Jump to content


Photo
- - - - -

Malwarebytes hangs at 'Scanning additional items', Chameleon stays at "Killing known malicious processes'


  • This topic is locked This topic is locked
10 replies to this topic

#1 zoid9

zoid9

    New Member

  • Members
  • Pip
  • 5 posts

Posted 13 September 2012 - 04:37 PM

Here are the logs.


.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Patrick at 17:11:25 on 2012-09-13
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.5922 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
C:\windows\system32\taskeng.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskhost.exe
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\DllHost.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\windows\system32\taskhost.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://lenovo.msn.com
mWinlogon: Userinit=userinit.exe,
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [DIMDownloading your update...1338924290338] "C:\Program Files\Corel\CorelDRAW Graphics Suite X6\Draw\DIM.EXE" "c:\programdata\corel\downloads\540240626_310002\1338924290338\dim_params.xml" -Launch=3 -uibase="c:\users\patrick\appdata\roaming\corel\messages\540240626_310002\en\messagecache1\workflow"
mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: lenovo.com\consumersupport
Trusted Zone: lenovo.com.cn\edrivers
Trusted Zone: lenovo.com.cn\support4
Trusted Zone: lenovo.com.cn\think
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} - hxxp://123.127.211.194/us/en/SmartDownloading/cab/npdueng.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{DACF01DC-C65E-436F-8E3B-B24747F7B70E} : DhcpNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRun-x64: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.79\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\windows\system32\lenovo\update\npdueng.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-26 44808]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2011-11-23 70496]
R2 DigiNet;Digidesign Ethernet Support;C:\windows\system32\DRIVERS\diginet.sys --> C:\windows\system32\DRIVERS\diginet.sys [?]
R2 mi-raysat_3dsmax2013_32;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit;C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe [2011-9-14 86016]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-4-7 5352960]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-13 1153368]
R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-7-25 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-7-25 528760]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-25 2655768]
R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\windows\system32\DRIVERS\e1c62x64.sys --> C:\windows\system32\DRIVERS\e1c62x64.sys [?]
R3 GeneStor;Genesys Logic Storage Driver;C:\windows\system32\DRIVERS\GeneStor.sys --> C:\windows\system32\DRIVERS\GeneStor.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 mbamchameleon;mbamchameleon;\??\C:\windows\system32\drivers\mbamchameleon.sys --> C:\windows\system32\drivers\mbamchameleon.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-4-10 164528]
R3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\system32\DRIVERS\wdcsam64.sys --> C:\windows\system32\DRIVERS\wdcsam64.sys [?]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2011-11-23 110944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250568]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]
S3 dalwdmservice;dal service;C:\windows\system32\drivers\dalwdm.sys --> C:\windows\system32\drivers\dalwdm.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]
S3 MBX2DFU;MBX2DFU;C:\windows\system32\DRIVERS\MBX2DFU.sys --> C:\windows\system32\DRIVERS\MBX2DFU.sys [?]
S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\windows\system32\drivers\mbx2midk.sys --> C:\windows\system32\drivers\mbx2midk.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 mlkumidi;MusicLab Virtual Miniport MIDI Driver;C:\windows\system32\drivers\mlkumidi.sys --> C:\windows\system32\drivers\mlkumidi.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-6 113120]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 wacmoumonitor;Wacom Mode Helper;C:\windows\system32\DRIVERS\wacmoumonitor.sys --> C:\windows\system32\DRIVERS\wacmoumonitor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\windows\system32\drivers\ymidusbx64.sys --> C:\windows\system32\drivers\ymidusbx64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\system32\DRIVERS\yk62x64.sys --> C:\windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-09-12 20:27:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue
2012-09-12 20:27:54 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue Art et Technologie, Inc
2012-09-12 12:38:04 -------- d-----w- C:\Program Files\Plogue
2012-09-12 12:27:28 950128 ----a-w- C:\windows\System32\drivers\ndis.sys
2012-09-12 12:27:28 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys
2012-09-12 12:27:27 574464 ----a-w- C:\windows\System32\d3d10level9.dll
2012-09-12 12:27:27 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll
2012-09-12 12:27:26 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-09-12 12:27:26 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 12:27:26 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-09-11 07:40:53 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7B041FEE-1A5D-4BB5-9C68-36685AA346E0}\mpengine.dll
2012-09-11 03:26:02 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2012-09-11 03:17:18 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-09-11 03:17:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-10 22:59:47 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MTexturedStyles
2012-09-10 22:59:45 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction MXXX
2012-09-10 22:59:38 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction IR
2012-09-10 22:49:35 -------- d-----w- C:\Users\Patrick\AppData\Local\DC8C
2012-09-10 19:56:42 64 ----a-w- C:\Users\Patrick\AppData\Roaming\wsys.sys
2012-09-10 19:55:57 714526 ----a-w- C:\Users\Patrick\AppData\Roaming\unins000.exe
2012-09-10 19:55:57 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Bitsonic
2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\win_ident.sys
2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\tb.sys
2012-09-10 00:27:11 -------- d-----w- C:\Users\Patrick\AppData\Roaming\NUGEN Audio
2012-09-10 00:27:10 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_FB9AECF7-F56E-7B2E-A862-9892AA545103.dll
2012-09-10 00:27:10 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_F4F01109-C336-401f-BDE4-7C1926744104.dll
2012-09-10 00:27:10 2 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_D9C6A609-15A1-4768-8E98-6FA00C2547CC.dll
2012-09-10 00:27:10 2 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_72024697-2626-4a12-8347-7CAC1834AC3B.dll
2012-09-10 00:27:09 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_496F4C99-60AD-5b9e-AC1B-FA060E643C04.dll
2012-09-10 00:27:08 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_FAB01109-C336-401f-BDE4-AB1926744111.dll
2012-09-10 00:27:07 6 ----a-w- C:\Users\Patrick\AppData\Roaming\iasna_C92E1371-3DF5-4322-9729-82CC0DD90ECA.dll
2012-09-08 18:15:38 -------- d-----w- C:\Users\Patrick\AppData\Local\MusicLab
2012-09-08 18:15:38 -------- d-----w- C:\ProgramData\MusicLab
2012-09-08 18:15:18 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MusicLab
2012-09-08 18:15:12 -------- d-----w- C:\Program Files (x86)\MusicLab
2012-09-08 16:33:50 -------- d-----w- C:\Program Files (x86)\Togu Audio Line
2012-09-08 16:23:08 -------- d-----w- C:\Program Files (x86)\Expert Sleepers
2012-09-08 12:27:11 146836 ----a-w- C:\windows\Curvemeister3-64 Uninstaller.exe
2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Curvemeister.com
2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Common Files\Thraex Software
2012-09-08 12:26:07 146889 ----a-w- C:\windows\Curvemeister_3 Uninstaller.exe
2012-09-08 12:26:07 -------- d-----w- C:\ProgramData\Curvemeister.com
2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Curvemeister.com
2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Common Files\Thraex Software
2012-09-07 15:42:38 6034944 ----a-w- C:\windows\SysWow64\PSP Neon STD.dll
2012-09-07 15:42:37 6047744 ----a-w- C:\windows\SysWow64\PSP Neon HR.dll
2012-09-07 15:42:37 5122560 ----a-w- C:\windows\SysWow64\PSP Neon MIX.dll
2012-09-07 14:24:52 -------- d-----w- C:\Users\Patrick\AppData\Local\Mozilla Firefox
2012-09-05 19:34:53 -------- d-----w- C:\Program Files (x86)\Little Endian
2012-09-05 18:41:08 -------- d-----w- C:\Program Files (x86)\Poetic Guitar - Rainlotus
2012-09-04 13:12:44 -------- d-----w- C:\Program Files (x86)\Sonic Charge
2012-09-03 16:19:02 -------- d-----w- C:\Program Files (x86)\IMEA Studio
2012-09-03 15:09:20 -------- d-----w- C:\Program Files (x86)\Native Instruments
2012-09-02 18:30:00 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Waves Audio
2012-09-02 18:21:02 7744 ----a-w- C:\windows\SysWow64\HookDll.dll
2012-09-02 18:21:02 -------- d-----w- C:\Program Files (x86)\Waves
2012-09-02 01:22:01 -------- d-----w- C:\Program Files\Minimal System Instruments
2012-09-01 01:52:19 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Thinstall
2012-08-29 10:50:38 57408 ----a-w- C:\windows\System32\drivers\mlkumidi.sys
2012-08-28 02:10:26 -------- d-----w- C:\Program Files (x86)\LinPlug
2012-08-27 12:08:07 -------- d-----w- C:\ProgramData\ToguAudioLine
2012-08-27 00:44:23 -------- d-----w- C:\Program Files\Celemony
2012-08-27 00:44:22 -------- d-----w- C:\Program Files (x86)\Celemony
2012-08-27 00:31:09 -------- d-----w- C:\Program Files\Brainworx Music
2012-08-27 00:31:05 -------- d-----w- C:\Program Files (x86)\Brainworx Music
2012-08-26 15:00:00 275968 ----a-w- C:\windows\SysWow64\REX Shared Library.dll
2012-08-24 15:00:00 2181120 ----a-w- C:\windows\System32\ReWire.dll
2012-08-24 15:00:00 1431552 ----a-w- C:\windows\SysWow64\ReWire.dll
2012-08-23 12:14:23 -------- d-----w- C:\Users\Patrick\AppData\Local\Topaz Labs
2012-08-23 12:13:42 -------- d-----w- C:\Program Files\Topaz Labs
2012-08-23 12:09:08 -------- dc-h--w- C:\ProgramData\{66072046-04D4-48EA-A317-20AA5D8BACE9}
2012-08-23 12:09:03 -------- dc-h--w- C:\ProgramData\{C2FDA136-2501-43EB-ABB7-2D9AC8BFB655}
2012-08-23 11:39:33 -------- dc-h--w- C:\ProgramData\{E495C549-FA37-49F8-9EF7-A92CE55058C9}
2012-08-23 11:39:21 -------- dc-h--w- C:\ProgramData\{BB82CA89-D29D-45D2-8C0C-C824A39D588E}
2012-08-23 11:39:09 -------- dc-h--w- C:\ProgramData\{896AFBDD-72FF-40B8-B6B8-33C6022AD113}
2012-08-23 11:38:54 -------- dc-h--w- C:\ProgramData\{9C90450F-E325-424C-B16B-8809320C3F92}
2012-08-23 11:38:37 -------- dc-h--w- C:\ProgramData\{E314972B-E8D6-465D-AE74-6CC08535701F}
2012-08-23 11:38:27 -------- dc-h--w- C:\ProgramData\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}
2012-08-23 11:38:16 -------- dc-h--w- C:\ProgramData\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}
2012-08-23 11:38:07 -------- dc-h--w- C:\ProgramData\{89E2929F-C967-49CB-9FE3-FD86B97312FE}
2012-08-23 11:38:05 -------- dc-h--w- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
2012-08-23 11:37:54 -------- dc-h--w- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
2012-08-23 11:37:49 -------- dc-h--w- C:\ProgramData\{0DEDF45C-1DEC-4670-AACA-9EC906125BFB}
2012-08-23 11:37:41 -------- dc-h--w- C:\ProgramData\{34007C15-AD5B-4CB2-A047-04AB415A841A}
2012-08-23 11:37:35 -------- dc-h--w- C:\ProgramData\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}
2012-08-23 11:37:27 -------- dc-h--w- C:\ProgramData\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}
2012-08-23 11:37:24 -------- dc-h--w- C:\ProgramData\{F7D319B6-E312-49A7-AA67-4737E676DD03}
2012-08-23 11:37:14 -------- dc-h--w- C:\ProgramData\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}
2012-08-23 11:37:05 -------- dc-h--w- C:\ProgramData\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}
2012-08-23 11:36:58 -------- dc-h--w- C:\ProgramData\{33BC0E96-6441-46C9-9F09-529996C10736}
2012-08-23 11:36:49 -------- dc-h--w- C:\ProgramData\{ABC7326D-27C4-4601-8B2C-50AABC4C287C}
2012-08-23 11:36:42 -------- dc-h--w- C:\ProgramData\{AE93E0EC-AB92-4D27-9DA8-1BCEE7181244}
2012-08-23 11:36:39 -------- dc-h--w- C:\ProgramData\{A86A537E-18B3-414C-8CA0-92F4066C1B5C}
2012-08-23 11:36:38 -------- d-----w- C:\Program Files\Common Files\Topaz Labs
2012-08-23 11:36:30 -------- dc-h--w- C:\ProgramData\{6172A493-DBB5-49D2-B3DC-94690BB85ACF}
2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Topaz Labs
2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Common Files\Topaz Labs
2012-08-23 11:35:53 -------- d-----w- C:\Users\Patrick\AppData\Local\PackageAware
2012-08-22 21:40:40 -------- d-----w- C:\Users\Patrick\AppData\Roaming\4Front
2012-08-21 00:11:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Sublime Text 2
2012-08-21 00:11:41 -------- d-----w- C:\Program Files\Sublime Text 2
2012-08-20 15:34:48 -------- d-----w- C:\Program Files (x86)\AudioMulch 2.2.1
2012-08-17 19:51:09 -------- d-----w- C:\Program Files (x86)\Common Files\MAGIX Services
2012-08-17 19:51:07 -------- d-----w- C:\Program Files\Common Files\MAGIX Services
2012-08-17 03:00:15 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Malwarebytes
2012-08-17 03:00:08 -------- d-----w- C:\ProgramData\Malwarebytes
2012-08-17 00:51:04 -------- d-----w- C:\ProgramData\Corel Painter 12.1 Update
2012-08-16 01:45:14 503808 ----a-w- C:\windows\System32\srcore.dll
2012-08-16 01:45:14 43008 ----a-w- C:\windows\SysWow64\srclient.dll
2012-08-16 01:45:13 3148800 ----a-w- C:\windows\System32\win32k.sys
2012-08-16 01:45:12 59392 ----a-w- C:\windows\System32\browcli.dll
2012-08-16 01:45:12 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2012-08-16 01:45:12 136704 ----a-w- C:\windows\System32\browser.dll
2012-08-16 01:45:11 751104 ----a-w- C:\windows\System32\win32spl.dll
2012-08-16 01:45:11 67072 ----a-w- C:\windows\splwow64.exe
2012-08-16 01:45:11 559104 ----a-w- C:\windows\System32\spoolsv.exe
2012-08-16 01:45:11 492032 ----a-w- C:\windows\SysWow64\win32spl.dll
2012-08-16 01:45:10 956928 ----a-w- C:\windows\System32\localspl.dll
2012-08-15 00:37:55 150 ----a-w- C:\windows\SysWow64\privatedata.dll
2012-08-15 00:37:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Sonalksis
2012-08-14 23:50:06 -------- d-----w- C:\Users\Patrick\AppData\Roaming\New Sonic Arts
2012-08-14 23:44:52 -------- d-----w- C:\ProgramData\New Sonic Arts
2012-08-14 23:44:51 -------- d-----w- C:\Program Files (x86)\New Sonic Arts
.
==================== Find3M ====================
.
2012-08-24 11:32:54 73416 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-24 11:32:54 696520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-08-21 09:13:13 969200 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2012-08-21 09:13:12 71600 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2012-08-21 09:13:12 54072 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2012-08-21 09:12:33 41224 ----a-w- C:\windows\avastSS.scr
2012-08-10 16:28:14 134088 ----a-w- C:\windows\ColorPic Uninstaller.exe
2012-08-06 15:00:00 276480 ----a-w- C:\windows\System32\XilsFiles64.dll
2012-08-06 15:00:00 229376 ----a-w- C:\windows\SysWow64\XilsFiles32.dll
2012-07-07 13:33:23 720896 ----a-w- C:\windows\iun6002.exe
2012-07-06 12:17:09 715117 ----a-w- C:\windows\unins004.exe
2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-06-25 20:04:24 1394248 ----a-w- C:\windows\SysWow64\msxml4.dll
2012-06-18 18:41:37 721758 ----a-w- C:\windows\unins003.exe
.
============= FINISH: 17:12:27.53 ===============



