Jump to content


Photo
- - - - -

Thankful of Any Possible Help!


  • This topic is locked This topic is locked
2 replies to this topic

#1 bubblemax

bubblemax

    New Member

  • Members
  • Pip
  • 2 posts

Posted 28 February 2013 - 09:43 AM

I think my Windows 8 computer might have a virus. It has been crashing frequently without warning, simply shutting down. It doesn't seem like a problem with heating or the computer fan, and sometimes as soon as it starts up, it crashed. Luckily, I had installed Malwarebytes before this infection, and it confirmed to me that it my computer was indeed infected. However, after that first scan it placed the files in quarantine and I had tried to delete them. However, when I restart my computer, sometimes the deleted viruses in quarantine are still in the quarantine, and after further scans, Malwarebytes keeps saying that no more threats were detected, despite the shutdown problem still existing. I'm worried that the problem may be more serious than I had initially thought, and I would be extremely thankful of any possible help.

Here's my DDS.txt.

DDS (Ver_2012-11-20.01) - NTFS_AMD64 NETWORK
Internet Explorer: 10.0.9200.16482

BrowserJavaVersion: 10.13.2
Run by Arthur at 6:21:04 on 2013-02-28
Microsoft Windows 8

6.2.9200.0.1252.1.1033.18.3982.3197 [GMT -8:00]
.
AV: Kaspersky PURE 2.0 *Enabled/Updated*

{C3113FBF-4BCB-4461-D78D-6EDFEC9593E5}
AV: Windows Defender *Disabled/Updated*

{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Kaspersky PURE 2.0 *Enabled/Updated*

{7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Disabled/Updated*

{D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k

LocalServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\dwm.exe
C:\Windows\system32\svchost.exe -k

LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k

NetworkService
C:\Windows\system32\svchost.exe -k

LocalServiceNoNetwork
C:\Windows\Explorer.EXE
C:\Windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox

\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://asus13.msn.com
uDefault_Page_URL = hxxp://asus13.msn.com
mWinlogon: Userinit = userinit.exe,
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283

-A596-FA578C2EBDC3} - C:\Program Files

(x86)\Common Files\Adobe\Acrobat\ActiveX

\AcroIEHelperShim.dll
BHO: ExplorerBHO Class: {449D0D6E-2412-4E61-

B68F-1CB625CD9E52} - C:\Program Files\Classic

Shell\ClassicExplorer32.dll
BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-

6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky

Lab\Kaspersky PURE 2.0\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-

4D22-B7F9-0BBC1D38A37E} - C:\Program Files

(x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-

D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files

(x86)\Java\jre7\bin\ssv.dll
BHO: Office Document Cache Handler: {B4F3A835-

0E21-4959-BA22-42B3008E02FF} - C:\Program Files

(x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-

A445-435b-BC74-9C25C1C588A9} - C:\Program Files

(x86)\Java\jre7\bin\jp2ssv.dll
BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-

819F76A199F8} - C:\Program Files (x86)\Kaspersky

Lab\Kaspersky PURE 2.0\klwtbbho.dll
BHO: ClassicIE9BHO Class: {EA801577-E6AD-4BD5-

8F71-4BE0154331A4} - C:\Program Files\Classic

Shell\ClassicIE9DLL_32.dll
BHO: DVDVideoSoft WebPageAdjuster Class:

{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:

\Program Files (x86)\Common Files\DVDVideoSoft

\bin\IEDownloadMenuAndBtns.dll
TB: Classic Explorer Bar: {553891B7-A0D5-4526-

BE18-D3CE461D6310} - C:\Program Files\Classic

Shell\ClassicExplorer32.dll
uRun: [DAEMON Tools Lite] "C:\Program Files

(x86)\DAEMON Tools Lite\DTLite.exe" -autorun
mRun: [Adobe Reader Speed Launcher] "C:\Program

Files (x86)\Adobe\Reader 10.0\Reader

\Reader_sl.exe"
mRun: [Adobe ARM] "C:\Program Files (x86)\Common

Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [ASUSWebStorage] C:\Program Files

(x86)\ASUS\WebStorage Sync Agent

\1.1.9.120\AsusWSPanel.exe /S
mRun: [SunJavaUpdateSched] "C:\Program Files

(x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common

Files\Apple\Apple Application Support

\APSDaemon.exe"
mRun: [iTunesHelper] "C:\Program Files

(x86)\iTunes\iTunesHelper.exe"
mRun: [BCSSync] "C:\Program Files

(x86)\Microsoft Office\Office14\BCSSync.exe"

/DelayServices
mRun: [AVP] "C:\Program Files (x86)\Kaspersky

Lab\Kaspersky PURE 2.0\avp.exe"
StartupFolder: C:\Users\Arthur\AppData\Roaming

\MICROS~1\Windows\STARTM~1\Programs\Startup

\Dropbox.lnk - C:\Users\Arthur\AppData\Roaming

\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Arthur\AppData\Roaming

\MICROS~1\Windows\STARTM~1\Programs\Startup

\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft

Office\Office14\ONENOTEM.EXE
IE: Add to Anti-Banner - C:\Program Files

(x86)\Kaspersky Lab\Kaspersky PURE

2.0\ie_banner_deny.htm
IE: E&xport to Microsoft Excel - C:

\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Program Files

(x86)\Common Files\DVDVideoSoft\plugins

\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program

Files (x86)\Common Files\DVDVideoSoft\plugins

\freeytmp3downloader.htm
IE: Se&nd to OneNote - C:

\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} -

{48E73304-E1D6-4330-914C-F5F514E3486C} - C:

\Program Files (x86)\Microsoft Office

\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} -

{4248FE82-7FCB-46AC-B270-339F08212110} - C:

\Program Files (x86)\Kaspersky Lab\Kaspersky

PURE 2.0\ievkbd.dll
IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:

\Program Files\Classic Shell\ClassicIE9_32.exe
IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} -

{553891B7-A0D5-4526-BE18-D3CE461D6310}
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -

{FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:

\Program Files (x86)\Microsoft Office

\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} -

{CCF151D8-D089-449F-A5A4-D9909053F20F} - C:

\Program Files (x86)\Kaspersky Lab\Kaspersky

PURE 2.0\klwtbbho.dll
IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -

{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:

\Program Files (x86)\Common Files\DVDVideoSoft

\bin\IEDownloadMenuAndBtns.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: NameServer = 192.168.1.254 75.153.176.9
TCP: Interfaces\{574EDBB9-5B46-445E-9282-

AD6C2928248A} : DHCPNameServer = 192.168.1.254

75.153.176.9
TCP: Interfaces\{574EDBB9-5B46-445E-9282-

AD6C2928248A}\35443363E27457563747 :

DHCPNameServer = 192.75.26.15 142.22.250.77

142.32.100.15
TCP: Interfaces\{734994DD-600A-414E-A5F3-

D2F44DBC184D} : DHCPNameServer = 40.53.1.201
Filter: text/xml - {807573E5-5146-11D5-A672-

00B0D022E945} - C:\Program Files (x86)\Common

Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-

83F89B8E6324} - C:\Program Files (x86)\Windows

Live\Photo Gallery

\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190

-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files

(x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96}

- "C:\Program Files (x86)\Google\Chrome

\Application\25.0.1364.97\Installer\chrmstp.exe"

--configure-user-settings --verbose-logging --

system-level --multi-install --chrome
x64-BHO: ExplorerBHO Class: {449D0D6E-2412-4E61

-B68F-1CB625CD9E52} - C:\Program Files\Classic

Shell\ClassicExplorer64.dll
x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-

A1A8-6FA9CCA1862C} - C:\Program Files

(x86)\Kaspersky Lab\Kaspersky PURE

2.0\x64\ievkbd.dll
x64-BHO: Groove GFS Browser Helper: {72853161-

30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files

\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Office Document Cache Handler:

{B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:

\Program Files\Microsoft Office

\Office14\URLREDIR.DLL
x64-BHO: FilterBHO Class: {E33CF602-D945-461A-

83F0-819F76A199F8} - C:\Program Files

(x86)\Kaspersky Lab\Kaspersky PURE

2.0\x64\klwtbbho.dll
x64-BHO: ClassicIE9BHO Class: {EA801577-E6AD-

4BD5-8F71-4BE0154331A4} - C:\Program Files

\Classic Shell\ClassicIE9DLL_64.dll
x64-BHO: DVDVideoSoft WebPageAdjuster Class:

{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:

\Program Files (x86)\Common Files\DVDVideoSoft

\bin\IEDownloadMenuAndBtns64.dll
x64-TB: Classic Explorer Bar: {553891B7-A0D5-

4526-BE18-D3CE461D6310} - C:\Program Files

\Classic Shell\ClassicExplorer64.dll
x64-Run: [IgfxTray] C:\Windows

\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows

\System32\hkcmd.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek

\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ACMON] C:\Program Files (x86)\ASUS

\Splendid\ACMON.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} -

{48E73304-E1D6-4330-914C-F5F514E3486C} - C:

\Program Files\Microsoft Office

\Office14\ONBttnIE.dll
x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} -

{4248FE82-7FCB-46AC-B270-339F08212110} - C:

\Program Files (x86)\Kaspersky Lab\Kaspersky

PURE 2.0\x64\ievkbd.dll
x64-IE: {56753E59-AF1D-4FBA-9E15-31557124ADA2} -

C:\Program Files\Classic Shell\ClassicIE9_32.exe
x64-IE: {64964764-1101-4bbd-8891-B56B1A53B9B3} -

{553891B7-A0D5-4526-BE18-D3CE461D6310}
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} -

{FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:

\Program Files\Microsoft Office

\Office14\ONBttnIELinkedNotes.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} -

{CCF151D8-D089-449F-A5A4-D9909053F20F} - C:

\Program Files (x86)\Kaspersky Lab\Kaspersky

PURE 2.0\x64\klwtbbho.dll
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -

{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:

\Program Files (x86)\Common Files\DVDVideoSoft

\bin\IEDownloadMenuAndBtns64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672

-00B0D022E945} - C:\Program Files\Common Files

\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-

83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: klogon - C:\Windows

\System32\klogon.dll
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook -

{B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:

\Program Files\Microsoft Office

\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Arthur\AppData

\Roaming\Mozilla\Firefox\Profiles

\romtk208.default\
FF - plugin: C:

\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:

\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google

\Update\1.3.21.135\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel

® Management Engine Components\IPT

\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel

® Management Engine Components\IPT

\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java

\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Windows

Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash

\NPSWF32_11_6_602_168.dll
FF - plugin: C:\Windows

\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-02-26 22:23;

KavAntiBanner@Kaspersky.ru; C:\Program Files

(x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt

\KavAntiBanner@Kaspersky.ru
FF - ExtSQL: 2013-02-26 22:24;

virtualKeyboard@kaspersky.ru; C:\Program Files

(x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt

\virtualKeyboard@kaspersky.ru
FF - ExtSQL: 2013-02-26 22:24;

linkfilter@kaspersky.ru; C:\Program Files

(x86)\Kaspersky Lab\Kaspersky PURE 2.0\FFExt

\linkfilter@kaspersky.ru
.
============= SERVICES / DRIVERS ===============
.
R0 CSCrySec;InfoWatch Encrypt Sector Library

driver;C:\Windows\System32\Drivers\CSCrySec.sys

[2013-2-26 85048]
R0 iaStorA;iaStorA;C:\Windows\System32\Drivers

\iaStorA.sys [2012-7-5 645952]
R1 dtsoftbus01;DAEMON Tools Virtual Bus

Driver;C:\Windows\System32\Drivers

\dtsoftbus01.sys [2013-2-24 283200]
R1 kl2;kl2;C:\Windows\System32\Drivers\kl2.sys

[2011-10-20 13616]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:

