Inactive Sirefef - 60 second computer reboots

[senapc]

....Yeah it got me too

Similar to this thread:
https://www.techspot.com/community/topics/sirefef-y-and-b-only-60sec-to-work.182106/

I have followed the steps up until the fixlist part - below are the logs that I got from running frst64

Any help is much appreciated.

FRST64 log:

Scan result of Farbar Recovery Scan Tool Version: 23-06-2012
Ran by SYSTEM at 23-06-2012 13:21:17
Running from F:\
Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
The current controlset is ControlSet001

========================== Registry (Whitelisted) =============

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11545192 2010-11-02] (Realtek Semiconductor)
HKLM\...\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices [112512 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" [57928 2011-09-16] (LogMeIn, Inc.)
HKLM\...\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey [1271168 2012-03-26] (Microsoft Corporation)
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-05] (Intel Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [620152 2006-10-22] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] [x]
HKLM-x32\...\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" [74752 2011-12-09] (Nullsoft, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [254696 2012-01-18] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [NPSStartup] [x]
HKLM-x32\...\Run: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" [313768 2012-05-29] (Razer USA Ltd)
HKLM-x32\...\Run: [Regedit32] C:\Windows\system32\regedit.exe [x]
HKU\Simon\...\Run: [0i763f66bz] C:\Users\Simon\0i763f66bz.exe [40960 2012-06-23] (SmoothCandle)
Tcpip\Parameters: [DhcpNameServer] 192.168.65.1
Startup: C:\Users\All Users\Start Menu\Programs\Startup\UltraMon.lnk
ShortcutTarget: UltraMon.lnk -> C:\Windows\Installer\{537056B7-32A4-4408-9B54-0341963C7C9C}\IcoUltraMon.ico ()

==================== Services (Whitelisted) ======

2 EventSystem; C:\Windows\SysWow64\es.dll [271360 2009-07-13] (Microsoft Corporation)
2 LMIGuardianSvc; "C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe" [375176 2012-05-18] (LogMeIn, Inc.)
2 LMIMaint; "C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe" [147336 2012-05-18] (LogMeIn, Inc.)
2 LogMeIn; "C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe" [407424 2011-09-16] (LogMeIn, Inc.)
3 Microsoft SharePoint Workspace Audit Service; "C:\Program Files\Microsoft Office\Office14\GROOVE.EXE" /auditservice [51740536 2011-06-12] (Microsoft Corporation)
2 MsMpSvc; "C:\Program Files\Microsoft Security Client\MsMpEng.exe" [12600 2012-03-26] (Microsoft Corporation)
3 ose64; "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE" [174440 2010-01-09] (Microsoft Corporation)

========================== Drivers (Whitelisted) =============

0 7a6ca506207a113; C:\Windows\System32\Drivers\7a6ca506207a113.sys [74184 2012-06-23] ()
3 dsNcAdpt; C:\Windows\System32\Drivers\dsNcAdpt.sys [32768 2011-04-25] (Juniper Networks)
2 LMIInfo; \??\C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [15928 2011-09-16] (LogMeIn, Inc.)
3 lmimirr; C:\Windows\System32\Drivers\lmimirr.sys [11552 2011-09-16] (LogMeIn, Inc.)
2 LMIRfsDriver; C:\Windows\System32\Drivers\LMIRfsDriver.sys [72216 2011-09-16] (LogMeIn, Inc.)
3 RTCore64; \??\C:\Program Files (x86)\EVGA Precision\RTCore64.sys [13416 2012-01-16] ()
3 rzudd; C:\Windows\System32\Drivers\rzudd.sys [94208 2012-05-14] (Razer USA Ltd)
2 SSPORT; C:\Windows\System32\Drivers\SSPORT.sys [11576 2011-01-23] (Samsung Electronics)
4 LMIRfsClientNP; [x]
3 VGPU; C:\Windows\System32\drivers\rdvgkmd.sys [x]