.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/9/2011 3:26:10 AM
System Uptime: 9/13/2012 3:05:19 AM (14 hours ago)
.
Motherboard: LENOVO | | To be filled by O.E.M.
Processor: Intel® Core™ i3-2100 CPU @ 3.10GHz | CPU 1 | 3100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 906 GiB total, 168.701 GiB free.
D: is CDROM ()
E: is CDROM (UDF)
F: is FIXED (NTFS) - 931 GiB total, 134.614 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
2C-Audio Aether
2C-Audio Breeze
AAS - Chromaphone
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe After Effects CS5.5
Adobe AIR
Adobe Content Viewer
Adobe Creative Suite 5.5 Master Collection
Adobe Dreamweaver CS5.5
Adobe Dreamweaver CS6
Adobe Fireworks CS6
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Professional CS6
Adobe Help Manager
Adobe Illustrator CS6
Adobe InDesign CS6
Adobe kuler
Adobe Media Player
Adobe Photoshop CS6
Adobe Premiere Pro CS5.5
Adobe Soundbooth CS5
Adobe Story
Adobe Widget Browser
AKVIS SmartMask
Alien Skin Blow Up
Alien Skin Exposure 2
Alien Skin Snap Art
Alternative Rock EZmix pack
Amaya
Amazon Kindle
Ambiotica REFiLL
Analog Factory 2.5
Apple Application Support
Apple Software Update
ARP2600 V2 2.0
Artillery2
ArtsAcoustic BigRock v1.0.7
ArtsAcoustic CL Series v1.0.19
ASIO4ALL
Autodesk 3ds Max Design 2013 32-bit
Autodesk Backburner 2013.0.0
Autodesk Civil View for 3ds Max Design 2013
Autodesk Essential Skills Movies for 3ds Max Design 2013 32-bit
Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013
Autodesk Inventor Server Engine for 3ds Max Design 2013 32-bit
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Material Library Medium Resolution Image Library 2013
AV Bros. Page Curl Pro 2.2 (Remove Only)
avast! Free Antivirus
Bamboo Dock
BazzISM2 VST2 2.4.6
Best Buy pc app
Big Fish Audio First Call Horns
Bitsonic Waspy 2 + gold Soundbank
Blue Cat's Protector RTAS 2.0 Demo
Blue Cat's Protector VST 2.0 Demo
BlueGriffon version 1.1.1
BlueStacks (alpha)
Brass 2.0.5
calibre
Camel Audio Alchemy
Catanya 1.0.1
ChordWizard Songtrix Gold 3.0
Chuck Ainlay EZmix pack
Clubotica REFiLL
ColorPic
Composite 2013
Corel Painter Essentials 4
CS-80V2 2.0
Curvemeister_3
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Devine Machine Lucifer VST v2.1
Digidesign Audio Drivers 8.0
Digidesign Pro Tools Creative Collection 8.0
Digidesign Pro Tools LE 8.0
discoDSP Discovery Pro
DisplayFusion 3.3.1
DMGAudio EQuality 1.17
DMGAudio PitchFunk 1.02
Drumaxx
DX10
East West EWQLSO Gold Edition
Edison
Electronic EZmix pack
eLicenser Control
EQ500 version 1.0.0
EZmix 32-bit
FileZilla Client 3.5.3
Filter Forge 2.008
Filtrate 1.101
FL Studio 10
Free DigiRack Plug-Ins 8.0
FXpansion DCAMDynamics
FXpansion Free Comp
FXpansion Tremor
Genesys USB Mass Storage Device
Git version 1.7.6-preview20110708
GlaceVerb 1.01
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hardcore
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
IL Autogun
IL Download Manager
IL DrumSynth Live
IL Gross Beat
IL Harmless
IL Juice Pack
IL Ogun
IL Slicex
IL Vocodex
Inkscape 0.48.2
Intel® C++ Redistributables for Windows* on IA-32
Intel® C++ Redistributables on IA-32
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
iZotope iDrum
iZotope Iris
Java Auto Updater
Java™ 6 Update 31
Junk Mail filter update
Jupiter-8V2 2.0
Lenovo Driver and Application Installation
Lenovo Rescue System
Lenovo USB2.0 UVC Camera
LinPlug relectro
LinPlug RMV Drum Library
Live 8.2.7
LVT
LXH-JME2207FN Hotkey Driver
Macromedia FreeHand MXa
MAGIX Speed burnR (MSI)
MAGMA Installer
Malwarebytes Anti-Malware version 1.65.0.1400
Mark Needham EZmix pack
Maximus
Mesh Runtime
Metal Essentials EZmix pack
Metal EZmix pack
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Design 4
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Expression Web 4
Microsoft Expression Web 4 Service Pack 2
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio Macro Tools
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Web Embedding Fonts Tool (III)
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
minimoog V2 2.0
Miroslav Philharmonik CE
Modern PopRock EZmix pack
Moog Modular V 2.5
Morphine
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
Native Instruments Abbey Road 60s Drums
Native Instruments Absynth 5
Native Instruments Battery 3
Native Instruments Battery Library Importer for Maschine
Native Instruments Berlin Concert Grand
Native Instruments Controller Editor
Native Instruments Damage
Native Instruments FM8
Native Instruments Guitar Rig 5
Native Instruments Komplete 8
Native Instruments Kontakt 5
Native Instruments Kontakt Factory Library
Native Instruments Massive
Native Instruments New York Concert Grand
Native Instruments Rammfire
Native Instruments Reaktor 5
Native Instruments Reaktor Prism
Native Instruments Reaktor Spark R2
Native Instruments Reflektor
Native Instruments Scarbee MM-Bass
Native Instruments Scarbee Vintage Keys
Native Instruments Service Center
Native Instruments Studio Drummer
Native Instruments The Finger R2
Native Instruments Traktors 12
Native Instruments Transient Master
Native Instruments Upright Piano
Native Instruments Vienna Concert Grand
Native Instruments Vintage Organs
Native Instruments West Africa
nebula3 CM
Noise Reduction Plug-in 2.0i
Noisebud CatchDad
Notepad++
Nuklear VST2 1.1.4
Opera 11.52
OrangeVocoder VST 2.02
PAP 4.0
PAP project files
Pazera Free MP4 to AVI Converter 1.6
PDF Settings CS5
PDF Settings CS6
PDFMate Free PDF Converter 1.10
photoFXlab (32 bit)
Poise 1.1.19
PreSonus Studio One 2
Prophet-V2 2.0
PSP 608 MultiDelay 32bit
PSP Neon 32bit
PTC-2A version 1.0.1
PxMergeModule
Quark Update
QuarkXPress
QuickTime
Realtek High Definition Audio Driver
REAPER
Reason 5.0
Redwirez mixIR2 version 1.0.171
REFLEX PRO V2
reFX Nexus VSTi RTAS v2.2.0
reFX quadraSID 1.6.0
reFX Vanguard VSTi RTAS v1.8.0
rgc:audio sfz+ VSTi v1.01
rgcAudio Square I VSTi v1.2
Rob Papen Albino 3
Rob Papen BLUE Version 1.8.5d
Rob Papen Predator RTAS V1.6.2
Rob Papen Predator V1.6.2a
Rob Papen Punch 32 Bits 1.0.3
Robotronic
Rock EZmix pack
Roger Nichols Digital SIGNATURE Bundle VST RTAS v1.9.3
Ruby 1.9.3-p194
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Expression Design 4 (KB2667730)
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
SEQ1 Master
SEQ2 Master
Sequoia 12
shortcircuit
Sibelius 7 OpenType Fonts
SimSynth
Slate Digital FG-X Mastering Processor VST RTAS v1.1.2
Softube Trident A-Range VST RTAS v1.0.2
Softube Tube-Tech CL 1B VST RTAS v1.0.3
Softube Tube Delay VST RTAS v1.0.5
Softube Vintage Amp Room VST RTAS v1.0.8
Sonalksis Plug-in Manager 3.00
Songwriters Tools EZmix pack
Sonnoxplugins Oxford Elite Collection Native v1.0
Sound Forge Pro 10.0
Spark Vintage Drum Machines 1.0.2
Splat! 1.0
Spybot - Search & Destroy
Steinberg VST Classics 1
Sugar Bytes Guitarist Library 1.0
SynthMaster 2.5 VST/VSTi version 2.5.3.109
Sytrus
TerraTec Komplexer VSTi 1.0.3
The T-Pain Effect Bundle
Topaz Adjust 5
Topaz Adjust 5 (64-bit)
Topaz B&W Effects
Topaz B&W Effects (64-bit)
Topaz Clean 3
Topaz Clean 3 (64-bit)
Topaz DeJpeg 4
Topaz DeJpeg 4 (64-bit)
Topaz DeNoise 5
Topaz DeNoise 5 (64-bit)
Topaz Detail 2
Topaz Detail 2 (64-bit)
Topaz Fusion Express 2
Topaz Fusion Express 2 (64-bit)
Topaz InFocus
Topaz InFocus (64-bit)
Topaz Lens Effects
Topaz Lens Effects (64-bit)
Topaz ReMask 3
Topaz ReMask 3 (64-bit)
Topaz Simplify 3
Topaz Simplify 3 (64-bit)
Topaz Star Effects
Topaz Star Effects (64-bit)
Toxic DEMO v2.1
TubeOhm Alpha-Ray
Universal Extractor 1.6.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
ValhallaRoom 1.1.0
ValhallaUberMod 1.0.1
VAZ 2010 2.1.4
VAZ Modular 3.2.4
VAZ Plus 2.1.7
Vegas Pro 11.0
Vember Audio SURGE
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visualizer v1.9.2
VKFX 2.2.8
VLC media player 2.0.1
Vogue
VTE-2A version 1.0.7
W2 Harmonizer v1.0
WampServer 2.2
Wasp
Wave Arts Tube Saturator
Waves Complete V9r5
WebTablet FB Plugin
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows 7 Upgrade Advisor
Windows Internet Explorer Platform Preview
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WOW
WPF Toolkit February 2010 (Version 3.5.50211.1)
.
==== Event Viewer Messages From Past Week ========
.
9/13/2012 3:06:02 AM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.
.
==== End Of File ===========================

