Windows 7 Virus or Error Help

Hello,

Can someone guide me in the right way. About a month ago I got the AFP virus (Australia Federal Police Ukash Virus) and it screwed with me for a bit but I finally got ontop of it myself.

Now my firewall will not enable, safe mode will not start and I get this error when I boot my pc.

The error when I boot my pc.
Image may be NSFW.
Clik here to view.

And when I boot into safe mode.
Image may be NSFW.
Clik here to view.

As you can see by the top 1 cm safe mode loads and you can move the mouse indicated by the white spludge but you cannot see alot with is what the AFP did too safe mode.


I am running scans with malwarebytes, hitman pro, spybot search and destory and finding nothing.

I really cannot stress what else to do except reformatting which for me is really not a option.

If you need any more info or need me to run some kind of scanner for the logs please fire away I am desperate to get my computer working again.

Also I cannot enable my firewall.

I also do not have a boot cd

DDS LOG
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 1.6.0_35
Run by owner at 15:36:57 on 2013-02-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.61.1033.18.8169.6660 [GMT 11:00]
.
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe
C:\Program Files (x86)\Hotspot Shield\HssWPR\hsssrv.exe
C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\Winamp\winampa.exe
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\sysWOW64\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title = !! fkn0wned.com Jamb !!
uURLSearchHooks: HotSpot Shield Elite Toolbar: {f16708b8-d2df-482d-9dfa-aa8d8894f0f4} - C:\Program Files (x86)\HotSpot_Shield_Elite\prxtbHot0.dll
uURLSearchHooks: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot0.dll
mURLSearchHooks: HotSpot Shield Elite Toolbar: {f16708b8-d2df-482d-9dfa-aa8d8894f0f4} - C:\Program Files (x86)\HotSpot_Shield_Elite\prxtbHot0.dll
mURLSearchHooks: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot0.dll
mWinlogon: Userinit = userinit.exe,
BHO: Coupon Companion Plugin: {11111111-1111-1111-1111-110211181104} - C:\Program Files (x86)\Coupon Companion Plugin\Coupon Companion Plugin.dll
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot0.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: HotSpot Shield Elite Toolbar: {f16708b8-d2df-482d-9dfa-aa8d8894f0f4} - C:\Program Files (x86)\HotSpot_Shield_Elite\prxtbHot0.dll
BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE.dll
BHO: WinToFlash Suggestor: {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
BHO: {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - <orphaned>
TB: HotSpot Shield Elite Toolbar: {F16708B8-D2DF-482D-9DFA-AA8D8894F0F4} - C:\Program Files (x86)\HotSpot_Shield_Elite\prxtbHot0.dll
TB: Hotspot Shield Toolbar: {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot0.dll
TB: HotSpot Shield Elite Toolbar: {f16708b8-d2df-482d-9dfa-aa8d8894f0f4} - C:\Program Files (x86)\HotSpot_Shield_Elite\prxtbHot0.dll
TB: Hotspot Shield Toolbar: {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files (x86)\Hotspot_Shield\prxtbHot0.dll
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [msnmsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
uRun: [Google Update] "C:\Users\owner\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [Xvid] C:\Program Files (x86)\Xvid\CheckUpdate.exe
uRun: [GameShadow] C:\Program Files (x86)\GameShadow\GameShadow.exe /q
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [ManyCam] "C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe" /silent
mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
mRun: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
StartupFolder: C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
StartupFolder: C:\Users\owner\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\GAMERA~1.LNK - C:\Users\owner\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MIF5BA~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MIF5BA~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {A52C66B3-D4A9-4d10-A67D-2BEF0A85AB3F} - {FC36B0BD-27F0-4cdd-8AB1-50651EFC3EFD} - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.dll
