C:\Program Files (x86)\Bonjour
2013-02-05 02:10:50314368----a-w-C:\Windows\IsUninst.exe
2013-02-04 20:37:07--------d-----w-C:\Users\Alex\AppData\Roaming\LolClient
2013-02-04 05:05:54467984----a-w-C:\Windows\SysWow64\d3dx10_39.dll
2013-02-04 05:05:543851784----a-w-C:\Windows\SysWow64\D3DX9_39.dll
2013-02-04 05:05:541493528----a-w-C:\Windows\SysWow64\D3DCompiler_39.dll
2013-02-04 05:04:37--------d-----w-C:\Riot Games
2013-02-04 03:28:44--------d-----w-C:\Users\Alex\AppData\Local\PMB Files
2013-02-04 03:28:43--------d-----w-C:\ProgramData\PMB Files
2013-02-04 03:28:35--------d-----w-C:\Program Files (x86)\Pando Networks
2013-02-04 03:28:19--------d-----w-C:\Users\Alex\.swt
2013-02-03 23:58:18--------d-----w-C:\Users\Alex\AppData\Roaming\MathWorks
2013-02-03 00:23:41--------d-----w-C:\Program Files (x86)\Hobbyist Software
.
==================== Find3M ====================
.
2013-02-27 23:21:4871024----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 23:21:48691568----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-21 18:23:58861088----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-02-21 18:23:58782240----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-02-10 01:04:316393120----a-w-C:\Windows\System32\nvcpl.dll
2013-02-10 01:04:313472672----a-w-C:\Windows\System32\nvsvc64.dll
2013-02-10 01:04:29877856----a-w-C:\Windows\System32\nvvsvc.exe
2013-02-10 01:04:2963776----a-w-C:\Windows\System32\nvshext.dll
2013-02-10 01:04:29237856----a-w-C:\Windows\System32\nvmctray.dll
2013-02-09 13:25:363035306----a-w-C:\Windows\System32\nvcoproc.bin
2013-01-17 06:28:58273840------w-C:\Windows\System32\MpSigStub.exe
2013-01-15 23:05:53281688----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
2013-01-15 23:05:53281688----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2013-01-09 20:17:43281688----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2013-01-09 01:19:092312704----a-w-C:\Windows\System32\jscript9.dll
2013-01-09 01:12:031392128----a-w-C:\Windows\System32\wininet.dll
2013-01-09 01:11:061494528----a-w-C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51173056----a-w-C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47599040----a-w-C:\Windows\System32\vbscript.dll
2013-01-09 01:04:422382848----a-w-C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:211800704----a-w-C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:201129472----a-w-C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:121427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29420864----a-w-C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:232382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-01-08 21:28:17419840----a-w-C:\Windows\System32\wrap_oal.dll
2013-01-08 21:28:17413696----a-w-C:\Windows\SysWow64\wrap_oal.dll
2013-01-08 21:28:17133632----a-w-C:\Windows\System32\OpenAL32.dll
2013-01-08 21:28:17110592----a-w-C:\Windows\SysWow64\OpenAL32.dll
2013-01-05 04:49:5176888----a-w-C:\Windows\SysWow64\PnkBstrA.exe
2013-01-04 05:37:01362496----a-w-C:\Windows\System32\wow64win.dll
2013-01-04 05:37:00243200----a-w-C:\Windows\System32\wow64.dll
2013-01-04 05:37:0013312----a-w-C:\Windows\System32\wow64cpu.dll
2013-01-04 05:36:33215040----a-w-C:\Windows\System32\winsrv.dll
2013-01-04 05:33:4916384----a-w-C:\Windows\System32\ntvdm64.dll
2013-01-04 05:30:34424960----a-w-C:\Windows\System32\KernelBase.dll