\Windows\System32\Drivers\klim6.sys [2011-3-10

29488]
R3 ATP;ASUS PS/2 Port Input Device;C:\Windows

\System32\Drivers\AsusTP.sys [2012-10-31 61824]
R3 HIDSwitch;ASUS Wireless Radio Control;C:

\Windows\System32\Drivers\AsHIDSwitch64.sys

[2012-8-28 21152]
R3 netr28x;Ralink 802.11n Extensible Wireless

Driver;C:\Windows\System32\Drivers\netr28x.sys

[2012-12-14 1951304]
R3 RTL8168;Realtek 8168 NT Driver;C:\Windows

\System32\Drivers\Rt630x64.sys [2012-12-14

690832]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program

Files (x86)\ASUS\ATK Package\ATK WMIACPI

\atkwmiacpi64.sys [2011-9-7 17536]
S1 CSVirtualDiskDrv;InfoWatch Virtual Disk

driver;C:\Windows\System32\Drivers

\CSVirtualDiskDrv.sys [2013-2-26 66104]
S2 ASMMAP64;ASMMAP64;C:\Program Files

(x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys

[2009-7-2 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;C:

\Program Files (x86)\ASUS\ASUS InstantOn

\InsOnSrv.exe [2012-4-13 277120]
S2 AutoKMS;AutoKMS;C:\Windows\AutoKMS

\AutoKMS.exe [2013-2-17 732160]
S2 AVP;Kaspersky Anti-Virus Service;C:\Program

Files (x86)\Kaspersky Lab\Kaspersky PURE

2.0\avp.exe [2012-8-30 202328]
S2 CSObjectsSrv;CryptoStorage control

service;C:\Program Files (x86)\Common Files

\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

[2009-12-21 743992]
S2 Intel® Capability Licensing Service

Interface;Intel® Capability Licensing Service

Interface;C:\Program Files\Intel\iCLS Client

\HeciServer.exe [2012-4-20 635104]
S2 jhi_service;Intel® Dynamic Application

Loader Host Interface Service;C:\Program Files

(x86)\Intel\Intel® Management Engine

Components\DAL\Jhi_service.exe [2012-12-14

166720]
S2 UNS;Intel® Management and Security

Application User Notification Service;C:\Program

Files (x86)\Intel\Intel® Management Engine

Components\UNS\UNS.exe [2012-12-14 365376]
S3 IntcDAud;Intel® Display Audio;C:\Windows

\System32\Drivers\IntcDAud.sys [2012-8-28

342528]
S3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows

\System32\Drivers\klmouflt.sys [2009-11-2 22544]
S3 RSBASTOR;Realtek PCIE CardReader Driver -

BA;C:\Windows\System32\Drivers\RtsBaStor.sys

[2012-12-14 294544]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows

\System32\Drivers\usbaapl64.sys [2012-7-9 52736]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users

\Arthur\Downloads\RealTemp_370\WinRing0x64.sys

[2013-2-26 14544]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\Windows

\System32\Drivers\WUDFRd.sys [2012-7-25 198656]
.
=============== Created Last 30 ================
.
2013-02-28 14:07:50 -------- d-----w-

C:\Program Files (x86)\VS Revo Group
2013-02-27 11:47:33 -------- d-----w-

C:\Windows\LastGood.Tmp
2013-02-27 06:27:33 -------- d-----r-

C:\Backup
2013-02-27 06:24:17 85048 ----a-w-

C:\Windows\System32\drivers\CSCrySec.sys
2013-02-27 06:24:17 66104 ----a-w-

C:\Windows\System32\drivers\CSVirtualDiskDrv.sys
2013-02-27 06:23:05 -------- d-----w-

C:\Program Files (x86)\Common Files\InfoWatch
2013-02-27 06:22:58 -------- d-----w-

C:\ProgramData\Kaspersky Lab
2013-02-27 06:22:58 -------- d-----w-

C:\Program Files (x86)\Kaspersky Lab
2013-02-27 05:58:03 22528 ----a-w-

C:\Windows\System32\drivers\nhcDriver.sys
2013-02-27 05:57:25 -------- d-----w-

C:\Program Files (x86)\Notebook Hardware Control
2013-02-26 09:33:48 -------- d-----w-

C:\Windows\pss
2013-02-26 09:20:26 20992 ----a-w-

C:\Windows\jestertb.dll
2013-02-26 09:12:59 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\Malwarebytes
2013-02-26 09:12:51 24176 ----a-w-

C:\Windows\System32\drivers\mbam.sys
2013-02-26 09:12:51 -------- d-----w-

C:\ProgramData\Malwarebytes
2013-02-26 09:12:51 -------- d-----w-

C:\Program Files (x86)\Malwarebytes' Anti-

Malware
2013-02-26 08:42:49 -------- d-----w-

C:\Users\Arthur\AppData\Local\Diagnostics
2013-02-24 09:20:53 -------- d--h--w-

C:\Windows\msdownld.tmp
2013-02-24 09:20:49 -------- d-----w-

C:\Windows\SysWow64\directx
2013-02-24 08:24:51 -------- d-----w-

C:\Program Files (x86)\Empire Total War
2013-02-24 08:22:10 283200 ----a-w-

C:\Windows\System32\drivers\dtsoftbus01.sys
2013-02-24 08:22:05 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\DAEMON Tools

Lite
2013-02-24 08:22:03 -------- d-----w-

C:\Program Files (x86)\DAEMON Tools Lite
2013-02-24 07:52:19 -------- d-----w-

C:\ProgramData\DAEMON Tools Lite
2013-02-24 05:04:30 -------- d-----w-

C:\Users\Arthur\AppData\Local\WMTools Downloaded

Files
2013-02-24 05:03:54 -------- d-----w-

C:\Program Files (x86)\Movie Maker 2.6
2013-02-24 04:23:28 -------- d-----w-

C:\Users\Arthur\AppData\Local

\ElevatedDiagnostics
2013-02-24 04:21:52 -------- d-----w-

C:\Windows\RegisteredPackages
2013-02-22 23:37:31 -------- d-----w-

C:\Users\Arthur\AppData\Local\SCE
2013-02-22 14:08:41 190224 ----a-w-

C:\ProgramData\Microsoft\Windows\Sqm\Manifest

\Sqm10194.bin
2013-02-22 02:09:47 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\The Creative