LSP: C:\Windows\System32\EasyRedirect.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: Interfaces\{258E682C-F557-441A-B5DC-1DDF61CBE89C} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{28CDB369-41A0-493B-BE57-232293E5F984} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{2B24DC7C-6AD7-4175-8700-966564687A4E} : NameServer = 10.0.0.138
TCP: Interfaces\{507C66D4-E42A-4327-B67F-6DCC5F9EFDD7} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{5600F401-9B59-4990-9394-FE98780E2C54} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{59100729-2306-419C-B899-45DBF7729C31} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{E2472D9B-9C93-43AE-8113-321FC21B94A3} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{E70A4ECF-B516-4AD0-80D7-7FFCB45550CB} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F3DC432D-B9D7-4357-AD2A-8C1CC80D88D0} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{F64BF587-15C4-40A3-AEE7-59F8AB25A016} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{FA1399B2-FEF4-45B9-A0D3-44E922B96254} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-mWindow Title = !! fkn0wned.com Jamb !!
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [catsr] rundll32.exe "C:\Users\owner\AppData\Roaming\catsr.dll",fGetBrowserUrlEncoding
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 Spyware Info | Spyware Info | spyware software | spyware program | protection spyware
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xqabaci7.default\
FF - prefs.js: browser.search.selectedEngine - Search.com
FF - prefs.js: browser.startup.homepage - hxxp://t3-1.search.com/
FF - prefs.js: keyword.URL - hxxp://t3-3.search.com/search?q=
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\GameSpy\Comrade\npcomrade.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\owner\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Users\owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xqabaci7.default\extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}\plugins\np-mswmp.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-02-11 16:54; extension21804@extension21804.com; C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xqabaci7.default\extensions\extension21804@extension21804.com
FF - ExtSQL: 2013-02-11 16:54; searchcom@mybrowserbar.com; C:\Program Files (x86)\Search.com Toolbar\FF
.
---- FIREFOX POLICIES ----
FF - user.js: network.cookie.cookieBehavior - 0
FF - user.js: privacy.clearOnShutdown.cookies - false
FF - user.js: security.warn_viewing_mixed - false
FF - user.js: security.warn_viewing_mixed.show_once - false
FF - user.js: security.warn_submit_insecure - false
FF - user.js: security.warn_submit_insecure.show_once - false
.
============= SERVICES / DRIVERS ===============
.
R1 HssDRV6;Hotspot Shield Routing Driver 6;C:\Windows\System32\drivers\hssdrv6.sys [2012-11-15 42248]
R1 TsVp;TsVp;C:\Windows\System32\drivers\tsvp.sys [2010-6-10 26256]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2011-11-10 204288]
R2 cpuz135;cpuz135;C:\Windows\System32\drivers\cpuz135_x64.sys [2011-4-14 21992]
R2 EasyRedirect;EasyRedirect;C:\Program Files\Easy-Hide-IP\rdr\EasyRedirect.exe [2012-9-15 3542856]
R2 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2010-9-13 36224]
R2 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2010-9-13 61056]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R2 hshld;Hotspot Shield Service;C:\Program Files (x86)\Hotspot Shield\bin\openvpnas.exe [2012-11-16 527728]
R2 HssWd;Hotspot Shield Monitoring Service;C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [2012-11-15 389488]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-12-13 3290896]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 TeamViewer7;TeamViewer 7;C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-3-19 2666880]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-18 2655768]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2012-3-29 245760]