2013-01-04 05:27:036144---ha-w-C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27:033072---ha-w-C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27:033072---ha-w-C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27:024608---ha-w-C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27:024096---ha-w-C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27:024096---ha-w-C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27:013584---ha-w-C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27:013072---ha-w-C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27:004608---ha-w-C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27:003584---ha-w-C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:27:003072---ha-w-C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:51:095120----a-w-C:\Windows\SysWow64\wow32.dll
2013-01-04 04:51:08274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2013-01-04 03:19:55338432----a-w-C:\Windows\System32\conhost.exe
2013-01-04 02:48:3725600----a-w-C:\Windows\SysWow64\setup16.exe
2013-01-04 02:48:347680----a-w-C:\Windows\SysWow64\instnm.exe
2013-01-04 02:48:3414336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-01-04 02:48:332048----a-w-C:\Windows\SysWow64\user.exe
2013-01-04 02:43:353584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43:346144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43:344608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43:343072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-01-03 19:15:27967----a-w-C:\Windows\ScUnin.pif
2013-01-03 19:15:2770656----a-w-C:\Windows\ScUnin.exe
2013-01-03 07:08:27447752----a-w-C:\Windows\SysWow64\vp6vfw.dll
2013-01-01 04:37:45959976----a-w-C:\Windows\System32\deployJava1.dll
2013-01-01 04:37:451081320----a-w-C:\Windows\System32\npDeployJava1.dll
2013-01-01 04:37:45108008----a-w-C:\Windows\System32\WindowsAccessBridge-64.dll
2013-01-01 01:41:55669184----a-w-C:\Windows\SysWow64\pbsvc.exe
2012-12-30 20:02:35867616----a-w-C:\Windows\PE_Rom.dll
2012-12-30 20:02:14933152----a-w-C:\Windows\PE_File.dll
2012-12-30 19:02:4416896----a-w-C:\Windows\AsTaskSched.dll
2012-12-30 17:02:23283200----a-w-C:\Windows\System32\drivers\dtsoftbus01.sys
2012-12-30 06:56:55982912----a-w-C:\Windows\System32\drivers\dxgkrnl.sys
2012-12-29 10:34:471813432----a-w-C:\Windows\System32\nvdispco64.dll
2012-12-29 10:34:471504696----a-w-C:\Windows\System32\nvdispgenco64.dll
2012-12-19 05:42:0031672----a-w-C:\Windows\System32\nvhdap64.dll
2012-12-19 05:41:52194488----a-w-C:\Windows\System32\drivers\nvhda64v.sys
2012-12-18 14:33:4488600----a-w-C:\Windows\System32\LMIRfsClientNP.dll
2012-12-18 14:33:3084472----a-w-C:\Windows\System32\LMIinit.dll
2012-12-18 14:33:3035832----a-w-C:\Windows\System32\LMIport.dll
2012-12-18 08:31:251510328----a-w-C:\Windows\System32\nvhdagenco6420103.dll
2012-12-16 16:52:0246080----a-w-C:\Windows\System32\atmlib.dll
2012-12-16 14:40:45367616----a-w-C:\Windows\System32\atmfd.dll
2012-12-16 14:25:27295424----a-w-C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:25:1934304----a-w-C:\Windows\SysWow64\atmlib.dll
2012-12-07 05:41:16441856----a-w-C:\Windows\System32\Wpc.dll
2012-12-07 05:35:342745856----a-w-C:\Windows\System32\gameux.dll
2012-12-07 05:04:20308736----a-w-C:\Windows\SysWow64\Wpc.dll
2012-12-07 04:57:382576384----a-w-C:\Windows\SysWow64\gameux.dll
2012-12-07 03:21:0845568----a-w-C:\Windows\SysWow64\oflc-nz.rs
2012-12-03 15:47:1460776----a-w-C:\Windows\System32\OpenCL.dll
2012-12-03 15:47:1452584----a-w-C:\Windows\SysWow64\OpenCL.dll
.
============= FINISH: 17:10:07.99 ===============
from ATTACH
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/30/2012 12:41:42 AM
System Uptime: 2/28/2013 10:03:57 AM (7 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P8P67 DELUXE
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 30.601 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 489.45 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 414.819 GiB free.
F: is CDROM ()
I: is Removable
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Service:
.
==== System Restore Points ===================
.