Assembly
2013-02-22 02:06:58 4991496 ----a-w-

C:\Windows\System32\D3DX9_38.dll
2013-02-20 09:52:27 -------- d-----w-

C:\Windows\en
2013-02-20 09:06:21 -------- d-----w-

C:\ProgramData\ASUS
2013-02-20 07:16:08 -------- d-----w-

C:\Program Files (x86)\Common Files\Steam
2013-02-20 07:16:07 -------- d-----w-

C:\Program Files (x86)\Steam
2013-02-20 06:08:09 21 ----a-w-

C:\Users\Arthur\AppData\Roaming\my_intel.sys
2013-02-19 21:35:59 151552 ----a-w-

C:\Windows\KMSEmulator.exe
2013-02-18 02:21:02 89944 -c--a-w-

C:\Program Files (x86)\Common Files\Windows

Live\.cache\96f9c15e1ce0d7e04\DSETUP.dll
2013-02-18 02:21:02 537432 -c--a-w-

C:\Program Files (x86)\Common Files\Windows

Live\.cache\96f9c15e1ce0d7e04\DXSETUP.exe
2013-02-18 02:21:02 1801048 -c--a-w-

C:\Program Files (x86)\Common Files\Windows

Live\.cache\96f9c15e1ce0d7e04\dsetup32.dll
2013-02-18 02:20:41 89944 -c--a-w-

C:\Program Files (x86)\Common Files\Windows

Live\.cache\8bed2ce11ce0d7e02\DSETUP.dll
2013-02-18 02:20:41 537432 -c--a-w-

C:\Program Files (x86)\Common Files\Windows

Live\.cache\8bed2ce11ce0d7e02\DXSETUP.exe
2013-02-18 02:20:41 1801048 -c--a-w-

C:\Program Files (x86)\Common Files\Windows

Live\.cache\8bed2ce11ce0d7e02\dsetup32.dll
2013-02-18 02:20:29 -------- d-----w-

C:\Users\Arthur\AppData\Local\Windows Live
2013-02-18 02:19:54 -------- d-----w-

C:\Program Files (x86)\Common Files\Windows Live
2013-02-18 01:50:21 -------- d-----w-

C:\Program Files (x86)\Microsoft Synchronization

Services
2013-02-18 01:49:29 -------- d-----w-

C:\Windows\PCHEALTH
2013-02-18 01:49:29 -------- d-----w-

C:\Program Files (x86)\Microsoft SQL Server

Compact Edition
2013-02-18 01:43:57 -------- d-----w-

C:\Program Files (x86)\Microsoft Visual Studio 8
2013-02-18 01:42:16 -------- d-----w-

C:\Program Files (x86)\Microsoft Analysis

Services
2013-02-18 01:40:40 -------- d-----w-

C:\Users\Arthur\AppData\Local\Microsoft Help
2013-02-18 01:37:47 -------- d-----w-

C:\Windows\AutoKMS
2013-02-17 16:51:43 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\DVDVideoSoft
2013-02-17 16:51:43 -------- d-----w-

C:\Program Files (x86)\DVDVideoSoft
2013-02-17 16:51:43 -------- d-----w-

C:\Program Files (x86)\Common Files\DVDVideoSoft
2013-02-17 14:38:16 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\LolClient
2013-02-17 08:30:41 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\ASUS
2013-02-16 19:49:02 68616 ----a-w-

C:\Windows\SysWow64\XAPOFX1_1.dll
2013-02-16 19:49:02 509448 ----a-w-

C:\Windows\SysWow64\XAudio2_2.dll
2013-02-16 19:49:02 467984 ----a-w-

C:\Windows\SysWow64\d3dx10_39.dll
2013-02-16 19:49:02 3851784 ----a-w-

C:\Windows\SysWow64\D3DX9_39.dll
2013-02-16 19:49:02 1493528 ----a-w-

C:\Windows\SysWow64\D3DCompiler_39.dll
2013-02-16 19:44:14 -------- d-----w-

C:\Riot Games
2013-02-16 19:08:13 -------- d-----w-

C:\Program Files (x86)\Lame For Audacity
2013-02-16 19:08:06 -------- d-----w-

C:\Program Files (x86)\Audacity
2013-02-16 18:15:28 -------- d-----w-

C:\Users\Arthur\Dropbox
2013-02-16 15:55:58 16114176 ----a-w-

C:\Program Files\Common Files\Microsoft Shared

\Microsoft Camera Codec Pack

\MicrosoftRawCodec.dll
2013-02-16 15:55:57 15541248 ----a-w-

C:\Program Files (x86)\Common Files\Microsoft

Shared\Microsoft Camera Codec Pack

\MicrosoftRawCodec.dll
2013-02-16 15:52:27 -------- d-----w-

C:\Users\Arthur\AppData\Local\Apple Computer
2013-02-16 15:52:16 33240 ----a-w-

C:\Windows\System32\drivers\GEARAspiWDM.sys
2013-02-16 15:50:20 -------- d-----w-

C:\Program Files\iPod
2013-02-16 15:50:18 -------- d-----w-

C:\ProgramData\34BE82C4-E596-4e99-A191-

52C6199EBF69
2013-02-16 15:50:18 -------- d-----w-

C:\Program Files\iTunes
2013-02-16 15:50:18 -------- d-----w-

C:\Program Files (x86)\iTunes
2013-02-16 15:49:34 -------- d-----w-

C:\Users\Arthur\AppData\Local\Apple
2013-02-16 15:47:19 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\Dropbox
2013-02-16 15:46:22 -------- d-----w-