R3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);C:\Windows\System32\drivers\vrtaucbl.sys [2013-1-22 66728]
R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-7-20 44928]
R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2012-7-20 29696]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-6-10 539240]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2011-11-24 158336]
R3 taphss6;Anchorfree HSS VPN Adapter;C:\Windows\System32\drivers\taphss6.sys [2012-11-15 40712]
R3 TSCOMM;CommStudio Virtual Adapter by TamoSoft;C:\Windows\System32\drivers\tscomm.sys [2011-3-3 45160]
R3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\System32\drivers\vcsvad.sys [2012-4-30 21504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2013-1-19 398184]
S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2013-1-19 682344]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2012-7-13 160944]
S3 Andbus;LGE Android Platform Composite USB Device;C:\Windows\System32\drivers\lgandbus64.sys [2012-2-9 19456]
S3 AndDiag;LGE Android Platform USB Serial Port;C:\Windows\System32\drivers\lganddiag64.sys [2012-2-9 27648]
S3 AndGps;LGE Android Platform USB GPS NMEA Port;C:\Windows\System32\drivers\lgandgps64.sys [2012-2-9 27136]
S3 ANDModem;LGE Android Platform USB Modem;C:\Windows\System32\drivers\lgandmodem64.sys [2012-2-9 34304]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2011-10-18 93712]
S3 ck3iusb64;XECUTER CK3i USB Controller Driver;C:\Windows\System32\drivers\ck3iusb64.sys [2012-8-6 64000]
S3 CV2K1;CommView Network Monitor;C:\Windows\System32\drivers\cv2k1.sys [2010-4-1 21608]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;C:\Windows\System32\drivers\e1k62x64.sys [2010-7-15 283824]
S3 ECSIoDriver_1_1_0_0;ECSIoDriver_1_1_0_0;C:\Program Files (x86)\ECS Motherboard Utility\eBLU\ECSIoDriverX64.sys [2011-2-11 14656]
S3 ENTECH64;ENTECH64;C:\Windows\System32\drivers\Entech64.sys [2010-1-1 12744]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-2-3 135584]
S3 hcwhdpvr;Hauppauge HD PVR Capture Service;C:\Windows\System32\drivers\hcwhdpvr.sys [2012-9-1 192072]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);C:\Windows\System32\drivers\L1C62x64.sys [2009-6-11 57344]
S3 libusb0;LibUsb-Win32 - Kernel Driver 03/20/2007, 0.1.12.1;C:\Windows\System32\drivers\libusb0.sys [2012-8-6 16896]
S3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2013-1-19 24176]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-4-27 83080]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-4-27 184968]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\System32\drivers\ScreamingBAudio64.sys [2010-7-1 38992]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\System32\drivers\tapoas.sys [2011-8-19 30720]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-2-11 59392]
S3 TsVlb;TsVlb;C:\Windows\System32\drivers\tsvlb.sys [2009-10-17 22120]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2011-8-2 51712]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-6-29 1255736]
.
=============== Created Last 30 ================
.
2013-02-13 04:36:00 -------- d-----w- C:\Users\owner\AppData\Local\{28A87C86-FDB8-4ECA-9F60-D51064DF156B}
2013-02-13 04:30:36 -------- d-----w- C:\Users\owner\AppData\Local\{DE974723-86B3-41E0-94ED-8B68236124D3}
2013-02-12 05:45:18 -------- d-----w- C:\Users\owner\AppData\Local\{73EB71F8-AF0D-4A40-8FA9-C01191286DFF}
2013-02-11 08:12:55 -------- d-----w- C:\Users\owner\AppData\Roaming\GlarySoft
2013-02-11 08:12:28 -------- d-----w- C:\Program Files (x86)\Glarysoft
2013-02-11 06:27:55 -------- d-----w- C:\Users\owner\AppData\Roaming\SpeedyPC Software
2013-02-11 06:27:55 -------- d-----w- C:\Users\owner\AppData\Roaming\DriverCure
2013-02-11 06:27:46 -------- d-----w- C:\ProgramData\SpeedyPC Software
2013-02-11 05:55:00 -------- d-----w- C:\Program Files (x86)\Free Window Registry Repair