RP76: 2/21/2013 1:22:29 PM - Installed Java 7 Update 15
RP77: 2/21/2013 1:27:39 PM - Windows Update
RP78: 2/27/2013 2:08:48 PM - Windows Update
RP79: 2/27/2013 10:31:22 PM - combofix
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Reader XI (11.0.02)
Adobe Widget Browser
Adobe® Content Viewer
AI Suite II
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Autodesk Backburner 2013.0.0
Autodesk DirectConnect 2013 64-bit
Autodesk Download Manager
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit
Autodesk MatchMover 2013 64-bit
Autodesk Maya 2013 64-bit
bl
Bluetooth Win7 Suite (64)
Bonjour
calibre 64bit
Composite 2013 64-bit
Counter-Strike: Source
Crysis(R)
CSS FULL DZ [Oct 15 2007] v18.1
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DigitalPersona Personal 5.1
ESET Smart Security
Far Cry 3
FileZilla Client 3.6.0.2
foobar2000 v1.2
GameSpy Comrade
Google Chrome
Google Update Helper
GPGNet
Guild Wars
Guild Wars 2
Intel(R) Management Engine Components
Intel(R) Network Connections 17.3.63.0
Intel® Trusted Connect Service Client
Intel® Watchdog Timer Driver (Intel® WDT)
iTunes
Java 7 Update 10 (64-bit)
Java 7 Update 15
Java Auto Updater
JMicron JMB36X Driver
Junk Mail filter update
League of Legends
Link Shell Extension
LogMeIn
Malwarebytes Anti-Malware version 1.70.0.1100
marvell 91xx driver
MATLAB R2011b
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual J# 2.0 Redistributable Package
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MSVCRT
MSVCRT_amd64
Nexus Mod Manager
Notepad++
NVIDIA 3D Vision Controller Driver 314.07
NVIDIA 3D Vision Driver 314.07
NVIDIA Control Panel 314.07
NVIDIA GeForce Experience 1.0.1 (BETA)
NVIDIA Graphics Driver 314.07
NVIDIA HD Audio Driver 1.3.23.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 2.47.62
NVIDIA Update Components
Offspring Fling!
OpenAL
OpenVPN 2.2.2
Origin
Pando Media Booster
PDF Settings CS6
ph
Portal
PunkBuster Services
Rainmeter
Razer Nostromo
Razer Synapse 2.0
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
RocketDock 1.3.5
Sculptris Alpha 6
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Sins of a Solar Empire Rebellion (c) Stardock version 1
Sins of a Solar Empire Trinity
Skype™ 6.0
Snapshot
Snapshot version 0.1
Sorian AI Mod 2.1.1
Star Wars: The Old Republic
Starcraft
StarCraft II
Steam
Supreme Commander - Forged Alliance
The Elder Scrolls V: Skyrim
The Last Remnant
The Sims™ 3
Tom Clancy's Splinter Cell: Conviction
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uplay
Validity Sensors DDK
VLC media player 2.0.5
VLC Setup Helper
Wacom Tablet
WebTablet FB Plugin 32 bit
WebTablet FB Plugin 64 bit
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
ZBrush 4R5
ZumoCast
.
==== Event Viewer Messages From Past Week ========
.
2/28/2013 10:36:25 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
2/28/2013 10:31:55 AM, Error: Service Control Manager [7030] -
2/27/2013 9:15:34 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
2/27/2013 5:21:04 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4.
.
==== End Of File ===========================
from MBAM
Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org
Database version: v2013.02.27.12
Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Alex :: MANDALORE [administrator]
Protection: Enabled
2/28/2013 5:06:37 PM
mbam-log-2013-02-28 (17-06-37).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 244828
Time elapsed: 1 minute(s),
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
from DDS
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.15.2
Run by Alex at 17:09:53 on 2013-02-28
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.16351.12789 [GMT -5:00]
.
AV: ESET Smart Security 5.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 5.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal firewall *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
C:\Windows\system32\vcsFPService.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Program Files\DigitalPersona\Bin\DpHostW.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
C:\Program Files\Tablet\Wacom\WacomHost.exe
C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\explorer.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\notepad.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uProxyOverride = <local>;*.local
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: CIESpeechBHO Class: {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Akamai NetSession Interface] "C:\Users\Alex\AppData\Local\Akamai\netsession_win.exe"
uRun: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler
uRun: [ZumoCast] C:\Program Files (x86)\Zecter\ZumoCast\ZumoLauncher.lnk
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