C:\Program Files\Bonjour
2013-02-16 15:46:22 -------- d-----w-

C:\Program Files (x86)\Bonjour
2013-02-16 15:42:14 -------- d-----w-

C:\Users\Arthur\AppData\Local\Google
2013-02-16 15:39:27 -------- d-----w-

C:\Program Files (x86)\VideoLAN
2013-02-16 15:14:34 -------- d-----w-

C:\Program Files (x86)\Pando Networks
2013-02-16 15:14:22 -------- d-----w-

C:\Users\Arthur\.swt
2013-02-16 15:13:29 -------- d-----w-

C:\Program Files\Classic Shell
2013-02-16 15:07:42 11776 ----a-w-

C:\Windows\skipmetrosuite.exe
2013-02-16 15:02:24 11459584 ----a-w-

C:\Windows\System32\glcndFilter.dll
2013-02-16 15:02:20 10096640 ----a-w-

C:\Windows\System32\twinui.dll
2013-02-16 15:02:19 8856576 ----a-w-

C:\Windows\SysWow64\twinui.dll
2013-02-16 15:02:16 8552448 ----a-w-

C:\Windows\SysWow64\glcndFilter.dll
2013-02-16 14:57:59 212992 ----a-w-

C:\Windows\System32\bthprops.cpl
2013-02-16 14:53:25 618496 ----a-w-

C:\Windows\System32\drivers\srv2.sys
2013-02-16 14:53:24 109568 ----a-w-

C:\Windows\System32\dskquota.dll
2013-02-16 14:53:01 82944 ----a-w-

C:\Windows\SysWow64\dskquota.dll
2013-02-16 14:52:28 929792 ----a-w-

C:\Windows\SysWow64\mfnetsrc.dll
2013-02-16 14:52:28 568832 ----a-w-

C:\Windows\SysWow64\mfnetcore.dll
2013-02-16 14:52:28 1172992 ----a-w-

C:\Windows\System32\mfnetsrc.dll
2013-02-16 14:52:27 850944 ----a-w-

C:\Windows\SysWow64\mfasfsrcsnk.dll
2013-02-16 14:52:27 677888 ----a-w-

C:\Windows\System32\mfnetcore.dll
2013-02-16 14:52:27 673280 ----a-w-

C:\Windows\System32\mfmpeg2srcsnk.dll
2013-02-16 14:52:27 513024 ----a-w-

C:\Windows\SysWow64\mfmpeg2srcsnk.dll
2013-02-16 14:52:26 1048064 ----a-w-

C:\Windows\System32\mfasfsrcsnk.dll
2013-02-16 14:50:59 562392 ----a-w-

C:\Windows\System32\drivers\cng.sys
2013-02-16 14:49:53 178176 ----a-w-

C:\Windows\System32\SystemEventsBrokerServer.dll
2013-02-16 14:48:54 1131520 ----a-w-

C:\Windows\System32\AppXDeploymentServer.dll
2013-02-16 14:47:59 329960 ----a-w-

C:\Windows\System32\drivers\storport.sys
2013-02-16 14:46:22 83456 ----a-w-

C:\Windows\System32\drivers\hidclass.sys
2013-02-16 14:42:22 1690624 ----a-w-

C:\Windows\System32\GdiPlus.dll
2013-02-16 14:42:22 1437696 ----a-w-

C:\Windows\SysWow64\GdiPlus.dll
2013-02-16 14:40:27 17888 ----a-w-

C:\Windows\System32\msvcr100_clr0400.dll
2013-02-16 14:40:22 17888 ----a-w-

C:\Windows\SysWow64\msvcr100_clr0400.dll
2013-02-16 14:12:31 -------- d-----w-

C:\Program Files (x86)\AnvSoft
2013-02-16 14:10:55 -------- d-----w-

C:\Users\Arthur\AppData\Local\Programs
2013-02-16 13:59:38 -------- d-----w-

C:\Users\Arthur\AppData\Roaming

\DVDVideoSoftIEHelpers
2013-02-14 16:24:46 4055552 ----a-w-

C:\Windows\System32\win32k.sys
2013-02-14 16:24:24 144384 ----a-w-

C:\Windows\System32\tssdisai.dll
2013-02-14 16:24:24 135680 ----a-w-

C:\Windows\System32\appserverai.dll
2013-02-14 16:24:24 126976 ----a-w-

C:\Windows\System32\RDWebAI.dll
2013-02-14 16:24:24 122880 ----a-w-

C:\Windows\System32\VmHostAI.dll
2013-02-14 16:24:20 148480 ----a-w-

C:\Windows\System32\poqexec.exe
2013-02-14 16:24:19 132608 ----a-w-

C:\Windows\SysWow64\poqexec.exe
2013-02-14 16:24:07 94208 ----a-w-

C:\Windows\System32\synceng.dll
2013-02-14 16:24:07 72192 ----a-w-

C:\Windows\SysWow64\synceng.dll
2013-02-14 16:24:02 86016 ----a-w-

C:\Windows\System32\ncryptsslp.dll
2013-02-14 16:24:02 71168 ----a-w-

C:\Windows\SysWow64\ncryptsslp.dll
2013-02-14 16:23:39 6967016 ----a-w-

C:\Windows\System32\ntoskrnl.exe
2013-02-14 16:23:38 2226408 ----a-w-

C:\Windows\System32\drivers\tcpip.sys
2013-02-14 16:23:22 2048 ----a-w-

C:\Windows\SysWow64\tzres.dll
2013-02-14 16:23:22 2048 ----a-w-

C:\Windows\System32\tzres.dll
2013-02-14 16:23:04 -------- d-----w-

C:\Users\Arthur\AppData\Local\Macromedia
2013-02-14 16:21:58 96256 ----a-w-

C:\Windows\System32\fontsub.dll
2013-02-14 16:19:03 -------- d-----w-

C:\Program Files (x86)\SystemRequirementsLab
2013-02-14 16:17:57 861088 ----a-w-

C:\Windows\SysWow64\npDeployJava1.dll
2013-02-14 16:17:57 782240 ----a-w-

C:\Windows\SysWow64\deployJava1.dll
2013-02-14 16:17:54 95648 ----a-w-

C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-14 16:00:05 50784 ----a-w-

