PC turning off

**Axeltheone** · 22-01-2012

Some time after having my PC open, if I have any text document open or it will type by itself "bn/" and turn itself off shortly after.
Here are the logs:
1.MBAM ( Sorry for the language on this but it basically says I have no viruses)

Malwarebytes Anti-Malware 1.60.0.1800
Malwarebytes : Free anti-malware, anti-virus and spyware removal download

Versiunea bazei de date: v2012.01.22.02

Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Radu :: RADU-PC [administrator]

1/22/2012 1:39:01 PM
mbam-log-2012-01-22 (13-39-01).txt

Modul de scanare: Scanare rapida
Optiuni de scanare activate: Memorie | Pornire | Registru | Sistemul fisierelor | Euristica/Extra | Euristica/Shuriken | PUP | PUM
Optiuni de scanare dezactivate: P2P
Obiecte scanate: 158495
Timp trecut: 2 minute, 36 secunde

Procese din Memorie detectate: 0
(Nu au fost detectate obiecte malicioase)

Module de Memorie detectate: 0
(Nu au fost detectate obiecte malicioase)

Chei de Registru detectate: 0
(Nu au fost detectate obiecte malicioase)

Valori de Registru detectate: 0
(Nu au fost detectate obiecte malicioase)

Date din Registru detectate: 0
(Nu au fost detectate obiecte malicioase)

Foldere detectate: 0
(Nu au fost detectate obiecte malicioase)

Fisiere detectate: 0
(Nu au fost detectate obiecte malicioase)

(sfarsit)

2.GMER

GMER 1.0.15.15641 - GMER - Rootkit Detector and Remover
Rootkit scan 2012-01-22 13

39
Windows 6.1.7600 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000AAKS-00UU3A0 rev.01.03B01
Running: pz7urlfb.exe; Driver: C:\Users\Radu\AppData\Local\Temp\kxldrpog.sys

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82A8B579 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82AAFF52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
? C:\Windows\system32\Drivers\PROCEXP113.SYS The system cannot find the file specified. !
? C:\Users\Radu\AppData\Local\Temp\catchme.sys The system cannot find the file specified. !

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [61347917] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [61347849] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [61347889] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!GetProcAddress] [613470AD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\USER32.dll [GDI32.dll!GetStockObject] [6134649C] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [61347917] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExA] [613478C9] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetProcAddress] [613470AD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [61347889] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [61347889] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [61347849] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [61347917] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetProcAddress] [613470AD] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExA] [613478C9] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [GDI32.dll!GetStockObject] [6134649C] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!GetSysColor] [613463D7] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcW] [61346CC4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!DefWindowProcA] [61346CC4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColorBrush] [613464A2] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TrackPopupMenu] [61346306] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!TrackPopupMenuEx] [61346344] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!AnimateWindow] [61346537] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!GetSysColor] [613463D7] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [USER32.dll!DefWindowProcW] [61346CC4] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [GDI32.dll!GetStockObject] [6134649C] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [61347849] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [61347889] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileA] [61346622] C:\Program Files\Yahoo!\Messenger\yui.dll
IAT C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe[2700] @ C:\Windows\system32\WININET.dll [KERNEL32.dll!CreateFileW] [6134657C] C:\Program Files\Yahoo!\Messenger\yui.dll

---- Devices - GMER 1.0.15 ----

Device \Driver\ACPI_HAL \Device\00000046 halmacpi.dll (Hardware Abstraction Layer DLL/Microsoft Corporation)

AttachedDevice \Driver\volmgr \Device\HarddiskVolume1 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume2 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume3 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume4 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume5 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume6 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume7 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)
AttachedDevice \Driver\volmgr \Device\HarddiskVolume8 fvevol.sys (BitLocker Drive Encryption Driver/Microsoft Corporation)