mRun: [Razer Nostromo Driver] C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [ADSK DLMSession] C:\Program Files (x86)\Common Files\Autodesk Shared\Autodesk Download Manager\DLMSession.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Alex\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxp://support.asus.com/select/asusTek_sys_ctrl3.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{15DA0D4B-EF5A-4888-92DA-A1670F41D93F} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{44AEE0CB-EBCB-442A-8186-4535BBA7A90E} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Notification Packages = DPPassFilter scecli
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\25.0.1364.97\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [AtherosBtStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
x64-Run: [AthBtTray] "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORDTSUPTBT
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2012-11-16 62024]
R0 mv91cons;Marvell 91xx Config Device Driver;C:\Windows\System32\drivers\mv91cons.sys [2011-11-11 27440]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-12-31 56208]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-12-30 283200]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2012-11-16 209808]
R1 EpfwLWF;Epfw NDIS LightWeight Filter;C:\Windows\System32\drivers\EpfwLWF.sys [2012-3-28 38288]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [2012-12-30 918144]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2012-12-30 915584]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [2012-12-30 586880]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2010-10-27 52896]
R2 DTSAudioService;DTSAudioService;C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [2013-2-8 210024]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2012-11-16 913184]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-6-19 634632]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2012-7-27 170824]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2013-2-8 166720]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2012-12-18 376320]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files (x86)\LogMeIn\x64\rainfo.sys [2013-1-2 15928]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\Windows\System32\drivers\LMIRfsDriver.sys [2013-1-1 72216]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-2-27 398184]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-2-27 682344]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2013-2-9 383264]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\Windows\System32\vcsFPService.exe [2010-10-19 3141424]
R2 WTabletServicePro;Wacom Professional Service;C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [2013-1-21 613760]
R3 AthBTPort;Atheros Virtual Bluetooth Class;C:\Windows\System32\drivers\btath_flt.sys [2010-10-27 38248]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:\Windows\System32\drivers\btath_a2dp.sys [2010-10-27 301680]
R3 BTATH_BUS;Atheros Bluetooth Bus;C:\Windows\System32\drivers\btath_bus.sys [2010-10-27 31080]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:\Windows\System32\drivers\btath_hcrp.sys [2010-10-27 203624]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:\Windows\System32\drivers\btath_lwflt.sys [2010-10-27 58992]
R3 BTATH_RCP;Bluetooth AVRCP Device;C:\Windows\System32\drivers\btath_rcp.sys [2010-10-27 156520]
R3 BtFilter;BtFilter;C:\Windows\System32\drivers\btfilter.sys [2010-10-27 279152]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2012-12-30 26136]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-2-27 24176]
R3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista;C:\Windows\System32\drivers\netr28x.sys [2009-6-10 620544]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-12-10 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-12-10 181248]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2013-2-8 553576]
R3 rzendpt;rzendpt;C:\Windows\System32\drivers\rzendpt.sys [2012-11-7 22016]
R3 rzjoystk;Razer VJoystick;C:\Windows\System32\drivers\rzjoystk.sys [2012-10-18 19968]
R3 rzudd;Razer Mouse Driver;C:\Windows\System32\drivers\rzudd.sys [2012-11-7 113664]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-1-1 160944]
S3 ATHDFU;Atheros Valkyrie USB BootROM;C:\Windows\System32\drivers\AthDfu.sys [2010-10-27 55336]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-12-31 1432400]
S3 hidkmdf;KMDF Driver;C:\Windows\System32\drivers\hidkmdf.sys [2013-1-21 13728]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2012-7-15 30720]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-9-28 53760]
S3 WacHidRouter;Wacom Hid Router;C:\Windows\System32\drivers\wachidrouter.sys [2013-1-21 81312]
S3 wacomrouterfilter;Wacom Router Filter Driver;C:\Windows\System32\drivers\wacomrouterfilter.sys [2013-1-21 15776]
.
=============== File Associations ===============
.
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2013-02-28 19:07:04--------d-sh--w-C:\$RECYCLE.BIN