========================== NetSvcs (Whitelisted) ===========


============ One Month Created Files and Folders ==============

2012-06-23 11:40 - 2012-06-23 11:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-23 11:39 - 2012-06-23 11:40 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-23 11:27 - 2012-06-23 11:27 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-23 11:27 - 2012-06-23 11:27 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Malwarebytes
2012-06-23 11:27 - 2012-06-23 11:27 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-23 11:27 - 2012-06-23 11:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-23 11:27 - 2012-04-04 14:56 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-06-23 11:25 - 2012-06-23 11:25 - 00074184 ____A C:\Windows\System32\Drivers\7a6ca506207a113.sys
2012-06-23 00:29 - 2012-06-23 00:29 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-23 00:25 - 2012-06-23 00:25 - 00040960 ____A (SmoothCandle) C:\Users\Simon\0i763f66bz.exe
2012-06-18 16:53 - 2012-06-02 14:19 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-18 16:53 - 2012-06-02 14:19 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-18 16:53 - 2012-06-02 14:19 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-18 16:53 - 2012-06-02 14:19 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-18 16:53 - 2012-06-02 14:19 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-18 16:53 - 2012-06-02 14:19 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-18 16:53 - 2012-06-02 14:15 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-18 16:53 - 2012-06-02 14:15 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-18 16:53 - 2012-06-02 14:15 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-06-11 17:02 - 2012-06-11 17:02 - 00000000 ____D C:\Users\Simon\AppData\Local\Macromedia
2012-05-26 23:24 - 2012-05-26 23:24 - 00307936 ____A C:\Users\Simon\Downloads\BEX_VC_10598.htm
2012-05-26 11:36 - 2012-02-27 23:34 - 17790976 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2012-05-26 11:36 - 2012-02-27 23:02 - 10888704 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2012-05-26 11:36 - 2012-02-27 22:56 - 02311168 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2012-05-26 11:36 - 2012-02-27 22:50 - 01345536 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2012-05-26 11:36 - 2012-02-27 22:49 - 01390080 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2012-05-26 11:36 - 2012-02-27 22:48 - 01493504 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2012-05-26 11:36 - 2012-02-27 22:48 - 00237056 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2012-05-26 11:36 - 2012-02-27 22:47 - 00085504 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2012-05-26 11:36 - 2012-02-27 22:45 - 00818688 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2012-05-26 11:36 - 2012-02-27 22:43 - 02144256 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2012-05-26 11:36 - 2012-02-27 22:43 - 00096256 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2012-05-26 11:36 - 2012-02-27 22:42 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2012-05-26 11:36 - 2012-02-27 22:39 - 00248320 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2012-05-26 11:36 - 2012-02-27 17:52 - 12281856 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2012-05-26 11:36 - 2012-02-27 17:27 - 09705984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2012-05-26 11:36 - 2012-02-27 17:18 - 01799168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2012-05-26 11:36 - 2012-02-27 17:12 - 01103360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2012-05-26 11:36 - 2012-02-27 17:11 - 01427456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2012-05-26 11:36 - 2012-02-27 17:11 - 01127424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2012-05-26 11:36 - 2012-02-27 17:09 - 00231936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2012-05-26 11:36 - 2012-02-27 17:08 - 00065024 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2012-05-26 11:36 - 2012-02-27 17:06 - 00716800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2012-05-26 11:36 - 2012-02-27 17:04 - 01792000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2012-05-26 11:36 - 2012-02-27 17:03 - 02382848 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2012-05-26 11:36 - 2012-02-27 17:03 - 00072704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2012-05-26 11:36 - 2012-02-27 16:59 - 00176640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2012-05-26 11:30 - 2012-02-29 22:46 - 00023408 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\fs_rec.sys
2012-05-26 11:30 - 2012-02-29 22:38 - 00220672 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2012-05-26 11:30 - 2012-02-29 22:33 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2012-05-26 11:30 - 2012-02-29 22:28 - 00005120 ____A (Microsoft Corporation) C:\Windows\System32\wmi.dll