---- EOF - GMER 1.0.15 ----

3.aswMBR

aswMBR version 0.9.9.1297 Copyright(c) 2011 AVAST Software
Run date: 2012-01-22 13:57:55
-----------------------------
13:57:55.363 OS Version: Windows 6.1.7600
13:57:55.363 Number of processors: 2 586 0x407
13:57:55.363 ComputerName: RADU-PC UserName: Radu
13:57:55.886 Initialize success
13:58:24.771 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
13:58:24.771 Disk 0 Vendor: WDC_WD5000AAKS-00UU3A0 01.03B01 Size: 476940MB BusType: 3
13:58:24.818 Disk 0 MBR read successfully
13:58:24.818 Disk 0 MBR scan
13:58:24.818 Disk 0 Windows 7 default MBR code
13:58:24.818 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
13:58:24.833 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 123900 MB offset 206848
13:58:24.849 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 150000 MB offset 253954048
13:58:24.896 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 202938 MB offset 561154048
13:58:24.896 Disk 0 scanning sectors +976771072
13:58:25.161 Disk 0 scanning C:\Windows\system32\drivers
13:58:35.366 Service scanning
13:58:35.991 Service MSICDSetup F:\CDriver.sys **LOCKED** 21
13:58:36.632 Modules scanning
13:58:44.239 Disk 0 trace - called modules:
13:58:44.271 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll ataport.SYS viaide.sys PCIIDEX.SYS atapi.sys
13:58:44.271 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x85656190]
13:58:44.286 3 CLASSPNP.SYS[88dc159e] -> nt!IofCallDriver -> [0x85194900]
13:58:44.286 5 ACPI.sys[888bc3b2] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x848a5908]
13:58:44.302 Scan finished successfully
13:59:48.884 Disk 0 MBR has been saved successfully to "C:\Users\Radu\Desktop\MBR.dat"
13:59:48.900 The log file has been saved successfully to "C:\Users\Radu\Desktop\aswMBR.txt"