2013-02-28 15:26:29--------d-----w-C:\ComboFix
2013-02-28 14:36:00256000----a-w-C:\Windows\PEV.exe
2013-02-28 14:36:00208896----a-w-C:\Windows\MBR.exe
2013-02-28 14:35:5998816----a-w-C:\Windows\sed.exe
2013-02-28 02:00:22--------d-----w-C:\FRST
2013-02-27 22:32:36--------d-----w-C:\Users\Alex\AppData\Roaming\Malwarebytes
2013-02-27 22:32:3124176----a-w-C:\Windows\System32\drivers\mbam.sys
2013-02-27 22:32:31--------d-----w-C:\ProgramData\Malwarebytes
2013-02-27 22:32:31--------d-----w-C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-02-27 19:08:559162192----a-w-C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A3287CD1-72E7-4BB1-9994-A186AB995AF9}\mpengine.dll
2013-02-27 18:37:33--------d-sh--w-C:\Windows\SysWow64\%APPDATA%
2013-02-21 18:24:0295648----a-w-C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-21 17:26:54--------d-----w-C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-21 17:26:54--------d-----w-C:\Program Files\iTunes
2013-02-21 17:26:54--------d-----w-C:\Program Files\iPod
2013-02-21 17:26:54--------d-----w-C:\Program Files (x86)\iTunes
2013-02-19 18:45:23--------d-----w-C:\Users\Alex\AppData\Local\NVIDIA
2013-02-17 17:13:55996352----a-w-C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 17:13:55768000----a-w-C:\Program Files (x86)\Common Files\Microsoft Shared\VGX\VGX.dll
2013-02-17 17:11:565500776----a-w-C:\Windows\System32\ntoskrnl.exe
2013-02-17 17:11:543957608----a-w-C:\Windows\SysWow64\ntkrnlpa.exe
2013-02-17 17:11:543902312----a-w-C:\Windows\SysWow64\ntoskrnl.exe
2013-02-17 17:11:531893224----a-w-C:\Windows\System32\drivers\tcpip.sys
2013-02-17 17:11:52287576----a-w-C:\Windows\System32\drivers\FWPKCLNT.SYS
2013-02-17 17:11:393150848----a-w-C:\Windows\System32\win32k.sys
2013-02-09 23:43:52555808----a-w-C:\Windows\SysWow64\nvStreaming.exe
2013-02-08 23:53:10--------d-----w-C:\Program Files (x86)\Renesas Electronics
2013-02-08 21:13:2815168----a-w-C:\Windows\System32\drivers\IntelMEFWVer.dll
2013-02-08 21:12:2362784----a-w-C:\Windows\System32\drivers\HECIx64.sys
2013-02-08 21:10:14--------d-----w-C:\Users\Alex\AppData\Local\Matrox
2013-02-08 21:07:57--------d-----w-C:\Program Files (x86)\Marvell
2013-02-08 21:06:05315904----a-w-C:\Windows\SysWow64\Difxc336.rra
2013-02-08 21:06:03--------d-----w-C:\Windows\RaidTool
2013-02-08 21:05:48753664----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll
2013-02-08 21:05:4869714----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll
2013-02-08 21:05:4863488----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe
2013-02-08 21:05:485632----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe
2013-02-08 21:05:4832768----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll
2013-02-08 21:05:48274432----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll
2013-02-08 21:05:48184320----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll
2013-02-08 21:05:47331908----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll
2013-02-08 21:05:47200836----a-w-C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll
2013-02-08 21:05:47120920----a-w-C:\Windows\System32\drivers\jraid.sys
2013-02-08 21:04:5374272----a-w-C:\Windows\System32\RtNicProp64.dll
2013-02-08 21:04:53553576----a-w-C:\Windows\System32\drivers\Rt64win7.sys
2013-02-08 20:49:2153248----a-w-C:\Windows\SysWow64\CSVer.dll
2013-02-08 20:37:58--------d-----w-C:\Program Files (x86)\Realtek
2013-02-08 20:32:47538496----a-w-C:\Windows\System32\PROUnstl.exe
2013-02-08 20:26:01--------d-----w-C:\Users\Alex\AppData\Local\SlimWare Utilities Inc
2013-02-08 20:25:39--------d-----w-C:\Program Files (x86)\SlimDrivers
2013-02-07 03:51:19--------d-----w-C:\ProgramData\Atheros
2013-02-05 15:59:41--------d-----w-C:\Users\Alex\AppData\Local\Apple Computer
2013-02-05 15:59:3833240----a-w-C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-02-05 15:59:11--------d-----w-C:\Users\Alex\AppData\Local\Apple
2013-02-05 15:59:00--------d-----w-C:\Program Files\Bonjour
2013-02-05 15:59:00--------d-----w-C:\Program Files (x86)\Bonjour
2013-02-05 02:10:50314368----a-w-C:\Windows\IsUninst.exe
2013-02-04 20:37:07--------d-----w-C:\Users\Alex\AppData\Roaming\LolClient
2013-02-04 05:05:54467984----a-w-C:\Windows\SysWow64\d3dx10_39.dll
2013-02-04 05:05:543851784----a-w-C:\Windows\SysWow64\D3DX9_39.dll
2013-02-04 05:05:541493528----a-w-C:\Windows\SysWow64\D3DCompiler_39.dll
2013-02-04 05:04:37--------d-----w-C:\Riot Games
2013-02-04 03:28:44--------d-----w-C:\Users\Alex\AppData\Local\PMB Files
2013-02-04 03:28:43--------d-----w-C:\ProgramData\PMB Files
2013-02-04 03:28:35--------d-----w-C:\Program Files (x86)\Pando Networks
2013-02-04 03:28:19--------d-----w-C:\Users\Alex\.swt
2013-02-03 23:58:18--------d-----w-C:\Users\Alex\AppData\Roaming\MathWorks
2013-02-03 00:23:41--------d-----w-C:\Program Files (x86)\Hobbyist Software
.