2012-05-26 11:30 - 2012-02-29 21:37 - 00172544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2012-05-26 11:30 - 2012-02-29 21:33 - 00159232 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2012-05-26 11:30 - 2012-02-29 21:29 - 00005120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2012-05-26 11:23 - 2012-03-30 22:05 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-05-26 11:23 - 2012-03-30 20:39 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-05-26 11:23 - 2012-03-30 20:39 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-05-26 11:23 - 2012-03-30 19:10 - 03146240 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-05-26 11:23 - 2012-03-30 03:35 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-05-26 11:23 - 2012-03-16 23:58 - 00075120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\partmgr.sys
2012-05-26 11:23 - 2012-03-02 22:35 - 01544704 ____A (Microsoft Corporation) C:\Windows\System32\DWrite.dll
2012-05-26 11:23 - 2012-03-02 21:31 - 01077248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2012-05-26 11:23 - 2012-02-16 22:38 - 01112064 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2012-05-26 11:23 - 2012-02-16 22:38 - 01031680 ____A (Microsoft Corporation) C:\Windows\System32\rdpcore.dll
2012-05-26 11:23 - 2012-02-16 21:34 - 00826880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2012-05-26 11:23 - 2012-02-16 20:58 - 00210944 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpwd.sys
2012-05-26 11:23 - 2012-02-16 20:57 - 00023552 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tdtcp.sys
2012-05-26 11:23 - 2012-01-24 22:38 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorekmts.dll
2012-05-26 11:23 - 2012-01-24 22:38 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\rdpwsx.dll
2012-05-26 11:23 - 2012-01-24 22:33 - 00009216 ____A (Microsoft Corporation) C:\Windows\System32\rdrmemptylst.exe
2012-05-26 11:23 - 2012-01-04 02:44 - 14172672 ____A (Microsoft Corporation) C:\Windows\System32\shell32.dll
2012-05-26 11:23 - 2012-01-04 02:44 - 00509952 ____A (Microsoft Corporation) C:\Windows\System32\ntshrui.dll
2012-05-26 11:23 - 2012-01-04 00:59 - 12872704 ____A (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2012-05-26 11:23 - 2012-01-04 00:58 - 00442880 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2012-05-26 11:23 - 2011-12-29 22:26 - 00515584 ____A (Microsoft Corporation) C:\Windows\System32\timedate.cpl
2012-05-26 11:23 - 2011-12-29 21:27 - 00478720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2012-05-26 11:23 - 2011-12-27 19:59 - 00498688 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\afd.sys
2012-05-26 11:23 - 2011-12-16 00:46 - 00634880 ____A (Microsoft Corporation) C:\Windows\System32\msvcrt.dll
2012-05-26 11:23 - 2011-12-15 23:52 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2012-05-26 11:23 - 2011-03-24 19:29 - 00343040 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbhub.sys
2012-05-26 11:23 - 2011-03-24 19:29 - 00325120 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbport.sys
2012-05-26 11:23 - 2011-03-24 19:29 - 00098816 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2012-05-26 11:23 - 2011-03-24 19:29 - 00052736 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbehci.sys
2012-05-26 11:23 - 2011-03-24 19:29 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbuhci.sys
2012-05-26 11:23 - 2011-03-24 19:29 - 00025600 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbohci.sys
2012-05-26 11:23 - 2011-03-24 19:28 - 00007936 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\usbd.sys
2012-05-26 11:23 - 2011-03-10 22:41 - 01659776 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ntfs.sys
2012-05-26 11:23 - 2011-03-10 22:41 - 00410496 ____A (Intel Corporation) C:\Windows\System32\Drivers\iaStorV.sys
2012-05-26 11:23 - 2011-03-10 22:41 - 00189824 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\storport.sys
2012-05-26 11:23 - 2011-03-10 22:41 - 00166272 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvstor.sys
2012-05-26 11:23 - 2011-03-10 22:41 - 00148352 ____A (NVIDIA Corporation) C:\Windows\System32\Drivers\nvraid.sys
2012-05-26 11:23 - 2011-03-10 22:41 - 00107904 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdsata.sys
2012-05-26 11:23 - 2011-03-10 22:41 - 00027008 ____A (Advanced Micro Devices) C:\Windows\System32\Drivers\amdxata.sys
2012-05-26 11:23 - 2011-03-10 22:33 - 02565632 ____A (Microsoft Corporation) C:\Windows\System32\esent.dll
2012-05-26 11:23 - 2011-03-10 22:30 - 00096768 ____A (Microsoft Corporation) C:\Windows\System32\fsutil.exe
2012-05-26 11:23 - 2011-03-10 21:33 - 01699328 ____A (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2012-05-26 11:23 - 2011-03-10 21:31 - 00074240 ____A (Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
2012-05-26 11:23 - 2011-03-10 20:37 - 00091648 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS


============ 3 Months Modified Files and Folders =============

2012-06-23 12:18 - 2012-02-19 15:04 - 00000000 ____D C:\Users\All Users\NVIDIA
2012-06-23 12:18 - 2009-07-13 21:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2012-06-23 12:18 - 2009-07-13 20:51 - 00041124 ____A C:\Windows\setupact.log
2012-06-23 11:47 - 2012-02-11 19:43 - 01339046 ____A C:\Windows\WindowsUpdate.log
2012-06-23 11:44 - 2009-07-13 21:13 - 00786274 ____A C:\Windows\System32\PerfStringBackup.INI
2012-06-23 11:44 - 2009-07-13 20:45 - 00021840 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2012-06-23 11:44 - 2009-07-13 20:45 - 00021840 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2012-06-23 11:40 - 2012-06-23 11:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2012-06-23 11:40 - 2012-06-23 11:39 - 00000000 ____D C:\Program Files\Microsoft Security Client
2012-06-23 11:40 - 2012-02-11 20:33 - 00799932 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2012-06-23 11:40 - 2012-02-11 20:33 - 00001945 ____A C:\Windows\epplauncher.mif
2012-06-23 11:39 - 2012-04-14 23:08 - 00000000 ____D C:\Users\All Users\WebEx
2012-06-23 11:37 - 2010-11-20 19:47 - 00011594 ____A C:\Windows\PFRO.log
2012-06-23 11:32 - 2012-02-11 20:03 - 00000000 ____D C:\Users\Simon\Tracing
2012-06-23 11:27 - 2012-06-23 11:27 - 00001109 ____A C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2012-06-23 11:27 - 2012-06-23 11:27 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Malwarebytes
2012-06-23 11:27 - 2012-06-23 11:27 - 00000000 ____D C:\Users\All Users\Malwarebytes
2012-06-23 11:27 - 2012-06-23 11:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-06-23 11:25 - 2012-06-23 11:25 - 00074184 ____A C:\Windows\System32\Drivers\7a6ca506207a113.sys
2012-06-23 00:51 - 2012-03-03 23:11 - 00000000 ____D C:\Users\All Users\LogMeIn
2012-06-23 00:29 - 2012-06-23 00:29 - 00000000 __SHD C:\Windows\System32\%APPDATA%
2012-06-23 00:25 - 2012-06-23 00:25 - 00040960 ____A (SmoothCandle) C:\Users\Simon\0i763f66bz.exe
2012-06-23 00:25 - 2012-02-11 19:43 - 00000000 ____D C:\users\Simon
2012-06-23 00:24 - 2012-02-13 19:54 - 00001988 ___AH C:\Users\Simon\Documents\Default.rdp
2012-06-19 19:53 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2012-06-16 11:04 - 2012-04-24 22:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2012-06-15 22:59 - 2012-02-11 20:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2012-06-15 19:03 - 2012-02-11 20:14 - 00000000 ____D C:\Program Files (x86)\Steam
2012-06-11 23:00 - 2009-07-13 21:32 - 00000000 ____D C:\Windows\System32\FxsTmp
2012-06-11 17:02 - 2012-06-11 17:02 - 00000000 ____D C:\Users\Simon\AppData\Local\Macromedia
2012-06-11 17:02 - 2012-04-02 16:46 - 00426184 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2012-06-11 17:02 - 2012-02-11 20:37 - 00070344 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2012-06-10 20:32 - 2012-04-26 19:23 - 00000000 ____D C:\Program Files (x86)\Guild Wars 2
2012-06-09 16:46 - 2012-02-11 19:51 - 00000000 ____D C:\Program Files (x86)\EVGA Precision
2012-06-08 22:02 - 2012-02-11 19:55 - 00082056 ____A C:\Windows\DPINST.LOG