4a.DDS

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_30
Run by Radu at 14

43 on 2012-01-22
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1443 [GMT 1:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\WUDFHost.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://start.facemoods.com/?a=grupo
BHO: Java(tm) Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [Messenger (Yahoo!)] "c:\progra~1\yahoo!\messenger\YahooMessenger.e xe" -quiet
uRun: [Media Finder] "c:\program files\media finder\MF.exe" /opentotray
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Download with &Media Finder - c:\program files\media finder\hook.html
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
TCP: DhcpNameServer = 193.231.189.18 193.231.189.19
TCP: Interfaces\{D701B754-ADC5-4543-874F-902219A72238} : DhcpNameServer = 193.231.189.18 193.231.189.19
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\radu\appdata\roaming\mozilla\firefox\prof iles\ldpvgf2l.default\
FF - prefs.js: browser.startup.homepage - Google
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npdf.dll
FF - plugin: c:\program files\nitro pdf\reader 2\npnitromozilla.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.BabylonToolbar_i.id - 1cfe01c100000000000000e04d0e13f1
FF - user.js: extensions.BabylonToolbar_i.hardId - 1cfe01c100000000000000e04d0e13f1
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15354
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.178:23:25
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101067
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
============= SERVICES / DRIVERS ===============
.
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608]
R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCr eatorReadSpool2;c:\program files\nitro pdf\reader 2\NitroPDFReaderDriverService2.exe [2011-12-20 196904]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
.
=============== Created Last 30 ================
.
2012-01-22 12:38:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-01-22 12:38:24 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2012-01-22 12:35:15 -------- d-sh--w- C:\$RECYCLE.BIN
2012-01-22 12:35:10 -------- d-----w- c:\users\radu\appdata\local\temp
2012-01-22 11:45:48 518144 ----a-w- c:\windows\SWREG.exe
2012-01-22 11:45:48 256000 ----a-w- c:\windows\PEV.exe
2012-01-22 11:45:48 208896 ----a-w- c:\windows\MBR.exe
2012-01-22 11:45:47 98816 ----a-w- c:\windows\sed.exe
2012-01-22 11:32:17 476904 ----a-w- c:\program files\mozilla firefox\plugins\npdeployJava1.dll
2012-01-22 11:32:17 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-22 11:16:07 -------- d-----w- c:\program files\common files\Symantec Shared
2012-01-22 11:14:26 -------- d-----w- c:\programdata\Symantec
2012-01-22 11:14:23 -------- d-----w- c:\windows\system32\drivers\nss\0306010.00B
2012-01-22 11:14:23 -------- d-----w- c:\windows\system32\drivers\NSS
2012-01-22 11:14:23 -------- d-----w- c:\programdata\Norton
2012-01-22 11:14:23 -------- d-----w- c:\program files\Norton Security Scan
2012-01-22 11:14:22 -------- d-----w- c:\programdata\NortonInstaller
2012-01-22 11:14:22 -------- d-----w- c:\program files\NortonInstaller
2012-01-21 22:11:11 -------- d-----w- c:\programdata\Avira
2012-01-21 10:20:07 -------- d-----w- c:\users\radu\appdata\roaming\SUPERAntiSpyware.com
2012-01-21 10:19:27 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-21 10:19:27 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-21 08:57:35 -------- d-----w- c:\program files\Panda Security
2012-01-17 08:28:32 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-01-17 08:28:31 132608 ----a-w- c:\windows\system32\cabview.dll
2012-01-17 08:19:52 -------- d-----w- c:\program files\ESET
2012-01-17 08:19:12 150800 ----a-w- c:\programdata\1326788060.bdinstall.bin
2012-01-17 08:14:19 29583 ----a-w- c:\programdata\1326788057.bdinstall.bin
2012-01-17 06:26:53 -------- d-----w- c:\users\radu\appdata\local\Opera
2012-01-16 10:03:02 -------- d-----w- c:\users\radu\appdata\roaming\Malwarebytes
2012-01-16 10:02:46 -------- d-----w- c:\programdata\Malwarebytes
2012-01-16 09:57:12 181631 ----a-w- c:\programdata\1326707676.bdinstall.bin
2012-01-16 09:54:59 -------- d-----w- c:\program files\Bitdefender
2012-01-16 09:54:48 -------- d-----w- c:\users\radu\appdata\roaming\QuickScan
2012-01-16 09:54:23 -------- d-----w- c:\program files\common files\Bitdefender
2012-01-16 09:16:54 6823496 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{6a41aad8-b362-4f0f-a40a-f019a93c5565}\mpengine.dll
2012-01-16 02:13:50 -------- d-----w- c:\users\radu\appdata\local\Microsoft Games
2012-01-16 01:53:29 -------- d-----w- c:\windows\Panther