#2 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,379 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 18 September 2012 - 05:37 AM

Hello zoid9 and :welcome:! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:
  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.

Step 1

Please uninstall the following application: µTorrent


Step 2

Please download AdwCleaner from here and save it on your Desktop.

  • Right-click on adwcleaner.exe and select Run As Administrator to launch the application.
  • Now click on the Search tab.
  • Please post the contents of the log-file created in your next post.

Note: The log can also be located at C:\ >> AdwCleaner[XX].txt >> XX <-- Denotes the number of times the application has been ran, so in this should be something like R1.


Step 3

Download aswMBR.exe to your desktop.

Double click the aswMBR.exe to run it

Click the "Scan" button to start scan
Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply
Posted Image


Step 4

Follow the instructions here:
http://forums.malwar...98


Step 5

Open www.virustotal.com and one by one upload the following files:

C:\Users\Patrick\AppData\Roaming\wsys.sys
C:\Users\Patrick\AppData\Roaming\win_ident.sys
C:\Users\Patrick\AppData\Roaming\tb.sys

Wait until scan finished and then copy/paste the URL in your next reply.


In your next reply, post the following log files:

  • AdwCleaner log
  • aswMBR log
  • Virustotal results
  • a new fresh DDS log

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#3 zoid9

zoid9

    New Member

  • Members
  • Pip
  • 5 posts

Posted 19 September 2012 - 03:02 PM

Thank you for your response.
I have completed the steps as you requested.

I could only scan one file with Virustotal.
When I tried to scan the other two, Virustotal tells me they have already been scanned.