==================== Find3M ====================
.
2013-02-27 23:21:4871024----a-w-C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-27 23:21:48691568----a-w-C:\Windows\SysWow64\FlashPlayerApp.exe
2013-02-21 18:23:58861088----a-w-C:\Windows\SysWow64\npDeployJava1.dll
2013-02-21 18:23:58782240----a-w-C:\Windows\SysWow64\deployJava1.dll
2013-02-10 01:04:316393120----a-w-C:\Windows\System32\nvcpl.dll
2013-02-10 01:04:313472672----a-w-C:\Windows\System32\nvsvc64.dll
2013-02-10 01:04:29877856----a-w-C:\Windows\System32\nvvsvc.exe
2013-02-10 01:04:2963776----a-w-C:\Windows\System32\nvshext.dll
2013-02-10 01:04:29237856----a-w-C:\Windows\System32\nvmctray.dll
2013-02-09 13:25:363035306----a-w-C:\Windows\System32\nvcoproc.bin
2013-01-17 06:28:58273840------w-C:\Windows\System32\MpSigStub.exe
2013-01-15 23:05:53281688----a-w-C:\Windows\SysWow64\PnkBstrB.xtr
2013-01-15 23:05:53281688----a-w-C:\Windows\SysWow64\PnkBstrB.exe
2013-01-09 20:17:43281688----a-w-C:\Windows\SysWow64\PnkBstrB.ex0
2013-01-09 01:19:092312704----a-w-C:\Windows\System32\jscript9.dll
2013-01-09 01:12:031392128----a-w-C:\Windows\System32\wininet.dll
2013-01-09 01:11:061494528----a-w-C:\Windows\System32\inetcpl.cpl
2013-01-09 01:07:51173056----a-w-C:\Windows\System32\ieUnatt.exe
2013-01-09 01:07:47599040----a-w-C:\Windows\System32\vbscript.dll
2013-01-09 01:04:422382848----a-w-C:\Windows\System32\mshtml.tlb
2013-01-08 22:11:211800704----a-w-C:\Windows\SysWow64\jscript9.dll
2013-01-08 22:03:201129472----a-w-C:\Windows\SysWow64\wininet.dll
2013-01-08 22:03:121427968----a-w-C:\Windows\SysWow64\inetcpl.cpl
2013-01-08 21:59:02142848----a-w-C:\Windows\SysWow64\ieUnatt.exe
2013-01-08 21:58:29420864----a-w-C:\Windows\SysWow64\vbscript.dll
2013-01-08 21:56:232382848----a-w-C:\Windows\SysWow64\mshtml.tlb
2013-01-08 21:28:17419840----a-w-C:\Windows\System32\wrap_oal.dll
2013-01-08 21:28:17413696----a-w-C:\Windows\SysWow64\wrap_oal.dll
2013-01-08 21:28:17133632----a-w-C:\Windows\System32\OpenAL32.dll
2013-01-08 21:28:17110592----a-w-C:\Windows\SysWow64\OpenAL32.dll
2013-01-05 04:49:5176888----a-w-C:\Windows\SysWow64\PnkBstrA.exe
2013-01-04 05:37:01362496----a-w-C:\Windows\System32\wow64win.dll
2013-01-04 05:37:00243200----a-w-C:\Windows\System32\wow64.dll
2013-01-04 05:37:0013312----a-w-C:\Windows\System32\wow64cpu.dll
2013-01-04 05:36:33215040----a-w-C:\Windows\System32\winsrv.dll
2013-01-04 05:33:4916384----a-w-C:\Windows\System32\ntvdm64.dll
2013-01-04 05:30:34424960----a-w-C:\Windows\System32\KernelBase.dll
2013-01-04 05:27:036144---ha-w-C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
2013-01-04 05:27:033072---ha-w-C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 05:27:033072---ha-w-C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
2013-01-04 05:27:024608---ha-w-C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 05:27:024096---ha-w-C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-01-04 05:27:024096---ha-w-C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
2013-01-04 05:27:013584---ha-w-C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-01-04 05:27:013072---ha-w-C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
2013-01-04 05:27:004608---ha-w-C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
2013-01-04 05:27:003584---ha-w-C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-01-04 05:27:003072---ha-w-C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
2013-01-04 04:51:095120----a-w-C:\Windows\SysWow64\wow32.dll
2013-01-04 04:51:08274944----a-w-C:\Windows\SysWow64\KernelBase.dll
2013-01-04 03:19:55338432----a-w-C:\Windows\System32\conhost.exe