2012-01-15 07:38:12 26408 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-01-15 07:38:12 17704 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-01-15 07:38:04 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-01-15 07:38:04 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-01-15 07:37:57 -------- d-----w- c:\program files\Nitro PDF
2012-01-15 07:37:57 -------- d-----w- c:\program files\common files\Nitro PDF
2012-01-15 07:37:41 -------- d-----w- c:\program files\Winamp Detect
2012-01-15 07:37:34 -------- d-----w- c:\program files\common files\PX Storage Engine
2012-01-15 07:37:30 -------- d-----w- c:\users\radu\appdata\roaming\OpenCandy
2012-01-15 07:37:07 -------- d-----w- c:\users\radu\appdata\roaming\BSplayer Pro
2012-01-15 07:37:07 -------- d-----w- c:\users\radu\appdata\roaming\BSplayer
2012-01-15 07:37:06 -------- d-----w- c:\program files\Webteh
2012-01-15 07:30:16 -------- d-----w- c:\windows\system32\appmgmt
2012-01-15 07:26:06 604704 ----a-w- c:\windows\SOUNDMAN.EXE
2012-01-15 07:26:06 4172832 ----a-w- c:\windows\system32\drivers\RTKVAC.SYS
2012-01-15 07:26:06 19036704 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2012-01-15 07:26:06 10975264 ----a-w- c:\windows\system32\RTLCPL.EXE
2012-01-15 07:26:06 -------- d-----w- c:\program files\Realtek AC97
2012-01-15 07:26:05 965664 ----a-w- c:\windows\system32\RtkPgExt.dll
2012-01-15 07:26:05 154144 ----a-w- c:\windows\system32\RTLCPAPI.dll
2012-01-15 07:26:05 141856 ----a-w- c:\windows\system32\RtkCfg.dll
2012-01-15 07:26:04 315392 ----a-w- c:\windows\alcupd.exe
2012-01-15 07:26:04 2510368 ----a-w- c:\windows\system32\RtkAPO.dll
2012-01-15 07:25:45 319488 ----a-w- c:\windows\HideWin.exe
2012-01-15 07:25:06 -------- d-sh--w- c:\windows\system32\AI_RecycleBin
2012-01-15 07:25:00 -------- d-----w- c:\program files\Fliptoast
2012-01-15 07:24:48 -------- d-----w- c:\users\radu\appdata\local\Adobe
2012-01-15 07:23:29 -------- d-----w- c:\users\radu\appdata\roaming\Media Finder
2012-01-15 07:23:20 -------- d-----w- c:\users\radu\appdata\roaming\Babylon
2012-01-15 07:23:20 -------- d-----w- c:\users\radu\appdata\local\Babylon
2012-01-15 07:23:20 -------- d-----w- c:\programdata\Babylon
2012-01-15 07:20:49 -------- d-----w- c:\users\radu\appdata\local\ElevatedDiagnostics
2012-01-15 07:16:38 -------- d-----w- c:\program files\Realtek
2012-01-15 07:15:05 1698408 ----a-w- c:\windows\RtlExUpd.dll
2012-01-15 07:15:05 -------- d--h--w- c:\program files\Temp
2012-01-15 07:15:04 757760 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\int el32\iKernel.dll
2012-01-15 07:15:04 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\int el32\ctor.dll
2012-01-15 07:15:04 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\int el32\DotNetInstaller.exe
2012-01-15 07:15:04 32768 ----a-w- c:\program files\common files\installshield\professional\runtime\Objectps. dll
2012-01-15 07:15:04 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\int el32\iscript.dll
2012-01-15 07:15:04 204800 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\int el32\iuser.dll
2012-01-15 07:15:02 331908 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\int el32\setup.dll
2012-01-15 07:15:02 200836 ----a-w- c:\program files\common files\installshield\professional\runtime\11\50\int el32\iGdi.dll
2012-01-15 07:14:51 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-15 07:13:20 -------- d-----w- c:\program files\Yahoo!
2012-01-15 07:13:16 -------- d-----w- c:\users\radu\appdata\local\Mozilla
2012-01-15 07:09:36 -------- d-sh--w- c:\windows\Installer
2012-01-15 07:09:29 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-01-15 07:09:19 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2012-01-15 07:09:18 837736 ----a-w- c:\windows\system32\nvgenco322040.dll
2012-01-15 07:09:14 57960 ----a-w- c:\windows\system32\OpenCL.dll
2012-01-15 07:09:13 5653096 ----a-w- c:\windows\system32\nvwgf2um.dll
2012-01-15 07:09:13 15047272 ----a-w- c:\windows\system32\nvoglv32.dll
2012-01-15 07:09:12 10467656 ----a-w- c:\windows\system32\drivers\nvlddmkm.sys
2012-01-15 07:09:11 2895976 ----a-w- c:\windows\system32\nvcuvid.dll
2012-01-15 07:09:11 10078312 ----a-w- c:\windows\system32\nvd3dum.dll
2012-01-15 07:09:10 2251368 ----a-w- c:\windows\system32\nvcuvenc.dll
2012-01-15 07:09:09 4941928 ----a-w- c:\windows\system32\nvcuda.dll
2012-01-15 07:08:59 13011560 ----a-w- c:\windows\system32\nvcompiler.dll
2012-01-15 07:08:58 1965672 ----a-w- c:\windows\system32\nvapi.dll
2012-01-15 07:07:28 -------- d-----w- c:\windows\system32\wbem\Performance
2012-01-15 07:07:22 -------- d-----w- c:\program files\NVIDIA Corporation
2012-01-15 07:00:57 -------- d-----w- C:\Recovery
.
==================== Find3M ====================
.
2011-11-28 16:34:00 446160 ----a-w- c:\windows\system32\drivers\avckf.sys
2011-11-25 12:59:40 240184 ----a-w- c:\windows\system32\drivers\avchv.sys
.
============= FINISH: 14:22:10.60 ===============