VirusTotal URL: https://www.virustot...sis/1348081638/

Here are the logs:

AdwCleaner[R1].txt

# AdwCleaner v2.002 - Logfile created 09/19/2012 at 07:56:20
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Patrick - PATRICK-PC-X64
# Boot Mode : Normal
# Running from : C:\Users\Patrick\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\searchplugins\Askcom.xml
Folder Found : C:\Users\Patrick\AppData\Local\APN

***** [Registry] *****

Key Found : HKCU\Software\Conduit
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\Default Tab
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Patrick\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*******************************************************************************************


AdwCleaner[R1].txt - [1468 octets] - [19/09/2012 07:56:20]

########## EOF - C:\AdwCleaner[R1].txt - [1528 octets] ##########

aswMBR.txt


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-19 08:01:02
-----------------------------
08:01:02.717 OS Version: Windows x64 6.1.7601 Service Pack 1
08:01:02.717 Number of processors: 4 586 0x2A07
08:01:02.717 ComputerName: PATRICK-PC-X64 UserName: Patrick
08:01:03.856 Initialize success
08:01:03.950 AVAST engine defs: 12091802
08:01:06.165 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
08:01:06.181 Disk 0 Vendor: WDC_WD10EALS-08Z8A0 15.01H15 Size: 953869MB BusType: 11
08:01:06.196 Disk 0 MBR read successfully
08:01:06.196 Disk 0 MBR scan
08:01:06.196 Disk 0 Windows 7 default MBR code
08:01:06.196 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
08:01:06.212 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 928093 MB offset 206848
08:01:06.243 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 1900941312
08:01:06.274 Disk 0 scanning C:\windows\system32\drivers
08:01:11.344 Service scanning
08:01:21.578 Modules scanning
08:01:21.578 Disk 0 trace - called modules:
08:01:21.593 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
08:01:22.093 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d97060]
08:01:22.093 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8007ad9520]
08:01:22.093 5 ACPI.sys[fffff88000efe7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007ad5680]
08:01:23.060 AVAST engine scan C:\windows
08:01:25.728 AVAST engine scan C:\windows\system32
08:03:08.734 AVAST engine scan C:\windows\system32\drivers
08:03:14.850 AVAST engine scan C:\Users\Patrick
09:06:08.659 Disk 0 MBR has been saved successfully to "C:\Users\Patrick\Desktop\MBR.dat"
09:06:08.659 The log file has been saved successfully to "C:\Users\Patrick\Desktop\aswMBR.txt"


aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-09-19 09:07:00
-----------------------------
09:07:00.467 OS Version: Windows x64 6.1.7601 Service Pack 1
09:07:00.467 Number of processors: 4 586 0x2A07
09:07:00.467 ComputerName: PATRICK-PC-X64 UserName: Patrick
09:07:02.963 Initialize success
09:07:03.026 AVAST engine defs: 12091802
09:07:08.782 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
09:07:08.782 Disk 0 Vendor: WDC_WD10EALS-08Z8A0 15.01H15 Size: 953869MB BusType: 11
09:07:08.860 Disk 0 MBR read successfully
09:07:08.860 Disk 0 MBR scan
09:07:08.876 Disk 0 Windows 7 default MBR code
09:07:08.907 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
09:07:08.938 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 928093 MB offset 206848
09:07:09.000 Disk 0 Partition 3 00 12 Compaq diag NTFS 25675 MB offset 1900941312
09:07:09.188 Disk 0 scanning C:\windows\system32\drivers
09:08:14.474 Service scanning
09:08:24.770 Modules scanning
09:08:24.770 Disk 0 trace - called modules:
09:08:24.816 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
09:08:24.816 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8007d97060]
09:08:24.832 3 CLASSPNP.SYS[fffff8800180143f] -> nt!IofCallDriver -> [0xfffffa8007ad9520]
09:08:24.832 5 ACPI.sys[fffff88000efe7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8007ad5680]
09:08:26.189 AVAST engine scan C:\windows
09:11:56.868 AVAST engine scan C:\windows\system32
09:33:52.141 AVAST engine scan C:\windows\system32\drivers
09:36:14.758 AVAST engine scan C:\Users\Patrick
13:38:56.447 AVAST engine scan C:\ProgramData
14:13:00.597 Scan finished successfully
14:29:02.978 Disk 0 MBR has been saved successfully to "C:\Users\Patrick\Desktop\MBR.dat"
14:29:02.978 The log file has been saved successfully to "C:\Users\Patrick\Desktop\aswMBR.txt"

**********************************************************************************************************************************************************
DDS.txt