C:\ProgramData\Microsoft\windowsfiltering\Sqm

\Manifest\Sqm3.bin
2013-02-14 16:00:03 18528 ----a-w-

C:\ProgramData\Microsoft\windowssampling\Sqm

\Manifest\Sqm2.bin
2013-02-14 15:36:52 -------- d-----w-

C:\sources
2013-02-14 12:02:27 -------- d-----w-

C:\Users\Arthur\AppData\Local\Adobe
2013-02-14 10:23:57 -------- d-----w-

C:\Users\Arthur\AppData\Roaming\ASUS WebStorage
2013-02-14 10:23:48 155 ----a-w-

C:\Users\Arthur\AppData\Roaming\sp_data.sys
2013-02-14 10:23:20 -------- d-----r-

C:\Users\Arthur\Searches
2013-02-14 10:23:20 -------- d-----r-

C:\Users\Arthur\Contacts
2013-02-14 10:23:07 -------- d-----w-

C:\ProgramData\FolderView
.
==================== Find3M

====================
.
2013-02-06 23:06:14 78176 ----a-w-

C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-06 23:06:14 692576 ----a-w-

C:\Windows\SysWow64\FlashPlayerApp.exe
2013-01-16 00:35:49 44032 ----a-w-

C:\Windows\SysWow64\UXInit.dll
2013-01-16 00:31:26 53760 ----a-w-

C:\Windows\System32\UXInit.dll
2013-01-10 01:53:32 28904 ----a-w-

C:\Windows\System32\drivers\msgpiowin32.sys
2013-01-10 01:40:39 1448168 ----a-w-

C:\Windows\System32\drivers\dxgkrnl.sys
2013-01-10 01:40:38 303848 ----a-w-

C:\Windows\System32\drivers\dxgmms1.sys
2013-01-10 01:39:29 194280 ----a-w-

C:\Windows\System32\drivers\sdbus.sys
2013-01-10 01:39:22 124648 ----a-w-

C:\Windows\System32\drivers\dumpsd.sys
2013-01-10 01:29:56 91880 ----a-w-

C:\Windows\System32\drivers\partmgr.sys
2013-01-10 01:29:54 1934056 ----a-w-

C:\Windows\System32\drivers\ntfs.sys
2013-01-10 01:29:21 785504 ----a-w-

C:\Windows\System32\drivers\Wdf01000.sys
2013-01-09 23:26:53 83968 ----a-w-

C:\Windows\SysWow64\wiaacmgr.exe
2013-01-09 23:26:46 1611776 ----a-w-

C:\Windows\SysWow64\mmc.exe
2013-01-09 23:26:35 410624 ----a-w-

C:\Windows\SysWow64\Windows.Networking.dll
2013-01-09 23:26:35 261120 ----a-w-

C:\Windows\SysWow64\Windows.Media.dll
2013-01-09 23:26:23 1752064 ----a-w-

C:\Windows\SysWow64\setupapi.dll
2013-01-09 23:26:20 67584 ----a-w-

C:\Windows\SysWow64\samlib.dll
2013-01-09 23:26:08 115712 ----a-w-

C:\Windows\SysWow64\netprofm.dll
2013-01-09 23:26:04 890880 ----a-w-

C:\Windows\SysWow64\msctf.dll
2013-01-09 23:26:03 436736 ----a-w-

C:\Windows\SysWow64\MP4SDECD.DLL
2013-01-09 23:23:32 95232 ----a-w-

C:\Windows\System32\wiaacmgr.exe
2013-01-09 23:23:25 2094592 ----a-w-

C:\Windows\System32\mmc.exe
2013-01-09 23:23:23 240640 ----a-w-

C:\Windows\System32\fsquirt.exe
2013-01-09 23:23:18 256000 ----a-w-

C:\Windows\System32\WSDMon.dll
2013-01-09 23:23:16 1964544 ----a-w-

C:\Windows\System32\wlidsvc.dll
2013-01-09 23:23:14 594944 ----a-w-

C:\Windows\System32\Windows.Networking.dll
2013-01-09 23:23:14 406016 ----a-w-

C:\Windows\System32\Windows.Media.dll
2013-01-09 23:23:07 1886208 ----a-w-

C:\Windows\System32\setupapi.dll
2013-01-09 23:23:05 728064 ----a-w-

C:\Windows\System32\samsrv.dll
2013-01-09 23:22:53 464384 ----a-w-

C:\Windows\System32\netprofmsvc.dll
2013-01-09 23:22:53 151040 ----a-w-

C:\Windows\System32\netprofm.dll
2013-01-09 23:22:43 1120768 ----a-w-

C:\Windows\System32\msctf.dll
2013-01-09 23:22:41 666112 ----a-w-

C:\Windows\System32\MP4SDECD.DLL
2013-01-09 23:22:35 438272 ----a-w-

C:\Windows\System32\lsm.dll
2013-01-09 23:22:29 894464 ----a-w-

C:\Windows\System32\iphlpsvc.dll
2013-01-09 23:22:29 159232 ----a-w-

C:\Windows\System32\inetpp.dll
2013-01-09 23:22:26 49152 ----a-w-

C:\Windows\System32\drivers\UMDF\HidBthLE.dll
2013-01-09 23:22:05 1918464 ----a-w-