4b.Attach

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 1/15/2012 8:02:29 AM
System Uptime: 1/22/2012 2:20:21 PM (0 hours ago)
.
Motherboard: | | P4M890-8237
Processor: Intel(R) Pentium(R) D CPU 2.80GHz | Socket 775 | 2804/200mhz
.
==== Disk Partitions =========================
.
A: is Removable
C: is FIXED (NTFS) - 121 GiB total, 106.748 GiB free.
D: is FIXED (NTFS) - 146 GiB total, 139.332 GiB free.
E: is FIXED (NTFS) - 198 GiB total, 198.051 GiB free.
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP2: 1/15/2012 8:25:48 AM - Installed Realtek AC'97 Audio
RP3: 1/15/2012 8:26:14 AM - Device Driver Package Install: Realtek Semiconductor Corp. Sound, video and game controllers
RP4: 1/15/2012 8:29:49 AM - Removed Fliptoast
RP5: 1/15/2012 8:30:20 AM - Removed Fliptoast
RP6: 1/15/2012 8:32:22 AM - Removed FlipToast
RP8: 1/15/2012 8:37:46 AM - Installed DirectX
RP9: 1/17/2012 9:28:33 AM - Windows Update
RP10: 1/21/2012 9:57:13 AM - Installed Panda ActiveScan Cleaner
RP11: 1/21/2012 11:15:17 AM - Removed Panda ActiveScan Cleaner
RP12: 1/22/2012 12:31:46 PM - Installed Java(TM) 6 Update 30
.
==== Installed Programs ======================
.
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
BS.Player FREE
ESET Online Scanner v3
Java Auto Updater
Java(TM) 6 Update 30
Malwarebytes Anti-Malware version 1.60.0.1800
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Mozilla Firefox 9.0.1 (x86 ro)
Nitro Reader 2
Norton Security Scan
NVIDIA Control Panel 266.58
NVIDIA Graphics Driver 266.58
NVIDIA Install Application
Opera 11.60
Realtek AC'97 Audio
Realtek High Definition Audio Driver
SUPERAntiSpyware
Winamp
Winamp Detector Plug-in
Yahoo! Messenger
.
==== Event Viewer Messages From Past Week ========
.
1/22/2012 2:20:37 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000be (0x934fe425, 0x7ad0f121, 0x8aa07958, 0x0000000a). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012212-15015-01.
1/22/2012 2:14:38 PM, Error: Microsoft-Windows-Directory-Services-SAM [12291] - SAM failed to start the TCP/IP or SPX/IPX listening thread
1/22/2012 2:14:37 PM, Error: Service Control Manager [7023] - The Server service terminated with the following error: The service has not been started.
1/22/2012 2:14:37 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: A system shutdown is in progress.
1/22/2012 2:14:36 PM, Error: Service Control Manager [7038] - The WinHttpAutoProxySvc service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The security account manager (SAM) or local security authority (LSA) server was in the wrong state to perform the security operation. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
1/22/2012 2:14:36 PM, Error: Service Control Manager [7000] - The WinHTTP Web Proxy Auto-Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.
1/22/2012 12:20:15 AM, Error: atapi [11] - The driver detected a controller error on \Device\Ide\IdePort0.
1/22/2012 1:28:54 PM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
1/17/2012 9:53:22 AM, Error: Service Control Manager [7030] - The ESET Service service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
1/17/2012 7:49:31 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: bdselfpr trufos
1/16/2012 9:58:33 AM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147014847
1/16/2012 10:44:52 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk5\DR5.
1/15/2012 4:58:18 PM, Error: Service Control Manager [7023] - The Windows Time service terminated with the following error: The system cannot find the file specified.
.
==== End Of File ===========================