2012-06-07 18:08 - 2012-04-26 19:30 - 00001423 ____A C:\Users\Simon\Desktop\Guild Wars 2.lnk
2012-06-06 23:18 - 2012-05-17 23:08 - 00000000 ____D C:\Users\Simon\AppData\Local\CutePDF Writer
2012-06-03 23:49 - 2012-02-20 20:13 - 00007653 ____A C:\Users\Simon\AppData\Local\Resmon.ResmonCfg
2012-06-02 14:19 - 2012-06-18 16:53 - 02428952 ____A (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2012-06-02 14:19 - 2012-06-18 16:53 - 00701976 ____A (Microsoft Corporation) C:\Windows\System32\wuapi.dll
2012-06-02 14:19 - 2012-06-18 16:53 - 00186752 ____A (Microsoft Corporation) C:\Windows\System32\wuwebv.dll
2012-06-02 14:19 - 2012-06-18 16:53 - 00057880 ____A (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2012-06-02 14:19 - 2012-06-18 16:53 - 00044056 ____A (Microsoft Corporation) C:\Windows\System32\wups2.dll
2012-06-02 14:19 - 2012-06-18 16:53 - 00038424 ____A (Microsoft Corporation) C:\Windows\System32\wups.dll
2012-06-02 14:15 - 2012-06-18 16:53 - 02622464 ____A (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2012-06-02 14:15 - 2012-06-18 16:53 - 00099840 ____A (Microsoft Corporation) C:\Windows\System32\wudriver.dll
2012-06-02 14:15 - 2012-06-18 16:53 - 00036864 ____A (Microsoft Corporation) C:\Windows\System32\wuapp.exe
2012-05-27 10:40 - 2009-07-13 20:45 - 00431280 ____A C:\Windows\System32\FNTCACHE.DAT
2012-05-27 10:39 - 2012-02-11 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2012-05-26 23:24 - 2012-05-26 23:24 - 00307936 ____A C:\Users\Simon\Downloads\BEX_VC_10598.htm
2012-05-26 11:42 - 2012-02-11 22:58 - 00000000 ____D C:\Users\All Users\Microsoft Help
2012-05-26 11:38 - 2009-07-13 18:34 - 00000478 ____A C:\Windows\win.ini
2012-05-26 11:28 - 2011-04-12 00:28 - 00000000 ____D C:\Program Files\Windows Journal
2012-05-24 17:03 - 2009-07-13 21:08 - 00032644 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2012-05-23 20:18 - 2012-05-23 20:18 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2012-05-23 20:18 - 2012-05-23 19:42 - 00000000 ____D C:\Program Files (x86)\Razer
2012-05-23 20:18 - 2012-02-11 19:52 - 00109664 ____A C:\Users\Simon\AppData\Local\GDIPFONTCACHEV1.DAT
2012-05-23 19:42 - 2012-05-23 19:42 - 00000000 ____D C:\Users\Simon\AppData\Local\Razer
2012-05-23 19:42 - 2012-05-23 19:42 - 00000000 ____D C:\Users\All Users\Razer
2012-05-20 22:43 - 2012-05-20 22:36 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Samsung
2012-05-20 22:38 - 2012-05-20 22:38 - 00000000 ____D C:\Users\Simon\Documents\NPS
2012-05-20 22:38 - 2012-05-20 22:38 - 00000000 ____D C:\Users\Simon\Documents\My Art
2012-05-20 22:36 - 2012-05-20 22:36 - 00000000 ____D C:\Users\Simon\Documents\Samsung
2012-05-20 22:36 - 2012-05-20 22:36 - 00000000 ____D C:\Users\Simon\Documents\My NPS Files
2012-05-20 22:36 - 2012-05-20 22:36 - 00000000 ____D C:\Program Files (x86)\Samsung
2012-05-20 22:36 - 2012-02-11 19:53 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2012-05-20 22:29 - 2012-05-20 22:29 - 00000000 ____D C:\Users\All Users\Samsung
2012-05-20 22:29 - 2012-05-20 22:29 - 00000000 ____D C:\Program Files\SAMSUNG
2012-05-17 23:07 - 2012-05-17 23:07 - 00000000 ____D C:\Program Files (x86)\GPLGS