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_31
Run by Patrick at 15:26:57 on 2012-09-19
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.8040.4313 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalService
C:\Program Files\Sandboxie\SbieSvc.exe
C:\Program Files\Tablet\Pen\Pen_TouchService.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\windows\System32\spoolsv.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\windows\system32\taskeng.exe
C:\windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe
C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\windows\Explorer.EXE
C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
C:\windows\SysWOW64\nlssrv32.exe
C:\windows\system32\spool\DRIVERS\x64\3\HP1006MC.EXE
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files (x86)\jmesoft\hotkey.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\windows\system32\SearchIndexer.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\windows\system32\DllHost.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Notepad++\notepad++.exe
C:\windows\SysWOW64\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\windows\system32\DllHost.exe
C:\windows\system32\DllHost.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\system32\conhost.exe
C:\windows\SysWOW64\cscript.exe
C:\windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://lenovo.msn.com
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
uRun: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
uRun: [SandboxieControl] "C:\Program Files\Sandboxie\SbieCtrl.exe"
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\AdobeCollabSync.exe"
mRun: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRun: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
Trusted Zone: lenovo.com\consumersupport
Trusted Zone: lenovo.com.cn\edrivers
Trusted Zone: lenovo.com.cn\support4
Trusted Zone: lenovo.com.cn\think
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {9E2CD2C3-4DDA-4473-B904-B8E6D0DBAB86} - hxxp://123.127.211.194/us/en/SmartDownloading/cab/npdueng.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{DACF01DC-C65E-436F-8E3B-B24747F7B70E} : DhcpNameServer = 192.168.1.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: ContributeBHO Class: {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO-X64: AcroIEHelperStub - No File
BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
BHO-X64: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO-X64: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO-X64: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
BHO-X64: URLRedirectionBHO - No File
BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO-X64: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO-X64: SmartSelect - No File
TB-X64: Contribute Toolbar: {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll
TB-X64: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB-X64: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB-X64: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - No File
TB-X64: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
mRun-x64: [jmekey] C:\Program Files (x86)\jmesoft\hotkey.exe
mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
mRun-x64: [DigidesignMMERefresh] C:\Program Files (x86)\Digidesign\Drivers\MMERefresh.exe
mRun-x64: [UpdatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\Lenovo Rescue System" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery"
mRun-x64: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun-x64: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/ig
FF - prefs.js: keyword.URL - hxxp://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&type=937811&p=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npwacom.dll
FF - plugin: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
FF - plugin: C:\windows\system32\lenovo\update\npdueng.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_265.dll
.
============= SERVICES / DRIVERS ===============
.
R0 PxHlpa64;PxHlpa64;C:\windows\system32\Drivers\PxHlpa64.sys --> C:\windows\system32\Drivers\PxHlpa64.sys [?]
R1 aswSnx;aswSnx;C:\windows\system32\drivers\aswSnx.sys --> C:\windows\system32\drivers\aswSnx.sys [?]
R1 aswSP;aswSP;C:\windows\system32\drivers\aswSP.sys --> C:\windows\system32\drivers\aswSP.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\windows\system32\DRIVERS\dtsoftbus01.sys --> C:\windows\system32\DRIVERS\dtsoftbus01.sys [?]
R2 aswFsBlk;aswFsBlk;C:\windows\system32\drivers\aswFsBlk.sys --> C:\windows\system32\drivers\aswFsBlk.sys [?]
R2 aswMonFlt;aswMonFlt;\??\C:\windows\system32\drivers\aswMonFlt.sys --> C:\windows\system32\drivers\aswMonFlt.sys [?]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2012-8-26 44808]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2011-11-23 70496]
R2 DigiNet;Digidesign Ethernet Support;C:\windows\system32\DRIVERS\diginet.sys --> C:\windows\system32\DRIVERS\diginet.sys [?]
R2 mi-raysat_3dsmax2013_32;mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit;C:\Program Files (x86)\Autodesk\3ds Max Design 2013\NVIDIA\raysat_3dsmax2013_32server.exe [2011-9-14 86016]
R2 NIHardwareService;NIHardwareService;C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2011-4-7 5352960]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2011-2-15 66560]
R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-4-13 1153368]
R2 TabletServicePen;TabletServicePen;C:\Program Files\Tablet\Pen\Pen_Tablet.exe [2011-7-25 6583160]
R2 TouchServicePen;Wacom Consumer Touch Service;C:\Program Files\Tablet\Pen\Pen_TouchService.exe [2011-7-25 528760]
R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-4-25 2655768]
R3 e1cexpress;Intel® PRO/1000 PCI Express Network Connection Driver C;C:\windows\system32\DRIVERS\e1c62x64.sys --> C:\windows\system32\DRIVERS\e1c62x64.sys [?]
R3 GeneStor;Genesys Logic Storage Driver;C:\windows\system32\DRIVERS\GeneStor.sys --> C:\windows\system32\DRIVERS\GeneStor.sys [?]
R3 IntcDAud;Intel® Display Audio;C:\windows\system32\DRIVERS\IntcDAud.sys --> C:\windows\system32\DRIVERS\IntcDAud.sys [?]
R3 MEIx64;Intel® Management Engine Interface;C:\windows\system32\DRIVERS\HECIx64.sys --> C:\windows\system32\DRIVERS\HECIx64.sys [?]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2012-4-10 164528]
S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2011-11-23 110944]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Google Update Service (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-3 250568]
S3 cphs;Intel® Content Protection HECI Service;C:\Windows\SysWOW64\IntelCpHeciSvc.exe [2012-3-19 276248]
S3 dalwdmservice;dal service;C:\windows\system32\drivers\dalwdm.sys --> C:\windows\system32\drivers\dalwdm.sys [?]
S3 gupdatem;Google Update Service (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-7-9 136176]
S3 mbamchameleon;mbamchameleon;\??\C:\windows\system32\drivers\mbamchameleon.sys --> C:\windows\system32\drivers\mbamchameleon.sys [?]
S3 MBX2DFU;MBX2DFU;C:\windows\system32\DRIVERS\MBX2DFU.sys --> C:\windows\system32\DRIVERS\MBX2DFU.sys [?]
S3 MBX2MIDK;Digidesign Mbox 2 Midi Driver;C:\windows\system32\drivers\mbx2midk.sys --> C:\windows\system32\drivers\mbx2midk.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE [2011-6-12 31125880]
S3 mlkumidi;MusicLab Virtual Miniport MIDI Driver;C:\windows\system32\drivers\mlkumidi.sys --> C:\windows\system32\drivers\mlkumidi.sys [?]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-6-6 113120]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\windows\system32\drivers\tsusbflt.sys --> C:\windows\system32\drivers\tsusbflt.sys [?]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\system32\drivers\TsUsbGD.sys --> C:\windows\system32\drivers\TsUsbGD.sys [?]
S3 wacmoumonitor;Wacom Mode Helper;C:\windows\system32\DRIVERS\wacmoumonitor.sys --> C:\windows\system32\DRIVERS\wacmoumonitor.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\system32\Wat\WatAdminSvc.exe --> C:\windows\system32\Wat\WatAdminSvc.exe [?]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\windows\system32\DRIVERS\wdcsam64.sys --> C:\windows\system32\DRIVERS\wdcsam64.sys [?]
S3 wsvd;wsvd;C:\windows\system32\DRIVERS\wsvd.sys --> C:\windows\system32\DRIVERS\wsvd.sys [?]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\windows\system32\drivers\ymidusbx64.sys --> C:\windows\system32\drivers\ymidusbx64.sys [?]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\windows\system32\DRIVERS\yk62x64.sys --> C:\windows\system32\DRIVERS\yk62x64.sys [?]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2012-09-19 11:50:02 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE07FD37-8D8D-4A72-AB33-DC75C3FA0E86}\offreg.dll
2012-09-18 12:07:20 -------- d-----w- C:\Program Files\Common Files\Corel
2012-09-18 12:03:28 -------- d-----w- C:\ProgramData\CorelDRAW Graphics Suite X6.1
2012-09-18 12:02:15 9310152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AE07FD37-8D8D-4A72-AB33-DC75C3FA0E86}\mpengine.dll
2012-09-18 01:42:42 2160640 ----a-w- C:\windows\SysWow64\Lexicon PSP42.dll
2012-09-17 17:35:08 7744 ----a-w- C:\windows\SysWow64\HookDll.dll
2012-09-17 17:35:08 -------- d-----w- C:\Program Files (x86)\Waves
2012-09-17 16:48:53 -------- d-----w- C:\ProgramData\Mr Retro
2012-09-17 16:37:26 -------- d-----w- C:\Users\Patrick\AppData\Local\Nik Software
2012-09-17 16:29:26 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Nik Software
2012-09-17 16:27:29 -------- d-----w- C:\windows\MSSecurityNS
2012-09-17 16:27:29 -------- d-----w- C:\windows\MSSecurityNi
2012-09-17 16:18:36 -------- d-----w- C:\ProgramData\Nik Software
2012-09-17 16:18:36 -------- d-----w- C:\Program Files\Nik Software
2012-09-16 13:36:42 -------- d-----w- C:\Program Files (x86)\Common Files\Toontrack
2012-09-15 17:38:55 -------- dc-h--w- C:\ProgramData\{B47B5054-C8AD-4A73-9404-941527E95112}
2012-09-15 17:32:40 -------- dc-h--w- C:\ProgramData\{2149AC3A-6876-48A5-8ACC-4DDA07B383D2}
2012-09-15 17:28:43 -------- d-----w- C:\Program Files (x86)\Native Instruments
2012-09-15 17:13:20 -------- dc-h--w- C:\ProgramData\{27D02406-6F0F-419F-AF2F-A4EE19D2E463}
2012-09-15 17:13:16 -------- dc-h--w- C:\ProgramData\{CA03436C-933D-4ADA-9E89-2C39CC03E904}
2012-09-15 17:13:09 -------- dc-h--w- C:\ProgramData\{588D017F-D30B-4C08-8A10-1FEF7D039369}