I have an extra ComboFix log so I'll also post it here :

ComboFix 12-01-21.02 - Radu 01/22/2012 13

02.4.2 - x86
Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.2046.1425 [GMT 1:00]
Running from: c:\users\Radu\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\alcrmv.exe
.
.
((((((((((((((((((((((((( Files Created from 2011-12-22 to 2012-01-22 )))))))))))))))))))))))))))))))
.
.
2012-01-22 12:28 . 2012-01-22 12:28 -------- d-----w- c:\users\Default\AppData\Local\temp
2012-01-22 12:21 . 2012-01-22 12:21 56200 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A41AAD8-B362-4F0F-A40A-F019A93C5565}\offreg.dll
2012-01-22 11:32 . 2012-01-22 11:32 -------- d-----w- c:\program files\Common Files\Java
2012-01-22 11:32 . 2012-01-22 11:32 472808 ----a-w- c:\windows\system32\deployJava1.dll
2012-01-22 11:32 . 2012-01-22 11:32 -------- d-----w- c:\program files\Java
2012-01-22 11:16 . 2012-01-22 11:27 -------- d-----w- c:\program files\Common Files\Symantec Shared
2012-01-22 11:14 . 2012-01-22 11:14 -------- d-----w- c:\programdata\Symantec
2012-01-22 11:14 . 2012-01-22 11:14 -------- d-----w- c:\windows\system32\drivers\NSS
2012-01-22 11:14 . 2012-01-22 11:14 -------- d-----w- c:\programdata\Norton
2012-01-22 11:14 . 2012-01-22 11:14 -------- d-----w- c:\program files\Norton Security Scan
2012-01-22 11:14 . 2012-01-22 11:14 -------- d-----w- c:\program files\NortonInstaller
2012-01-21 22:11 . 2012-01-22 11:09 -------- d-----w- c:\programdata\Avira
2012-01-21 10:19 . 2012-01-21 10:20 -------- d-----w- c:\program files\SUPERAntiSpyware
2012-01-21 10:19 . 2012-01-21 10:19 -------- d-----w- c:\programdata\SUPERAntiSpyware.com
2012-01-21 08:57 . 2012-01-21 08:57 -------- d-----w- c:\program files\Panda Security
2012-01-17 08:28 . 2009-12-29 06:55 172032 ----a-w- c:\windows\system32\wintrust.dll
2012-01-17 08:28 . 2010-01-09 06:52 132608 ----a-w- c:\windows\system32\cabview.dll
2012-01-17 08:19 . 2012-01-17 08:53 -------- d-----w- c:\program files\ESET
2012-01-17 08:19 . 2012-01-17 08:19 150800 ----a-w- c:\programdata\1326788060.bdinstall.bin
2012-01-17 08:14 . 2012-01-17 08:14 29583 ----a-w- c:\programdata\1326788057.bdinstall.bin
2012-01-17 06:26 . 2012-01-17 06:26 -------- d-----w- c:\program files\Opera
2012-01-16 10:02 . 2012-01-16 10:02 -------- d-----w- c:\programdata\Malwarebytes
2012-01-16 09:57 . 2012-01-16 09:57 181631 ----a-w- c:\programdata\1326707676.bdinstall.bin
2012-01-16 09:54 . 2012-01-17 08:23 -------- d-----w- c:\program files\Bitdefender
2012-01-16 09:54 . 2012-01-17 08:19 -------- d-----w- c:\program files\Common Files\Bitdefender
2012-01-16 09:16 . 2011-11-30 01:21 6823496 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{6A41AAD8-B362-4F0F-A40A-F019A93C5565}\mpengine.dll
2012-01-16 01:53 . 2012-01-15 07:02 -------- d-----w- c:\windows\Panther
2012-01-15 07:38 . 2011-12-20 09:10 17704 ----a-w- c:\windows\system32\nitrolocalui2.dll
2012-01-15 07:38 . 2011-12-20 09:10 26408 ----a-w- c:\windows\system32\nitrolocalmon2.dll