2013-02-11 05:54:47 -------- d-----w- C:\Program Files (x86)\Search.com Toolbar
2013-02-11 05:54:47 -------- d-----w- C:\Program Files (x86)\Common Files\Spigot
2013-02-11 05:54:20 -------- d-----w- C:\Users\owner\AppData\Local\Coupon Companion Plugin
2013-02-11 05:54:06 -------- d-----w- C:\Users\owner\AppData\Local\Updater21804
2013-02-11 05:54:03 -------- d-----w- C:\Program Files (x86)\Coupon Companion Plugin
2013-02-11 03:55:01 -------- d-----w- C:\Users\owner\AppData\Local\{B1E912D8-D365-4820-9F1C-BB90920E42EA}
2013-02-09 12:42:14 -------- d-----w- C:\Users\owner\AppData\Local\{BFCAD0A0-0338-4CA3-8DD9-AB467B2D5549}
2013-02-09 05:29:35 720896 ----a-w- C:\Windows\iun6002.exe
2013-02-09 05:29:35 -------- d-----w- C:\Windows\ForceASPI
2013-02-09 05:29:35 -------- d-----w- C:\Program Files (x86)\KProbe
2013-02-08 20:35:51 -------- d-----w- C:\Users\owner\AppData\Local\{A4C133A2-4BE2-4705-9382-E31FAB49289C}
2013-02-07 04:04:42 -------- d-----w- C:\Users\owner\AppData\Local\{1423A433-7FA6-422F-83ED-1B96B6611BEE}
2013-02-06 09:07:19 -------- d-----w- C:\Users\owner\AppData\Local\{9D5B1263-2FC2-4329-AD84-BDC7EEA17EE2}
2013-02-05 05:02:21 -------- d-----w- C:\Users\owner\AppData\Local\{C158F317-FEBD-4B89-BA7A-393BF03A4B9D}
2013-02-04 09:41:19 -------- d-----w- C:\Program Files (x86)\CommView
2013-02-04 04:04:20 -------- d-----w- C:\Users\owner\AppData\Local\{3BF3600F-67DE-4EFD-A044-BE4147B13D83}
2013-02-03 04:05:20 -------- d-----w- C:\Users\owner\AppData\Local\Electronic Arts
2013-02-03 00:30:40 -------- d-----w- C:\Users\owner\AppData\Local\{DC02F13E-49E5-4517-A09C-0D8577DBA215}
2013-02-02 23:40:33 -------- d-----w- C:\Users\owner\AppData\Local\{86531AFE-0052-4C02-AABC-ECA1238264FA}
2013-02-02 02:09:15 -------- d-----w- C:\Users\owner\AppData\Local\{0A2F8B5C-7E70-44E4-BBB7-E4108B337F9F}
2013-02-01 02:45:05 -------- d-----w- C:\Users\owner\AppData\Local\{FE518EA9-471D-4522-A751-13E6A0A7A3E4}
2013-01-31 07:17:54 -------- d-----w- C:\Users\owner\AppData\Local\{E9B5A99E-84F9-45C7-A4F5-0EA7C86FD2EA}
2013-01-30 11:04:27 -------- d-----w- C:\Users\owner\AppData\Local\{A2CAF1AB-9474-4A20-B521-EFF011440D54}
2013-01-29 00:24:03 -------- d-----w- C:\Users\owner\AppData\Local\{D4D412E2-39FF-4E42-B570-F8AE01E021B2}
2013-01-28 03:15:17 -------- d-----w- C:\Users\owner\AppData\Local\{31B165C1-D4CC-439B-A47F-C10ABC0902AF}
2013-01-27 00:48:57 -------- d-----w- C:\Users\owner\AppData\Local\{9255C571-556E-4F9C-BEA2-287D8FFAD26E}
2013-01-25 23:02:29 -------- d-----w- C:\Users\owner\AppData\Local\{A429A98B-5566-4B9B-AEC4-A787F6033CDE}
2013-01-24 23:45:15 -------- d-----w- C:\Users\owner\AppData\Local\{9232FE68-3705-45D2-9654-566A6ED7016E}
2013-01-23 23:50:57 -------- d-----w- C:\Users\owner\AppData\Local\{FACBF825-A9D8-4CF8-9A64-EF398DEDAC06}
2013-01-23 01:00:14 -------- d-----w- C:\Users\owner\AppData\Local\{D6D1DAD6-1186-4E76-A848-EFCA63A719B8}
2013-01-22 02:18:09 66728 ----a-w- C:\Windows\System32\drivers\vrtaucbl.sys
2013-01-22 02:18:08 -------- d-----w- C:\Program Files\Virtual Audio Cable
2013-01-22 02:01:36 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2013-01-21 22:50:23 -------- d-----w- C:\Users\owner\AppData\Local\{40F3AED7-3B8E-4D13-B879-F6D4705D6DEB}
2013-01-20 23:27:11 -------- d-----w- C:\Users\owner\AppData\Local\{3B9DA7CE-6510-4DBF-AE4F-62496491EC03}
2013-01-20 00:15:48 -------- d-----w- C:\Users\owner\AppData\Local\{F18178D5-DA3F-468C-B499-71D60D63A279}
2013-01-18 23:09:46 -------- d-----w- C:\Users\owner\AppData\Roaming\Malwarebytes
2013-01-18 23:09:38 -------- d-----w- C:\ProgramData\Malwarebytes
2013-01-18 23:09:37 24176 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-01-18 23:09:37 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-01-18 22:24:59 -------- d-----w- C:\ProgramData\HitmanPro
2013-01-18 21:18:05 -------- d-----w- C:\Users\owner\AppData\Roaming\Wayhim
2013-01-18 21:18:05 -------- d-----w- C:\Users\owner\AppData\Roaming\Suen
2013-01-18 21:17:19 9161176 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6706B186-1A1F-4FFF-B094-159578A413C8}\mpengine.dll