2012-05-17 23:07 - 2012-05-17 23:07 - 00000000 ____D C:\Program Files (x86)\Acro Software
2012-05-14 18:50 - 2012-05-14 18:50 - 00094208 ____A (Razer USA Ltd) C:\Windows\System32\Drivers\rzudd.sys
2012-05-14 18:36 - 2012-05-14 18:36 - 00354816 ____A (Razer USA Ltd) C:\Windows\SysWOW64\rzdevicedll.dll
2012-05-14 18:36 - 2012-05-14 18:36 - 00165888 ____A (Razer USA Ltd) C:\Windows\SysWOW64\rzaudiodll.dll
2012-05-14 18:36 - 2012-05-14 18:36 - 00142848 ____A (Razer USA Ltd) C:\Windows\SysWOW64\rztouchdll.dll
2012-04-29 10:12 - 2012-04-29 10:12 - 00000000 ____D C:\Users\Simon\AppData\Roaming\NVIDIA
2012-04-28 19:48 - 2012-04-26 19:31 - 00000000 ____D C:\Users\Simon\Documents\Guild Wars 2
2012-04-26 19:32 - 2012-04-26 19:32 - 00000000 ____D C:\Users\Simon\AppData\Local\Chromium
2012-04-25 16:57 - 2012-02-11 23:20 - 00000000 ____D C:\Users\All Users\Blizzard Entertainment
2012-04-24 22:12 - 2012-04-24 22:12 - 00000000 ____D C:\Users\All Users\Mozilla
2012-04-23 22:46 - 2012-03-13 20:54 - 00000000 ____D C:\Users\Simon\AppData\Roaming\SystemRequirementsLab
2012-04-23 22:46 - 2012-03-13 20:54 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2012-04-14 23:08 - 2012-04-14 23:08 - 00217400 ____A (Cisco WebEx LLC) C:\Windows\SysWOW64\atsckernel.exe
2012-04-14 23:08 - 2012-04-14 23:08 - 00134456 ____A (Cisco WebEx LLC) C:\Windows\SysWOW64\atashost.exe
2012-04-14 17:57 - 2012-04-14 17:57 - 00157472 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaws.exe
2012-04-14 17:57 - 2012-04-14 17:57 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\javaw.exe
2012-04-14 17:57 - 2012-04-14 17:57 - 00149280 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\java.exe
2012-04-14 17:57 - 2012-04-14 17:57 - 00000000 ____D C:\Program Files (x86)\Java
2012-04-14 17:57 - 2012-02-13 19:52 - 00472808 ____A (Sun Microsystems, Inc.) C:\Windows\SysWOW64\deployJava1.dll
2012-04-04 14:56 - 2012-06-23 11:27 - 00024904 ____A (Malwarebytes Corporation) C:\Windows\System32\Drivers\mbam.sys
2012-04-03 18:06 - 2012-04-03 18:06 - 00000000 ___HD C:\Users\All Users\CanonIJScan
2012-04-03 18:06 - 2012-04-03 18:06 - 00000000 ___HD C:\Users\All Users\CanonBJ
2012-04-03 18:06 - 2012-04-03 18:06 - 00000000 ____A C:\Users\Simon\Sti_Trace.log
2012-04-03 18:06 - 2012-04-03 18:05 - 00000000 ____D C:\Users\Simon\AppData\Roaming\Canon
2012-04-03 18:05 - 2012-04-03 18:05 - 00002095 ____A C:\Users\Simon\Desktop\MP Navigator EX 2.0.lnk
2012-04-03 18:05 - 2012-04-03 18:05 - 00000000 ____D C:\Program Files (x86)\Canon
2012-04-03 18:05 - 2009-07-13 19:20 - 00000000 __RSD C:\Windows\Media
2012-03-30 22:05 - 2012-05-26 11:23 - 05559664 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2012-03-30 20:39 - 2012-05-26 11:23 - 03968368 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2012-03-30 20:39 - 2012-05-26 11:23 - 03913072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2012-03-30 19:10 - 2012-05-26 11:23 - 03146240 ____A (Microsoft Corporation) C:\Windows\System32\win32k.sys
2012-03-30 03:35 - 2012-05-26 11:23 - 01918320 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2012-03-27 11:25 - 2012-02-11 20:13 - 00000000 ____D C:\Users\Simon\Desktop\Shortcuts