2012-09-15 17:01:58 -------- dc-h--w- C:\ProgramData\{8BE731A3-4C9E-42CC-AC78-66742062354D}
2012-09-15 16:44:21 -------- dc-h--w- C:\ProgramData\{2E6321BB-FAC3-49D4-A09B-950445E829D2}
2012-09-15 16:00:39 -------- dc-h--w- C:\ProgramData\{95B4F0ED-951F-4D36-B068-5EC1C4C19C14}
2012-09-15 15:19:44 -------- dc-h--w- C:\ProgramData\{A8C1CCDF-B115-4A90-9BED-02286078A8DE}
2012-09-15 13:52:32 -------- dc-h--w- C:\ProgramData\{03149E88-061F-4C01-98FF-736811F5AEF5}
2012-09-15 13:48:19 -------- dc-h--w- C:\ProgramData\{E753D955-673D-4851-B06F-9A9D0C44C02C}
2012-09-15 13:43:07 -------- dc-h--w- C:\ProgramData\{87A1E31E-1C63-4A99-AEEA-EA57A3043C1D}
2012-09-14 13:45:05 -------- d-sh--w- C:\$RECYCLE.BIN
2012-09-14 13:27:01 98816 ----a-w- C:\windows\sed.exe
2012-09-14 13:27:01 518144 ----a-w- C:\windows\SWREG.exe
2012-09-14 13:27:01 256000 ----a-w- C:\windows\PEV.exe
2012-09-14 13:27:01 208896 ----a-w- C:\windows\MBR.exe
2012-09-12 20:27:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue
2012-09-12 20:27:54 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Plogue Art et Technologie, Inc
2012-09-12 12:38:04 -------- d-----w- C:\Program Files\Plogue
2012-09-12 12:27:28 950128 ----a-w- C:\windows\System32\drivers\ndis.sys
2012-09-12 12:27:28 41472 ----a-w- C:\windows\System32\drivers\RNDISMP.sys
2012-09-12 12:27:27 574464 ----a-w- C:\windows\System32\d3d10level9.dll
2012-09-12 12:27:27 490496 ----a-w- C:\windows\SysWow64\d3d10level9.dll
2012-09-12 12:27:26 376688 ----a-w- C:\windows\System32\drivers\netio.sys
2012-09-12 12:27:26 288624 ----a-w- C:\windows\System32\drivers\FWPKCLNT.SYS
2012-09-12 12:27:26 1913200 ----a-w- C:\windows\System32\drivers\tcpip.sys
2012-09-11 03:26:02 36680 ----a-w- C:\windows\System32\drivers\mbamchameleon.sys
2012-09-11 03:17:18 25928 ----a-w- C:\windows\System32\drivers\mbam.sys
2012-09-11 03:17:18 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-09-10 22:59:47 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MTexturedStyles
2012-09-10 22:59:45 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction MXXX
2012-09-10 22:59:38 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MeldaProduction IR
2012-09-10 22:49:35 -------- d-----w- C:\Users\Patrick\AppData\Local\DC8C
2012-09-10 19:56:42 64 ----a-w- C:\Users\Patrick\AppData\Roaming\wsys.sys
2012-09-10 19:55:57 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Bitsonic
2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\win_ident.sys
2012-09-10 14:26:06 64 ----a-w- C:\Users\Patrick\AppData\Roaming\tb.sys
2012-09-10 00:27:11 -------- d-----w- C:\Users\Patrick\AppData\Roaming\NUGEN Audio
2012-09-08 18:15:38 -------- d-----w- C:\Users\Patrick\AppData\Local\MusicLab
2012-09-08 18:15:38 -------- d-----w- C:\ProgramData\MusicLab
2012-09-08 18:15:18 -------- d-----w- C:\Users\Patrick\AppData\Roaming\MusicLab
2012-09-08 18:15:12 -------- d-----w- C:\Program Files (x86)\MusicLab
2012-09-08 16:33:50 -------- d-----w- C:\Program Files (x86)\Togu Audio Line
2012-09-08 16:23:08 -------- d-----w- C:\Program Files (x86)\Expert Sleepers
2012-09-08 12:27:11 146836 ----a-w- C:\windows\Curvemeister3-64 Uninstaller.exe
2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Curvemeister.com
2012-09-08 12:27:11 -------- d-----w- C:\Program Files\Common Files\Thraex Software
2012-09-08 12:26:07 146889 ----a-w- C:\windows\Curvemeister_3 Uninstaller.exe
2012-09-08 12:26:07 -------- d-----w- C:\ProgramData\Curvemeister.com
2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Curvemeister.com
2012-09-08 12:26:07 -------- d-----w- C:\Program Files (x86)\Common Files\Thraex Software
2012-09-07 15:42:38 6034944 ----a-w- C:\windows\SysWow64\PSP Neon STD.dll
2012-09-07 15:42:37 6047744 ----a-w- C:\windows\SysWow64\PSP Neon HR.dll
2012-09-07 15:42:37 5122560 ----a-w- C:\windows\SysWow64\PSP Neon MIX.dll
2012-09-07 14:24:52 -------- d-----w- C:\Users\Patrick\AppData\Local\Mozilla Firefox
2012-09-06 02:36:32 4608 ----a-w- C:\windows\System32\Viveza2FC64.dll
2012-09-06 02:36:32 3072 ----a-w- C:\windows\SysWow64\Viveza2FC32.dll
2012-09-05 19:34:53 -------- d-----w- C:\Program Files (x86)\Little Endian
2012-09-05 18:41:08 -------- d-----w- C:\Program Files (x86)\Poetic Guitar - Rainlotus
2012-09-05 00:18:08 326144 ----a-w- C:\windows\SysWow64\SilverEfexPro2FC32.dll
2012-09-05 00:18:06 4608 ----a-w- C:\windows\System32\SilverEfexPro2FC64.dll
2012-09-04 13:12:44 -------- d-----w- C:\Program Files (x86)\Sonic Charge
2012-09-03 16:19:02 -------- d-----w- C:\Program Files (x86)\IMEA Studio
2012-09-02 18:30:00 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Waves Audio
2012-09-02 01:22:01 -------- d-----w- C:\Program Files\Minimal System Instruments
2012-09-01 01:52:19 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Thinstall
2012-08-29 10:50:38 57408 ----a-w- C:\windows\System32\drivers\mlkumidi.sys
2012-08-28 02:10:26 -------- d-----w- C:\Program Files (x86)\LinPlug
2012-08-27 12:08:07 -------- d-----w- C:\ProgramData\ToguAudioLine
2012-08-27 00:44:23 -------- d-----w- C:\Program Files\Celemony
2012-08-27 00:44:22 -------- d-----w- C:\Program Files (x86)\Celemony
2012-08-27 00:31:09 -------- d-----w- C:\Program Files\Brainworx Music
2012-08-27 00:31:05 -------- d-----w- C:\Program Files (x86)\Brainworx Music
2012-08-26 15:00:00 275968 ----a-w- C:\windows\SysWow64\REX Shared Library.dll
2012-08-24 15:00:00 2181120 ----a-w- C:\windows\System32\ReWire.dll
2012-08-24 15:00:00 1431552 ----a-w- C:\windows\SysWow64\ReWire.dll
2012-08-23 12:14:23 -------- d-----w- C:\Users\Patrick\AppData\Local\Topaz Labs
2012-08-23 12:13:42 -------- d-----w- C:\Program Files\Topaz Labs
2012-08-23 12:09:08 -------- dc-h--w- C:\ProgramData\{66072046-04D4-48EA-A317-20AA5D8BACE9}
2012-08-23 12:09:03 -------- dc-h--w- C:\ProgramData\{C2FDA136-2501-43EB-ABB7-2D9AC8BFB655}
2012-08-23 11:39:33 -------- dc-h--w- C:\ProgramData\{E495C549-FA37-49F8-9EF7-A92CE55058C9}
2012-08-23 11:39:21 -------- dc-h--w- C:\ProgramData\{BB82CA89-D29D-45D2-8C0C-C824A39D588E}
2012-08-23 11:39:09 -------- dc-h--w- C:\ProgramData\{896AFBDD-72FF-40B8-B6B8-33C6022AD113}
2012-08-23 11:38:54 -------- dc-h--w- C:\ProgramData\{9C90450F-E325-424C-B16B-8809320C3F92}
2012-08-23 11:38:37 -------- dc-h--w- C:\ProgramData\{E314972B-E8D6-465D-AE74-6CC08535701F}
2012-08-23 11:38:27 -------- dc-h--w- C:\ProgramData\{EC2F7042-ADE8-4F04-9A7E-2316AD6311E2}
2012-08-23 11:38:16 -------- dc-h--w- C:\ProgramData\{5BCAA0F1-4CEB-4ED4-9E18-B9D4FB521338}
2012-08-23 11:38:07 -------- dc-h--w- C:\ProgramData\{89E2929F-C967-49CB-9FE3-FD86B97312FE}
2012-08-23 11:38:05 -------- dc-h--w- C:\ProgramData\{CB2950A3-A919-41C2-8920-64738E7DDEE8}
2012-08-23 11:37:54 -------- dc-h--w- C:\ProgramData\{B21E6C95-1429-4BC6-AA4D-4219C78235A1}
2012-08-23 11:37:49 -------- dc-h--w- C:\ProgramData\{0DEDF45C-1DEC-4670-AACA-9EC906125BFB}
2012-08-23 11:37:41 -------- dc-h--w- C:\ProgramData\{34007C15-AD5B-4CB2-A047-04AB415A841A}
2012-08-23 11:37:35 -------- dc-h--w- C:\ProgramData\{3D9F190A-0F10-4AD6-809B-E15B73D0B8BE}
2012-08-23 11:37:27 -------- dc-h--w- C:\ProgramData\{54AE07EB-BBE5-4429-9DF3-C156DB112B54}
2012-08-23 11:37:24 -------- dc-h--w- C:\ProgramData\{F7D319B6-E312-49A7-AA67-4737E676DD03}
2012-08-23 11:37:14 -------- dc-h--w- C:\ProgramData\{35056848-1DF5-4D37-85C5-0134DA6F6DFD}
2012-08-23 11:37:05 -------- dc-h--w- C:\ProgramData\{3FC6E797-6A27-41D8-BCD6-DFD8BCD6103E}
2012-08-23 11:36:58 -------- dc-h--w- C:\ProgramData\{33BC0E96-6441-46C9-9F09-529996C10736}
2012-08-23 11:36:49 -------- dc-h--w- C:\ProgramData\{ABC7326D-27C4-4601-8B2C-50AABC4C287C}
2012-08-23 11:36:42 -------- dc-h--w- C:\ProgramData\{AE93E0EC-AB92-4D27-9DA8-1BCEE7181244}
2012-08-23 11:36:39 -------- dc-h--w- C:\ProgramData\{A86A537E-18B3-414C-8CA0-92F4066C1B5C}
2012-08-23 11:36:38 -------- d-----w- C:\Program Files\Common Files\Topaz Labs
2012-08-23 11:36:30 -------- dc-h--w- C:\ProgramData\{6172A493-DBB5-49D2-B3DC-94690BB85ACF}
2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Topaz Labs
2012-08-23 11:36:28 -------- d-----w- C:\Program Files (x86)\Common Files\Topaz Labs
2012-08-23 11:35:53 -------- d-----w- C:\Users\Patrick\AppData\Local\PackageAware
2012-08-22 21:40:40 -------- d-----w- C:\Users\Patrick\AppData\Roaming\4Front
2012-08-21 00:11:55 -------- d-----w- C:\Users\Patrick\AppData\Roaming\Sublime Text 2
2012-08-21 00:11:41 -------- d-----w- C:\Program Files\Sublime Text 2
.
==================== Find3M ====================
.
2012-08-24 11:32:54 73416 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-24 11:32:54 696520 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe
2012-08-21 09:13:13 969200 ----a-w- C:\windows\System32\drivers\aswSnx.sys
2012-08-21 09:13:12 71600 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys
2012-08-21 09:13:12 54072 ----a-w- C:\windows\System32\drivers\aswRdr2.sys
2012-08-21 09:12:33 41224 ----a-w- C:\windows\avastSS.scr
2012-08-10 16:28:14 134088 ----a-w- C:\windows\ColorPic Uninstaller.exe
2012-08-06 15:00:00 276480 ----a-w- C:\windows\System32\XilsFiles64.dll
2012-08-06 15:00:00 229376 ----a-w- C:\windows\SysWow64\XilsFiles32.dll
2012-07-18 18:15:06 3148800 ----a-w- C:\windows\System32\win32k.sys
2012-07-06 12:17:09 715117 ----a-w- C:\windows\unins004.exe
2012-07-04 22:13:27 59392 ----a-w- C:\windows\System32\browcli.dll
2012-07-04 22:13:27 136704 ----a-w- C:\windows\System32\browser.dll
2012-07-04 21:14:34 41984 ----a-w- C:\windows\SysWow64\browcli.dll
2012-06-29 03:56:34 2312704 ----a-w- C:\windows\System32\jscript9.dll
2012-06-29 03:49:11 1392128 ----a-w- C:\windows\System32\wininet.dll
2012-06-29 03:48:07 1494528 ----a-w- C:\windows\System32\inetcpl.cpl
2012-06-29 03:43:49 173056 ----a-w- C:\windows\System32\ieUnatt.exe
2012-06-29 03:39:48 2382848 ----a-w- C:\windows\System32\mshtml.tlb
2012-06-29 00:16:58 1800704 ----a-w- C:\windows\SysWow64\jscript9.dll
2012-06-29 00:09:01 1129472 ----a-w- C:\windows\SysWow64\wininet.dll
2012-06-29 00:08:59 1427968 ----a-w- C:\windows\SysWow64\inetcpl.cpl
2012-06-29 00:04:43 142848 ----a-w- C:\windows\SysWow64\ieUnatt.exe
2012-06-29 00:00:45 2382848 ----a-w- C:\windows\SysWow64\mshtml.tlb
2012-06-25 20:04:24 1394248 ----a-w- C:\windows\SysWow64\msxml4.dll
.
============= FINISH: 15:27:20.25 ===============