2013-01-18 21:16:25 -------- d-----w- C:\Users\owner\AppData\Local\{61EE0915-5582-4EB4-9112-3D8315FCCDF4}
2013-01-17 22:49:32 -------- d-----w- C:\Users\owner\AppData\Local\{1DECF30E-57E6-4F18-84EA-B5E3352D348C}
2013-01-16 23:12:07 -------- d-----w- C:\Users\owner\AppData\Local\{C421F2FB-C38A-4B39-8CBE-1563E5457E8F}
2013-01-15 22:04:42 -------- d-----w- C:\Users\owner\AppData\Local\{A0851CC1-0486-4CBA-AE4E-AD44B3C52DA8}
2013-01-15 03:08:45 -------- d-----w- C:\Users\owner\AppData\Local\{F615FFF5-E061-4760-B284-F67C8A59D8A1}
.
==================== Find3M ====================
.
2012-12-16 17:11:22 46080 ----a-w- C:\Windows\System32\atmlib.dll
2012-12-16 14:45:03 367616 ----a-w- C:\Windows\System32\atmfd.dll
2012-12-16 14:13:28 295424 ----a-w- C:\Windows\SysWow64\atmfd.dll
2012-12-16 14:13:20 34304 ----a-w- C:\Windows\SysWow64\atmlib.dll
2012-12-13 10:08:32 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2012-12-13 10:08:32 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2012-12-12 11:08:20 281688 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2012-12-07 13:20:16 441856 ----a-w- C:\Windows\System32\Wpc.dll
2012-12-07 13:15:31 2746368 ----a-w- C:\Windows\System32\gameux.dll
2012-12-07 12:26:17 308736 ----a-w- C:\Windows\SysWow64\Wpc.dll
2012-12-07 12:20:43 2576384 ----a-w- C:\Windows\SysWow64\gameux.dll
2012-12-07 11:20:04 30720 ----a-w- C:\Windows\System32\usk.rs
2012-12-07 11:20:03 43520 ----a-w- C:\Windows\System32\csrr.rs
2012-12-07 11:20:03 23552 ----a-w- C:\Windows\System32\oflc.rs
2012-12-07 11:20:01 45568 ----a-w- C:\Windows\System32\oflc-nz.rs
2012-12-07 11:20:01 44544 ----a-w- C:\Windows\System32\pegibbfc.rs
2012-12-07 11:20:01 20480 ----a-w- C:\Windows\System32\pegi-fi.rs
2012-12-07 11:20:00 20480 ----a-w- C:\Windows\System32\pegi-pt.rs
2012-12-07 11:19:59 20480 ----a-w- C:\Windows\System32\pegi.rs
2012-12-07 11:19:58 46592 ----a-w- C:\Windows\System32\fpb.rs
2012-12-07 11:19:57 40960 ----a-w- C:\Windows\System32\cob-au.rs
2012-12-07 11:19:57 21504 ----a-w- C:\Windows\System32\grb.rs
2012-12-07 11:19:57 15360 ----a-w- C:\Windows\System32\djctq.rs
2012-12-07 11:19:56 55296 ----a-w- C:\Windows\System32\cero.rs
2012-12-07 11:19:55 51712 ----a-w- C:\Windows\System32\esrb.rs
2012-11-30 05:45:35 362496 ----a-w- C:\Windows\System32\wow64win.dll
2012-11-30 05:45:35 243200 ----a-w- C:\Windows\System32\wow64.dll
2012-11-30 05:45:35 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2012-11-30 05:45:14 215040 ----a-w- C:\Windows\System32\winsrv.dll
2012-11-30 05:43:12 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2012-11-30 05:41:07 424448 ----a-w- C:\Windows\System32\KernelBase.dll
2012-11-30 04:54:00 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2012-11-30 04:53:59 274944 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2012-11-30 03:23:48 338432 ----a-w- C:\Windows\System32\conhost.exe
2012-11-30 02:44:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2012-11-30 02:44:04 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2012-11-30 02:44:04 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2012-11-30 02:44:03 2048 ----a-w- C:\Windows\SysWow64\user.exe
2012-11-30 02:38:59 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2012-11-30 02:38:59 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2012-11-30 02:38:59 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2012-11-30 02:38:59 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2012-11-23 03:26:31 3149824 ----a-w- C:\Windows\System32\win32k.sys
2012-11-23 03:13:57 68608 ----a-w- C:\Windows\System32\taskhost.exe
2012-11-22 05:44:23 800768 ----a-w- C:\Windows\System32\usp10.dll
2012-11-22 04:45:03 626688 ----a-w- C:\Windows\SysWow64\usp10.dll
2012-11-20 05:48:49 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2012-11-20 04:51:09 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
.
============= FINISH: 15:38:10.86 ===============

Attached Files

Image may be NSFW. Clik here to view.

Scan.zip (7.7 KB)