C:\Windows\System32\wbem\cimwin32.dll
2013-01-09 03:59:47 341504 ----a-w-

C:\Windows\System32\drivers\HdAudio.sys
2013-01-09 03:59:16 74752 ----a-w-

C:\Windows\System32\drivers\BTHUSB.SYS
2013-01-09 03:58:34 51712 ----a-w-

C:\Windows\System32\drivers\bthenum.sys
2013-01-09 03:57:50 1175040 ----a-w-

C:\Windows\System32\drivers\bthport.sys
2013-01-04 05:32:36 2706432 ----a-w-

C:\Windows\SysWow64\mshtml.tlb
2013-01-04 04:19:53 2706432 ----a-w-

C:\Windows\System32\mshtml.tlb
2012-12-20 00:37:37 1775616 ----a-w-

C:\Windows\SysWow64\wininet.dll
2012-12-20 00:37:04 2881536 ----a-w-

C:\Windows\SysWow64\jscript9.dll
2012-12-20 00:37:02 61440 ----a-w-

C:\Windows\SysWow64\iesetup.dll
2012-12-20 00:37:02 109056 ----a-w-

C:\Windows\SysWow64\iesysprep.dll
2012-12-20 00:36:50 431616 ----a-w-

C:\Windows\apppatch\AcSpecfc.dll
2012-12-20 00:29:16 2246656 ----a-w-

C:\Windows\System32\wininet.dll
2012-12-20 00:29:11 907776 ----a-w-

C:\Windows\System32\uxtheme.dll
2012-12-20 00:28:29 3966464 ----a-w-

C:\Windows\System32\jscript9.dll
2012-12-20 00:28:26 136704 ----a-w-

C:\Windows\System32\iesysprep.dll
2012-12-20 00:28:04 39936 ----a-w-

C:\Windows\apppatch\apppatch64\acspecfc.dll
2012-12-18 01:56:27 534528 ----a-w-

C:\Windows\SysWow64\uxtheme.dll
2012-12-16 08:28:20 46080 ----a-w-

C:\Windows\System32\atmlib.dll
2012-12-16 08:20:01 35328 ----a-w-

C:\Windows\SysWow64\atmlib.dll
2012-12-16 08:08:33 362496 ----a-w-

C:\Windows\System32\atmfd.dll
2012-12-16 07:57:09 300032 ----a-w-

C:\Windows\SysWow64\atmfd.dll
2012-12-06 04:23:00 170496 ----a-w-

C:\Windows\System32\TimeBrokerServer.dll
2012-12-04 04:21:42 368640 ----a-w-

C:\Windows\System32\sppwinob.dll
.
============= FINISH: 6:21:51.33

===============





Here is my attach.txt.

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 8
Boot Device: \Device\HarddiskVolume1
Install Date: 2/14/2013 2:21:22 AM
System Uptime: 2/28/2013 5:57:50 AM (1 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | X501A1
Processor: Intel® Pentium® CPU 2020M @ 2.40GHz | SOCKET 0 | 2395/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 444 GiB total, 226.07 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP4: 2/17/2013 5:37:24 PM - Installed Microsoft Office Professional Plus 2010
RP5: 2/19/2013 11:14:54 PM - Installed Steam
RP6: 2/21/2013 6:04:15 PM - Installed DirectX
RP7: 2/23/2013 8:21:18 PM - Installed Windows Movie Maker 2.0
RP8: 2/27/2013 1:24:05 AM - Removed Java 7 Update 13
.
==== Installed Programs ======================
.
Adobe Flash Player 11 Plugin
Adobe Reader X MUI
Any Video Converter 5 5.0.3
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ASUS Instant Connect
ASUS InstantOn
ASUS LifeFrame3
ASUS Live Update
ASUS Power4Gear Hybrid
ASUS Smart Gesture
ASUS Splendid Video Enhancement Technology
ASUS Tutor
ASUS WebStorage Sync Agent
AsusVibe2.0
ATK Package
Audacity 2.0.3
Bonjour
Cisco EAP-FAST Module
Cisco LEAP Module
Cisco PEAP Module
Classic Shell
D3DX10
DAEMON Tools Lite
DarthMod Empire
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Dropbox
Free Studio version 2013
Google Chrome
Google Update Helper
Intel® Management Engine Components
Intel® Processor Graphics
Intel® SDK for OpenCL - CPU Only Runtime Package
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 13
Java Auto Updater
Kaspersky PURE 2.0
LAME v3.99.3 (for Windows)
League of Legends
Malwarebytes Anti-Malware version 1.70.0.1100
Microsoft Application Error Reporting
Microsoft Office
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 64-bit MUI (English) 2010
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Movie Maker
Mozilla Firefox 5.0 (x86 en-US)
MSVCRT
MSVCRT110
MSVCRT110_amd64
Notebook Hardware Control 2.0 Pre-Release-06 Bugfix
Photo Common
Photo Gallery
PlanetSide 2
Ralink RT2860 Wireless LAN Card
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
Realtek PCIE Card Reader
Revo Uninstaller 1.94
Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687417) 32-Bit Edition
Security Update for Microsoft InfoPath 2010 (KB2687436) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553091)
Security Update for Microsoft Office 2010 (KB2553096)
Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2597986) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition
Security Update for Microsoft Visio 2010 (KB2687508) 32-Bit Edition
Security Update for Microsoft Visio Viewer 2010 (KB2598287) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition
Shared C Run-time for x64
Steam
System Requirements Lab CYRI
System Requirements Lab Detection
Team Fortress 2
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553092)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2687277) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition
VLC media player 2.0.5
Windows Driver Package - ASUS (ATP) Mouse (10/29/2012 1.0.0.148)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Movie Maker 2.0
Windows Movie Maker 2.6
WinFlash
WinRAR 4.20 (64-bit)
.
==== Event Viewer Messages From Past Week ========
.
2/28/2013 6:21:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
2/28/2013 6:21:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "Unavailable" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
2/28/2013 6:13:56 AM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start.
2/28/2013 5:58:33 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "Unavailable" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
2/28/2013 5:58:23 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "Unavailable" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
2/28/2013 5:24:30 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046}
2/28/2013 12:56:49 AM, Error: Service Control Manager [7000] - The PortableVBoxUSBMon service failed to start due to the following error: The system cannot find the path specified.
2/28/2013 12:56:49 AM, Error: Service Control Manager [7000] - The PortableVBoxDRV service failed to start due to the following error: The system cannot find the path specified.
2/28/2013 12:56:48 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the AutoKMS service to connect.
2/28/2013 12:56:48 AM, Error: Service Control Manager [7000] - The AutoKMS service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/27/2013 1:55:29 PM, Error: Microsoft-Windows-Kernel-Power [137] - The system firmware has changed the processor's memory type range registers (MTRRs) across a sleep state transition (S4). This can result in reduced resume performance.
2/26/2013 9:35:02 PM, Error: Microsoft-Windows-Kernel-General [5] - {Registry Hive Recovered} Registry hive (file): '\??\C:\Users\Arthur\AppData\Local\Microsoft\Windows\UsrClass.dat' was corrupted and it has been recovered. Some data might have been lost.
2/26/2013 10:05:07 PM, Error: Service Control Manager [7000] - The Notebook Hardware Control Driver service failed to start due to the following error: This driver has been blocked from loading
2/26/2013 10:05:07 PM, Error: Application Popup [1060] -
2/26/2013 1:34:55 AM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the DHCP Client service which failed to start because of the following error: The dependency service or group failed to start.
2/26/2013 1:34:55 AM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start.
2/26/2013 1:34:55 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "Unavailable" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89}
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub System service which failed to start because of the following error: A device attached to the system is not functioning.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI Proxy Service Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning.
2/26/2013 1:34:29 AM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning.
2/25/2013 5:48:17 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
2/25/2013 5:48:17 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
2/25/2013 5:46:39 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer SECURESMARTTECH that believes that it is the master browser for the domain on transport NetBT_Tcpip_{574EDBB9-5B46-445E-9282-AD6C2928248A}. The master browser is stopping or an election is being forced.
2/25/2013 5:30:01 PM, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x00000133 (0x0000000000000000, 0x0000000000000281, 0x0000000000000280, 0x0000000000000000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 022513-18734-01.
2/24/2013 5:05:47 PM, Error: bowser [8003] - The master browser has received a server announcement from the computer CHAN_COMPUTER that believes that it is the master browser for the domain on transport NetBT_Tcpip_{574EDBB9-5B46-445E-9282-AD6C2928248A}. The master browser is stopping or an election is being forced.
.
==== End Of File ===========================