2013-01-04 02:48:3725600----a-w-C:\Windows\SysWow64\setup16.exe
2013-01-04 02:48:347680----a-w-C:\Windows\SysWow64\instnm.exe
2013-01-04 02:48:3414336----a-w-C:\Windows\SysWow64\ntvdm64.dll
2013-01-04 02:48:332048----a-w-C:\Windows\SysWow64\user.exe
2013-01-04 02:43:353584---ha-w-C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2013-01-04 02:43:346144---ha-w-C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2013-01-04 02:43:344608---ha-w-C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2013-01-04 02:43:343072---ha-w-C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2013-01-03 19:15:27967----a-w-C:\Windows\ScUnin.pif
2013-01-03 19:15:2770656----a-w-C:\Windows\ScUnin.exe
2013-01-03 07:08:27447752----a-w-C:\Windows\SysWow64\vp6vfw.dll
2013-01-01 04:37:45959976----a-w-C:\Windows\System32\deployJava1.dll
2013-01-01 04:37:451081320----a-w-C:\Windows\System32\npDeployJava1.dll
2013-01-01 04:37:45108008----a-w-C:\Windows\System32\WindowsAccessBridge-64.dll
2013-01-01 01:41:55669184----a-w-C:\Windows\SysWow64\pbsvc.exe
2012-12-30 20:02:35867616----a-w-C:\Windows\PE_Rom.dll
2012-12-30 20:02:14933152----a-w-C:\Windows\PE_File.dll
2012-12-30 19:02:4416896----a-w-C:\Windows\AsTaskSched.dll
2012-12-30 17:02:23283200----a-w-C:\Windows\System32\drivers\dtsoftbus01.sys
2012-12-30 06:56:55982912----a-w-C:\Windows\System32\drivers\dxgkrnl.sys
2012-12-29 10:34:471813432----a-w-C:\Windows\System32\nvdispco64.dll
2012-12-29 10:34:471504696----a-w-C:\Windows\System32\nvdispgenco64.dll
2012-12-19 05:42:0031672----a-w-C:\Windows\System32\nvhdap64.dll
2012-12-19 05:41:52194488----a-w-C:\Windows\System32\drivers\nvhda64v.sys
2012-12-18 14:33:4488600----a-w-C:\Windows\System32\LMIRfsClientNP.dll
2012-12-18 14:33:3084472----a-w-C:\Windows\System32\LMIinit.dll
2012-12-18 14:33:3035832----a-w-C:\Windows\System32\LMIport.dll
2012-12-18 08:31:251510328----a-w-C:\Windows\System32\nvhdagenco6420103.dll
2012-12-16 16:52:0246080----a-w-C:\Windows\System32\atmlib.dll
2012-12-16 14:40:45367616----a-w-C:\Windows\System32\atmfd.dll
2012-12-16 14:25:27295424----a-w-C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:25:1934304----a-w-C:\Windows\SysWow64\atmlib.dll
2012-12-07 05:41:16441856----a-w-C:\Windows\System32\Wpc.dll
2012-12-07 05:35:342745856----a-w-C:\Windows\System32\gameux.dll
2012-12-07 05:04:20308736----a-w-C:\Windows\SysWow64\Wpc.dll
2012-12-07 04:57:382576384----a-w-C:\Windows\SysWow64\gameux.dll
2012-12-07 03:21:0845568----a-w-C:\Windows\SysWow64\oflc-nz.rs
2012-12-03 15:47:1460776----a-w-C:\Windows\System32\OpenCL.dll
2012-12-03 15:47:1452584----a-w-C:\Windows\SysWow64\OpenCL.dll
.
============= FINISH: 17:10:07.99 ===============
from ATTACH
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 12/30/2012 12:41:42 AM
System Uptime: 2/28/2013 10:03:57 AM (7 hours ago)
.
Motherboard: ASUSTeK Computer INC. | | P8P67 DELUXE
Processor: Intel(R) Core(TM) i7-2600K CPU @ 3.40GHz | LGA1155 | 3401/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 112 GiB total, 30.601 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 489.45 GiB free.
E: is FIXED (NTFS) - 932 GiB total, 414.819 GiB free.
F: is CDROM ()
I: is Removable
J: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&00010008_PID&B00A\8&2E9958BA&0&40984E05C818_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A962AD42_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{453994D5-D58B-96F9-6616-B37F586BA2EC}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{936DA01F-9ABD-4D9D-80C7-02AF85C822A8}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Service:
.