Attach.txt

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-08-26.01)
.
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 7/9/2011 3:26:10 AM
System Uptime: 9/19/2012 7:29:08 AM (8 hours ago)
.
Motherboard: LENOVO | | To be filled by O.E.M.
Processor: Intel® Core™ i3-2100 CPU @ 3.10GHz | CPU 1 | 3100/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 906 GiB total, 169.352 GiB free.
D: is CDROM ()
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
2C-Audio Aether
2C-Audio Breeze
AAS - Chromaphone
Adobe Acrobat X Pro - English, Français, Deutsch
Adobe After Effects CS5.5
Adobe AIR
Adobe Content Viewer
Adobe Creative Suite 5.5 Master Collection
Adobe Dreamweaver CS5.5
Adobe Dreamweaver CS6
Adobe Fireworks CS6
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Flash Professional CS6
Adobe Help Manager
Adobe Illustrator CS6
Adobe InDesign CS6
Adobe kuler
Adobe Media Player
Adobe Photoshop CS6
Adobe Premiere Pro CS5.5
Adobe Soundbooth CS5
Adobe Story
Adobe Widget Browser
AKVIS SmartMask
Alien Skin Blow Up
Alien Skin Exposure 2
Alien Skin Snap Art
Alternative Rock EZmix pack
Amaya
Amazon Kindle
Ambiotica REFiLL
Analog Factory 2.5
Apple Application Support
Apple Software Update
ARP2600 V2 2.0
Artillery2
ArtsAcoustic BigRock v1.0.7
ArtsAcoustic CL Series v1.0.19
ASIO4ALL
Autodesk 3ds Max Design 2013 32-bit
Autodesk Backburner 2013.0.0
Autodesk Civil View for 3ds Max Design 2013
Autodesk Essential Skills Movies for 3ds Max Design 2013 32-bit
Autodesk FBX Plug-in 2013.1 - 3ds Max Design 2013
Autodesk Inventor Server Engine for 3ds Max Design 2013 32-bit
Autodesk Material Library 2013
Autodesk Material Library Base Resolution Image Library 2013
Autodesk Material Library Medium Resolution Image Library 2013
AV Bros. Page Curl Pro 2.2 (Remove Only)
avast! Free Antivirus
Bamboo Dock
BazzISM2 VST2 2.4.6
Best Buy pc app
Big Fish Audio First Call Horns
Blue Cat's Protector RTAS 2.0 Demo
Blue Cat's Protector VST 2.0 Demo
BlueGriffon version 1.1.1
BlueStacks (alpha)
Brass 2.0.5
calibre
Camel Audio Alchemy
Catanya 1.0.1
ChordWizard Songtrix Gold 3.0
Chuck Ainlay EZmix pack
Clubotica REFiLL
ColorPic
Composite 2013
Corel Painter Essentials 4
CorelDRAW Graphics Suite X6 - IPM Content
CS-80V2 2.0
Curvemeister_3
D3DX10
DAEMON Tools Lite
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Devine Machine Lucifer VST v2.1
Digidesign Audio Drivers 8.0
Digidesign Pro Tools Creative Collection 8.0
Digidesign Pro Tools LE 8.0
discoDSP Discovery Pro
DisplayFusion 3.3.1
DMGAudio EQuality 1.17
DMGAudio PitchFunk 1.02
Drumaxx
DX10
East West EWQLSO Gold Edition
Edison
Electronic EZmix pack
eLicenser Control
EQ500 version 1.0.0
EZkeys Grand Piano
EZkeys Player 32-bit
EZmix 32-bit
FileZilla Client 3.5.3
Filter Forge 2.008
Filtrate 1.101
FL Studio 10
Free DigiRack Plug-Ins 8.0
FXpansion DCAMDynamics
FXpansion Free Comp
FXpansion Tremor
Genesys USB Mass Storage Device
Git version 1.7.6-preview20110708
GlaceVerb 1.01
Google Chrome
Google Earth
Google Toolbar for Internet Explorer
Google Update Helper
Hardcore
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)
Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)
IL Autogun
IL Download Manager
IL DrumSynth Live
IL Gross Beat
IL Harmless
IL Juice Pack
IL Ogun
IL Slicex
IL Vocodex
Inkscape 0.48.2
Intel® C++ Redistributables for Windows* on IA-32
Intel® C++ Redistributables for Windows* on Intel® 64
Intel® C++ Redistributables on IA-32
Intel® Control Center
Intel® Management Engine Components
Intel® Processor Graphics
iZotope iDrum
iZotope Iris
Java Auto Updater
Java™ 6 Update 31
Junk Mail filter update
Jupiter-8V2 2.0
Lenovo Driver and Application Installation
Lenovo Rescue System
Lenovo USB2.0 UVC Camera
Lexicon PSP 42 32bit
LinPlug relectro
Live 8.2.7
LVT
LXH-JME2207FN Hotkey Driver
Macromedia FreeHand MXa
MAGIX Speed burnR (MSI)
MAGMA Installer
Malwarebytes Anti-Malware version 1.65.0.1400
Mark Needham EZmix pack
Maximus
Mesh Runtime
Metal Essentials EZmix pack
Metal EZmix pack
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft Application Error Reporting
Microsoft Expression Blend 3 SDK
Microsoft Expression Blend 4
Microsoft Expression Blend SDK for .NET 4
Microsoft Expression Blend SDK for Silverlight 4
Microsoft Expression Design 4
Microsoft Expression Encoder 4
Microsoft Expression Encoder 4 Screen Capture Codec
Microsoft Expression Studio 4
Microsoft Expression Web 4
Microsoft Expression Web 4 Service Pack 2
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft Silverlight
Microsoft Silverlight 3 SDK
Microsoft Silverlight 4 SDK
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319
Microsoft Visual F# 2.0 Runtime
Microsoft Visual Studio Macro Tools
Microsoft Visual Studio Tools for Applications 2.0 - ENU
Microsoft Visual Studio Tools for Applications 2.0 Runtime
Microsoft Web Embedding Fonts Tool (III)
Microsoft_VC80_ATL_x86
Microsoft_VC80_CRT_x86
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFCLOC_x86
Microsoft_VC90_ATL_x86
Microsoft_VC90_CRT_x86
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFCLOC_x86
minimoog V2 2.0
Miroslav Philharmonik CE
Modern PopRock EZmix pack
Moog Modular V 2.5
Morphine
Mozilla Firefox 13.0.1 (x86 en-US)
Mozilla Firefox 15.0.1 (x86 en-US)
Mozilla Maintenance Service
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB973685)
Native Instruments Abbey Road 60s Drums
Native Instruments Absynth 5
Native Instruments Battery 3
Native Instruments Battery Library Importer for Maschine
Native Instruments Berlin Concert Grand
Native Instruments Controller Editor
Native Instruments Damage
Native Instruments Enhanced EQ
Native Instruments FM8
Native Instruments Guitar Rig 5
Native Instruments Komplete 8
Native Instruments Kontakt 5
Native Instruments Kontakt Factory Library
Native Instruments Massive
Native Instruments New York Concert Grand
Native Instruments Passive EQ
Native Instruments Rammfire
Native Instruments Razor
Native Instruments Reaktor 5
Native Instruments Reaktor Prism
Native Instruments Reaktor Spark R2
Native Instruments Reflektor
Native Instruments Scarbee MM-Bass
Native Instruments Scarbee Vintage Keys
Native Instruments Service Center
Native Instruments Skanner XT
Native Instruments Studio Drummer
Native Instruments The Finger R2
Native Instruments The Mouth
Native Instruments Traktors 12
Native Instruments Transient Master
Native Instruments Upright Piano
Native Instruments Vari Comp
Native Instruments Vienna Concert Grand
Native Instruments Vintage Organs
Native Instruments West Africa
nebula3 CM
Noise Reduction Plug-in 2.0i
Noisebud CatchDad
Notepad++
Nuklear VST2 1.1.4
Opera 11.52
PAP 4.0
PAP project files
Pazera Free MP4 to AVI Converter 1.6
PDF Settings CS5
PDF Settings CS6
PDFMate Free PDF Converter 1.10
photoFXlab (32 bit)
Poise 1.1.19
PreSonus Studio One 2
Prophet-V2 2.0
PSP 608 MultiDelay 32bit
PSP Neon 32bit
PTC-2A version 1.0.1
PxMergeModule
Quark Update
QuarkXPress
QuickTime
Realtek High Definition Audio Driver
REAPER
Reason 5.0
Redwirez mixIR2 version 1.0.171
REFLEX PRO V2
reFX Nexus VSTi RTAS v2.2.0
reFX quadraSID 1.6.0
reFX Vanguard VSTi RTAS v1.8.0
rgc:audio sfz+ VSTi v1.01
rgcAudio Square I VSTi v1.2
Rob Papen Albino 3
Rob Papen BLUE Version 1.8.5d
Rob Papen Predator RTAS V1.6.2
Rob Papen Predator V1.6.2a
Rob Papen Punch 32 Bits 1.0.3
Robotronic
Rock EZmix pack
Roger Nichols Digital SIGNATURE Bundle VST RTAS v1.9.3
Ruby 1.9.3-p194
Safari
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
Security Update for Microsoft .NET Framework 4 Extended (KB2416472)
Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
Security Update for Microsoft Expression Design 4 (KB2667730)
Security Update for Microsoft InfoPath 2010 (KB2553322) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2553431) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553260) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589322) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Visual Studio Macro Tools (KB2669970)
SEQ1 Master
SEQ2 Master
Sequoia 12
Sharpener Pro 3.0
shortcircuit
Sibelius 7 OpenType Fonts
Silver Efex Pro 2
SimSynth
Slate Digital FG-X Mastering Processor VST RTAS v1.1.2
Softube Trident A-Range VST RTAS v1.0.2
Softube Tube-Tech CL 1B VST RTAS v1.0.3
Softube Tube Delay VST RTAS v1.0.5
Softube Vintage Amp Room VST RTAS v1.0.8
Sonalksis Plug-in Manager 3.00
Songwriters Tools EZmix pack
Sonnoxplugins Oxford Elite Collection Native v1.0
Sound Forge Pro 10.0
Spark Vintage Drum Machines 1.0.2
Splat! 1.0
Spybot - Search & Destroy
Steinberg VST Classics 1
Sugar Bytes Guitarist Library 1.0
SynthMaster 2.5 VST/VSTi version 2.5.3.109
Sytrus
TerraTec Komplexer VSTi 1.0.3
The T-Pain Effect Bundle
Topaz Adjust 5
Topaz Adjust 5 (64-bit)
Topaz B&W Effects
Topaz B&W Effects (64-bit)
Topaz Clean 3
Topaz Clean 3 (64-bit)
Topaz DeJpeg 4
Topaz DeJpeg 4 (64-bit)
Topaz DeNoise 5
Topaz DeNoise 5 (64-bit)
Topaz Detail 2
Topaz Detail 2 (64-bit)
Topaz Fusion Express 2
Topaz Fusion Express 2 (64-bit)
Topaz InFocus
Topaz InFocus (64-bit)
Topaz Lens Effects
Topaz Lens Effects (64-bit)
Topaz ReMask 3
Topaz ReMask 3 (64-bit)
Topaz Simplify 3
Topaz Simplify 3 (64-bit)
Topaz Star Effects
Topaz Star Effects (64-bit)
Toxic DEMO v2.1
TubeOhm Alpha-Ray
Universal Extractor 1.6.1
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Update for Microsoft .NET Framework 4 Extended (KB2468871)
Update for Microsoft .NET Framework 4 Extended (KB2533523)
Update for Microsoft .NET Framework 4 Extended (KB2600217)
Update for Microsoft Office 2010 (KB2494150)
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553272) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598289) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
ValhallaRoom 1.1.0
ValhallaUberMod 1.0.1
VAZ 2010 2.1.4
VAZ Modular 3.2.4
VAZ Plus 2.1.7
Vegas Pro 11.0
Vember Audio SURGE
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU
Visualizer v1.9.2
Viveza 2
VKFX 2.2.8
VLC media player 2.0.1
Vogue
VTE-2A version 1.0.7
W2 Harmonizer v1.0
WampServer 2.2
Wasp
Wave Arts Tube Saturator
Waves Complete V9r6
WebTablet FB Plugin
WebTablet IE Plugin
WebTablet Netscape Plugin
Windows 7 Upgrade Advisor
Windows Internet Explorer Platform Preview
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Mesh
Windows Live Mesh ActiveX Control for Remote Connections
Windows Live Messenger
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
WinPcap 4.1.2
WOW
WPF Toolkit February 2010 (Version 3.5.50211.1)
.
==== Event Viewer Messages From Past Week ========
.
9/19/2012 7:30:04 AM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.
9/18/2012 8:00:09 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the ShellHWDetection service.
9/18/2012 11:21:19 AM, Error: Disk [11] - The driver detected a controller error on \Device\Harddisk1\DR1.
9/14/2012 9:44:16 AM, Error: Service Control Manager [7023] - The Windows Defender service terminated with the following error: The specified module could not be found.
9/14/2012 9:43:31 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly.
9/14/2012 9:42:56 AM, Error: Application Popup [1060] - \??\C:\jimmyCrackCorn\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
9/14/2012 9:29:16 AM, Error: Service Control Manager [7034] - The mental ray 3.10 Satellite for Autodesk 3ds Max 2013 32-bit service terminated unexpectedly. It has done this 1 time(s).
.
==== End Of File ===========================