#2 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 02 March 2013 - 10:02 AM

Hello Arthur and welcome to MalwareBytes forum.

If you have the MBAM PRO license you may contact the Consumer Help Desk directly for help in removing an infection here.
If you are in an organization or a corporate customer, contact Corporate Support for assistance.
IF you do that, then let me know right away.

Please do advise if this system is a Asus "tablet" or a typical notebook or a desktop-style system.
How new is the system? i.e., how long since you have had it?
Confirm for me that this system has a keyboard ! if not then STOP and advise me of that.

What antivirus was installed on the system when it was brand new? Windows Defender ? or what ?

When did you get Kaspersky ? and is that a trial ?

Is this system one that you upgraded to Windows 8 from a previous Windows version? if so, when did you do & what old version?

Do understand that if an item is in Quarantine in MBAM then it is not "active" and it is out of the way.

Your DDS report is -NOT- readable and is a jumble. Your setting in Notepad may be off or maybe you are not doing the Copy & Paste properly.
Unless you get proper log posted, we will not get very far.

Step 2
Start NOTEPAD {press Windows-key+R key to get RUN option, and type in NOTEPAD.exe and tap Enter-key.
Start NOTEPAD. Check and make sure "word wrap" is off.
From Notepad main menu bar, Select F (format) and make sure Word Wrap is NOT checked.
IF it -is- checkmarked, click that one time so that it is un-checked.

Step 3
To show all files:
  • Press and hold Windows-key & then press R key to get the RUN menu.
  • Type in
    explorer.exe
    and press Enter
  • When in Windows Explorer, press ALT-key then V key to get VIEW menu
  • Look at the top ribbon, right side. {the Show/Hide block}
  • Look at the line Hidden items. IF it has no checkmark, then Click the box one time so that it is checked.

Step 4
Disable CD-ROM Emulation Software:
Please download the following tool DeFogger to your desktop.
◦Double click DeFogger to run the tool.
◦The application window will appear
◦Click the Disable button to disable your CD Emulation drivers.
◦Click Yes to continue
◦A 'Finished!' message will appear
◦Click OK
◦DeFogger will now ask to reboot the machine - click OK
◦IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop.
◦Do not re-enable these drivers until otherwise instructed.

Step 5
Use NOTEPAD to copy all contents of a given report { open .... do a CTRL+A or use the menu Select ALL then select COPY}
then you do a right-click inside Reply box and do CTRL+V keys or Paste directly inside main-body of reply box.
At the very worst, if this is all too complicated, then & only then Attach the log file in a reply. use the MORE Reply option

I must have a new DDS report set

Disable any script blocker if your antivirus/antimalware has it.
On Vista/ Windows 7/ Windows 8 do a RIGHT-click on dds and select Run As Administrator :excl:
On Windows XP double click dds to run the tool.

DDS will run in a command prompt window and will take 3 to 4 minutes or so.
Follow and answer the prompts as appropriate.

  • When done, DDS will open two (2) logs:
  • DDS.txt
  • Attach.txt
  • Save both reports to your desktop.
    Allow to save over (overwrite) any prior copy
Please Copy & Paste contents of DDS.txt log into main-body of your next reply.

Edited by Maurice Naggar, 02 March 2013 - 10:08 AM.

Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.

#3 Maurice Naggar

Maurice Naggar

    Staff

  • Moderators
  • PipPipPipPipPipPip
  • 14,550 posts
  • Gender:Male
  • Location:USA
  • Interests:Security, Windows, Windows Update, malware prevention

Posted 06 March 2013 - 11:07 AM

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!
Maurice Naggar
Product Support

staff.png

Follow us: Twitter, Become a fan: Facebook

I close my threads if there is 5 days without a response.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users