ZeroAccess:
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\@
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\L
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\n
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\U
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\U\00000001.@
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\U\80000000.@
C:\Windows\Installer\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\U\800000cb.@

ZeroAccess:
C:\Users\Simon\AppData\Local\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}
C:\Users\Simon\AppData\Local\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\@
C:\Users\Simon\AppData\Local\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\L
C:\Users\Simon\AppData\Local\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\n
C:\Users\Simon\AppData\Local\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\U
C:\Users\Simon\AppData\Local\{fa1f52c3-22ce-01b0-a726-61a8e287afcd}\U\800000cb.@

========================= Known DLLs (Whitelisted) ============


========================= Bamital & volsnap Check ============

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe 014A9CB92514E27C0107614DF764BC06 ZeroAccess <==== ATTENTION!.
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

========================= Memory info ======================

Percentage of memory in use: 6%
Total physical RAM: 16360.86 MB
Available physical RAM: 15245.08 MB
Total Pagefile: 16359.06 MB
Available Pagefile: 15240.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

======================= Partitions =========================

1 Drive c: () (Fixed) (Total:149.05 GB) (Free:45.72 GB) NTFS
2 Drive d: (Caviar Green) (Fixed) (Total:931.51 GB) (Free:495.67 GB) NTFS ==>[System with boot components (obtained from reading drive)]
4 Drive f: () (Removable) (Total:3.72 GB) (Free:2.34 GB) FAT32
5 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 149 GB 0 B
Disk 1 Online 931 GB 0 B
Disk 2 Online 3822 MB 0 B

Partitions of Disk 0:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 149 GB 1024 KB

======================================================================================================

Disk: 0
Partition 1
Type : 07
Hidden: No
Active: No

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 149 GB Healthy

======================================================================================================

Partitions of Disk 1:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 931 GB 31 KB

======================================================================================================

Disk: 1
Partition 1
Type : 07
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D Caviar Gree NTFS Partition 931 GB Healthy

======================================================================================================

Partitions of Disk 2:
===============

Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Primary 3821 MB 64 KB

======================================================================================================

Disk: 2
Partition 1
Type : 0B
Hidden: No
Active: Yes

Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 F FAT32 Removable 3821 MB Healthy

======================================================================================================

==========================================================

Last Boot: 2012-06-19 19:46

======================= End Of Log ==========================

FRST - services.exe:
Farbar Recovery Scan Tool Version: 23-06-2012
Ran by SYSTEM at 2012-06-23 13:30:04
Running from F:\

================== Search: "services.exe" ===================

C:\Windows\winsxs\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.1.7600.16385_none_2b54b20ee6fa07b1\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 24ACB7E5BE595468E3B9AA488B9B4FCB

C:\Windows\System32\services.exe
[2009-07-13 15:19] - [2009-07-13 17:39] - 0328704 ____A (Microsoft Corporation) 014A9CB92514E27C0107614DF764BC06

====== End Of Search ======

Thanks for the assistance in advance!

 

[senapc]

started in repair mode, removed all the files after a long google search.

topic can be marked as solved.

thanks!

[lines removed by Broni]