2012-01-15 07:38 . 2012-01-15 07:38 -------- d-----w- c:\programdata\Nitro PDF
2012-01-15 07:38 . 2009-09-04 16:29 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll
2012-01-15 07:38 . 2006-09-28 15:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll
2012-01-15 07:37 . 2012-01-15 07:37 -------- d-----w- c:\program files\Nitro PDF
2012-01-15 07:37 . 2012-01-15 07:37 -------- d-----w- c:\program files\Common Files\Nitro PDF
2012-01-15 07:37 . 2012-01-15 07:37 -------- d-----w- c:\program files\Winamp Detect
2012-01-15 07:37 . 2012-01-15 07:37 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2012-01-15 07:37 . 2012-01-15 07:38 -------- d-----w- c:\program files\Winamp
2012-01-15 07:37 . 2012-01-15 07:37 -------- d-----w- c:\program files\Webteh
2012-01-15 07:31 . 2012-01-15 07:31 -------- d-----w- c:\programdata\McAfee
2012-01-15 07:26 . 2012-01-15 07:26 -------- d-----w- c:\program files\Realtek AC97
2012-01-15 07:26 . 2009-06-19 02:45 4172832 ----a-w- c:\windows\system32\drivers\RTKVAC.SYS
2012-01-15 07:26 . 2009-04-14 14:43 604704 ----a-w- c:\windows\SOUNDMAN.EXE
2012-01-15 07:26 . 2009-04-14 14:43 10975264 ----a-w- c:\windows\system32\RTLCPL.EXE
2012-01-15 07:26 . 2009-04-14 14:43 19036704 ----a-w- c:\windows\system32\ALSNDMGR.CPL
2012-01-15 07:26 . 2009-04-14 14:43 965664 ----a-w- c:\windows\system32\RtkPgExt.dll
2012-01-15 07:26 . 2009-04-14 14:43 154144 ----a-w- c:\windows\system32\RTLCPAPI.dll
2012-01-15 07:26 . 2009-04-14 14:43 141856 ----a-w- c:\windows\system32\RtkCfg.dll
2012-01-15 07:16 . 2012-01-15 07:16 -------- d-----w- c:\program files\Realtek
2012-01-15 07:15 . 2012-01-15 07:17 -------- d--h--w- c:\program files\Temp
2012-01-15 07:15 . 2011-12-13 10:01 1698408 ----a-w- c:\windows\RtlExUpd.dll
2012-01-15 07:15 . 2012-01-15 07:15 -------- d-----w- c:\program files\Common Files\InstallShield
2012-01-15 07:14 . 2012-01-15 07:31 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-01-15 07:14 . 2012-01-15 07:14 -------- d-----w- c:\windows\system32\Macromed
2012-01-15 07:14 . 2012-01-15 07:14 -------- d-----w- c:\programdata\Yahoo!
2012-01-15 07:13 . 2012-01-15 07:14 -------- d-----w- c:\program files\Yahoo!
2012-01-15 07:09 . 2012-01-22 11:32 -------- d-sh--w- c:\windows\Installer
2012-01-15 07:09 . 2012-01-15 07:09 -------- d-----w- c:\programdata\NVIDIA Corporation
2012-01-15 07:09 . 2011-01-08 03:27 941160 ----a-w- c:\windows\system32\nvdispco322090.dll
2012-01-15 07:03 . 2012-01-15 07:03 -------- d-----w- c:\users\Radu
2012-01-15 07:00 . 2012-01-15 07:00 -------- d-----w- C:\Recovery
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2012-01-15 07:25 . 2012-01-15 07:24 31126033 ----a-w- C:\Realtek_AC97_Driver-6305_win7_vista-en.zip
2011-11-28 16:34 . 2011-11-28 16:34 446160 ----a-w- c:\windows\system32\drivers\avckf.sys
2011-11-25 12:59 . 2011-11-25 12:59 240184 ----a-w- c:\windows\system32\drivers\avchv.sys