#4 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,379 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 19 September 2012 - 04:35 PM

Step 1

  • Please re-run AdwCleaner
  • Click on Delete button.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.


Step 2

Please download Rkill to your desktop. There are two main different versions. If one of them won't run then download and try to run the other one. You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.


  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the second RKill version. Do not reboot until instructed. If the tool does not run from any of the links provided, please let me know.
  • When the scan is done Notepad will open with rKill log. Post it in your next reply.

    NOTE: rKill.txt log will also be present on your desktop.


    Step 3

    [list]
  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Perform Quick Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.


In your next reply, post the following log files:

  • AdwCleaner log
  • RKill log
  • Malwarebytes' Anti-Malware log

My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#5 zoid9

zoid9

    New Member

  • Members
  • Pip
  • 5 posts

Posted 19 September 2012 - 05:29 PM

It looks like I am clean now. Thank you so much. :D

# AdwCleaner v2.002 - Logfile created 09/19/2012 at 17:58:55
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Patrick - PATRICK-PC-X64
# Boot Mode : Normal
# Running from : C:\Users\Patrick\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

File Deleted : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\searchplugins\Askcom.xml
Folder Deleted : C:\Users\Patrick\AppData\Local\APN

***** [Registry] *****

Key Deleted : HKCU\Software\Conduit
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Restored : [HKCU\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-18\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-19\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]
Restored : [HKU\S-1-5-20\Software\Microsoft\Internet Explorer\SearchScopes - DefaultScope]

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Patrick\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1597 octets] - [19/09/2012 07:56:20]
AdwCleaner[S1].txt - [2071 octets] - [19/09/2012 17:58:55]

########## EOF - C:\AdwCleaner[S1].txt - [2131 octets] ##########


Rkill 2.4.3 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2012 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingc...opic308364.html

Program started at: 09/19/2012 06:09:16 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 localhost
127.0.0.1 3dns.adobe.com 3dns-1.adobe.com 3dns-2.adobe.com 3dns-3.adobe.com 3dns-4.adobe.com activate.adobe.com activate-sea.adobe.com activate-sjc0.adobe.com activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com activate.wip2.adobe.com activate.wip3.adobe.com activate.wip4.adobe.com adobe-dns.adobe.com adobe-dns-1.adobe.com adobe-dns-2.adobe.com adobe-dns-3.adobe.com adobe-dns-4.adobe.com
127.0.0.1 adobeereg.com practivate.adobe practivate.adobe.com practivate.adobe.newoa practivate.adobe.ntp practivate.adobe.ipp ereg.adobe.com ereg.wip.adobe.com ereg.wip1.adobe.com
127.0.0.1 ereg.wip2.adobe.com ereg.wip3.adobe.com ereg.wip4.adobe.com hl2rcv.adobe.com wip.adobe.com wip1.adobe.com wip2.adobe.com wip3.adobe.com wip4.adobe.com
127.0.0.1 www.adobeereg.com wwis-dubc1-vip60.adobe.com www.wip.adobe.com www.wip1.adobe.com
127.0.0.1 www.wip2.adobe.com www.wip3.adobe.com www.wip4.adobe.com wwis-dubc1-vip60.adobe.com crl.verisign.net CRL.VERISIGN.NET ood.opsource.net
127.0.0.1 adobe.activate.com

Program finished at: 09/19/2012 06:09:26 PM
Execution time: 0 hours(s), 0 minute(s), and 9 seconds(s)

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.09.19.12

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Patrick :: PATRICK-PC-X64 [administrator]

9/19/2012 6:16:22 PM
mbam-log-2012-09-19 (18-16-22).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 222728
Time elapsed: 5 minute(s), 21 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

#6 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,379 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 20 September 2012 - 04:58 AM

  • Please re-run AdwCleaner
  • Click on Delete button.
  • Confirm each time with OK.
  • Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile in your reply.

Note: You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#7 zoid9

zoid9

    New Member

  • Members
  • Pip
  • 5 posts

Posted 20 September 2012 - 07:09 AM

Here is the AdwCleaner logfile.

# AdwCleaner v2.002 - Logfile created 09/20/2012 at 07:59:39
# Updated 16/09/2012 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : Patrick - PATRICK-PC-X64
# Boot Mode : Normal
# Running from : C:\Users\Patrick\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v15.0.1 (en-US)

Profile name : default
File : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\lyjhzd4v.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

-\\ Opera v11.52.1100.0

File : C:\Users\Patrick\AppData\Roaming\Opera\Opera\operaprefs.ini

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [1597 octets] - [19/09/2012 07:56:20]
AdwCleaner[S1].txt - [2198 octets] - [19/09/2012 17:58:55]
AdwCleaner[S2].txt - [1101 octets] - [20/09/2012 07:59:39]

########## EOF - C:\AdwCleaner[S2].txt - [1161 octets] ##########

#8 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,379 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 20 September 2012 - 08:39 AM

How are things now?
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#9 zoid9

zoid9

    New Member

  • Members
  • Pip
  • 5 posts

Posted 20 September 2012 - 10:35 AM

Everything works fine.

I never had any other problems before this other than the fact that Malwarebytes stopped completing its scans
and crashed as soon as I clicked anywhere on the interface.
That made me very worried.
I'm happy again. Yay. :lol:

#10 Maniac

Maniac

    Forum Deity

  • Experts
  • PipPipPipPipPipPip
  • 21,379 posts
  • Gender:Male
  • Location:Bulgaria, EU

Posted 20 September 2012 - 11:01 AM

Glad I could help! :)

Please manually delete AdwCleaner, RKill, DDS and aswMBR.

Some malware prevention tips:
http://www.users.tel...prevention.html


Safe surfing! :)
My help is free, however, if you wish to make a small donation to show appreciation and to help me continue the fight against Malware, then click here paypal.gif

#11 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 21 September 2012 - 08:31 AM

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users