Class GUID:
Description: Bluetooth Peripheral Device
Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Manufacturer:
Name: Bluetooth Peripheral Device
PNP Device ID: BTHENUM\{05727150-3B77-4FC4-9312-581F0251CDE5}_VID&0001000F_PID&1200\8&2E9958BA&0&3085A9F93030_C00000000
Service:
.
==== System Restore Points ===================
.
RP76: 2/21/2013 1:22:29 PM - Installed Java 7 Update 15
RP77: 2/21/2013 1:27:39 PM - Windows Update
RP78: 2/27/2013 2:08:48 PM - Windows Update
RP79: 2/27/2013 10:31:22 PM - combofix
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Creative Suite 6 Master Collection
Adobe Download Assistant
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Help Manager
Adobe Reader XI (11.0.02)
Adobe Widget Browser
Adobe® Content Viewer
AI Suite II
Akamai NetSession Interface
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Autodesk Backburner 2013.0.0
Autodesk DirectConnect 2013 64-bit
Autodesk Download Manager
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit
Autodesk MatchMover 2013 64-bit
Autodesk Maya 2013 64-bit
bl
Bluetooth Win7 Suite (64)
Bonjour
calibre 64bit
Composite 2013 64-bit
Counter-Strike: Source
Crysis(R)
CSS FULL DZ [Oct 15 2007] v18.1
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
DigitalPersona Personal 5.1
ESET Smart Security
Far Cry 3
FileZilla Client 3.6.0.2
foobar2000 v1.2
GameSpy Comrade
Google Chrome
Google Update Helper
GPGNet
Guild Wars
Guild Wars 2
Intel(R) Management Engine Components
Intel(R) Network Connections 17.3.63.0
Intel® Trusted Connect Service Client
Intel® Watchdog Timer Driver (Intel® WDT)
iTunes
Java 7 Update 10 (64-bit)
Java 7 Update 15
Java Auto Updater
JMicron JMB36X Driver
Junk Mail filter update
League of Legends
Link Shell Extension
LogMeIn
Malwarebytes Anti-Malware version 1.70.0.1100
marvell 91xx driver
MATLAB R2011b
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4 Client Profile
Microsoft .NET Framework 4 Extended
Microsoft Application Error Reporting
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook Connector
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual J# 2.0 Redistributable Package
Microsoft WSE 3.0 Runtime
Microsoft_VC80_CRT_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
MSVCRT
MSVCRT_amd64
Nexus Mod Manager
Notepad++
NVIDIA 3D Vision Controller Driver 314.07
NVIDIA 3D Vision Driver 314.07
NVIDIA Control Panel 314.07
NVIDIA GeForce Experience 1.0.1 (BETA)
NVIDIA Graphics Driver 314.07
NVIDIA HD Audio Driver 1.3.23.1
NVIDIA Install Application
NVIDIA PhysX
NVIDIA PhysX System Software 9.12.1031
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 2.47.62
NVIDIA Update Components
Offspring Fling!
OpenAL
OpenVPN 2.2.2
Origin
Pando Media Booster
PDF Settings CS6
ph
Portal
PunkBuster Services
Rainmeter
Razer Nostromo
Razer Synapse 2.0
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
RocketDock 1.3.5
Sculptris Alpha 6
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft .NET Framework 4 Extended (KB2736428)
Security Update for Microsoft .NET Framework 4 Extended (KB2742595)
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Sins of a Solar Empire Rebellion (c) Stardock version 1
Sins of a Solar Empire Trinity
Skype™ 6.0
Snapshot
Snapshot version 0.1
Sorian AI Mod 2.1.1
Star Wars: The Old Republic
Starcraft
StarCraft II
Steam
Supreme Commander - Forged Alliance
The Elder Scrolls V: Skyrim
The Last Remnant
The Sims™ 3
Tom Clancy's Splinter Cell: Conviction
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
Uplay
Validity Sensors DDK
VLC media player 2.0.5
VLC Setup Helper
Wacom Tablet
WebTablet FB Plugin 32 bit
WebTablet FB Plugin 64 bit
Windows 7 USB/DVD Download Tool
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinRAR 4.20 (64-bit)
ZBrush 4R5
ZumoCast
.
==== Event Viewer Messages From Past Week ========
.
2/28/2013 10:36:25 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
2/28/2013 10:31:55 AM, Error: Service Control Manager [7030] -
2/27/2013 9:15:34 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
2/27/2013 5:21:04 PM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk4\DR4.
.
==== End Of File ===========================