2011-12-21 08:05 . 2012-01-15 07:12 121816 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"Messenger (Yahoo!)"="c:\progra~1\Yahoo!\Messenger\YahooMesse nger.exe" [2012-01-04 6497592]
"Media Finder"="c:\program files\Media Finder\MF.exe" [BU]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-12-09 4616064]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2009-04-14 604704]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\!SASCORE]
@=""
.
R3 MSICDSetup;MSICDSetup;F:\CDriver.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-07-12 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-08-11 116608]
S2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCr eatorReadSpool2;c:\program files\Nitro PDF\Reader 2\NitroPDFReaderDriverService2.exe [2011-12-20 196904]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2009-07-13 139776]
.
.
Contents of the 'Scheduled Tasks' folder
.
2012-01-22 c:\windows\Tasks\Norton Security Scan for Radu.job
- c:\progra~1\NORTON~2\Engine\361~1.11\Nss.exe [2012-01-22 07:47]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://start.facemoods.com/?a=grupo
IE: Download with &Media Finder - c:\program files\Media Finder\hook.html
TCP: DhcpNameServer = 193.231.189.18 193.231.189.19
FF - ProfilePath - c:\users\Radu\AppData\Roaming\Mozilla\Firefox\Prof iles\ldpvgf2l.default\
FF - prefs.js: browser.startup.homepage - Google
FF - user.js: extensions.BabylonToolbar_i.id - 1cfe01c100000000000000e04d0e13f1
FF - user.js: extensions.BabylonToolbar_i.hardId - 1cfe01c100000000000000e04d0e13f1
FF - user.js: extensions.BabylonToolbar_i.instlDay - 15354
FF - user.js: extensions.BabylonToolbar_i.vrsn - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsni - 1.5.3.17
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.3.178:23
FF - user.js: extensions.BabylonToolbar_i.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar_i.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar_i.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar_i.tlbrId - base
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=101067
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar_i.instlRef - sst
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PC W\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2012-01-22 13:35:00
ComboFix-quarantined-files.txt 2012-01-22 12:34
.
Pre-Run: 114,788,139,008 bytes free
Post-Run: 114,740,142,080 bytes free
.
- - End Of File - - 367E80D9E15306CAF6C5333FC26DCCEF

Thanks in advice.

**broni** · 22-01-2012

What is drive F?

You're not running any AV program.
Install ONE of these:
- Avast! free antivirus: avast! Free Antivirus - Download Software for Virus Protection
- free Microsoft Security Essentials: Microsoft Security Essentials - Free Antivirus for Windows
- free Comodo Antivirus: Antivirus ? Download Best Free Antivirus Software From Comodo
Update, run full scan, report on any findings.

PC turning off

PC turning off

Similar Threads

computer turning itself off.

computer keeps turning itself off!

Computer Turning On

Computor keeps turning off

keeps turning itself off