BSoD caused by Malwarebytes

[killallmalware]

Hello. I'm new to the Malwarebytes forum and I just recently bought the PRO version of Malwarebytes Anti-Malware. This incident has occured: whenever I do a quick scan in my administrator account and when Malwarebytes found a threat, in the middle of the scan, I would get the Blue Screen of Death. It said it had to do with some sort of kernel problem. This has happened 2 times. However, when I ran a quick scan in my limited account, no threats were detected and the Blue Screen of Death didn't show up. I have provided the 2 requested logs.

DDS.txt contents:

.

DDS (Ver_2011-08-26.01) - NTFSx86

Internet Explorer: 9.0.8112.16421

Run by Nimda at 12:26:14 on 2012-04-03

Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.2046.1078 [GMT -7:00]

.

AV: Norton 360 *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Users\Mom\AppData\Local\CrossLoop\CrossLoopService.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k hpdevmgmt

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe

C:\Windows\System32\svchost.exe -k HPZ12

C:\Program Files\Nuance\PDF Professional 7\PDFProFiltSrv.exe

C:\Windows\System32\svchost.exe -k HPZ12

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\SearchIndexer.exe

C:\Windows\system32\svchost.exe -k HPService

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\WUDFHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Norton 360\Engine\5.2.0.13\ccSvcHst.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Elantech\ETDCtrl.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe

C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

\\?\C:\Windows\system32\wbem\WMIADAP.EXE

C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\DllHost.exe

C:\Windows\system32\conhost.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com/

mWinlogon: Userinit=c:\windows\system32\userinit.exe

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File

BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hp\digital imaging\smart web printing\hpswp_printenhancer.dll

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll

BHO: PlusIEEventHelper Class: {551a852f-39a6-44a7-9c13-afbec9185a9d} - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll

BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton 360\engine\5.2.0.13\coIEPlg.dll

BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton 360\engine\5.2.0.13\ips\IPSBHO.DLL

BHO: Java Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll

BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~2\office14\URLREDIR.DLL

BHO: ZeonIEEventHelper Class: {da986d7d-ccaf-47b2-84fe-bfa1549bebf9} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: Microsoft Web Test Recorder 10.0 Helper: {dda57003-0068-4ed2-9d32-4d1ec707d94d} - c:\program files\microsoft visual studio 10.0\common7\ide\privateassemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll

BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton 360\engine\5.2.0.13\coIEPlg.dll

TB: DocuCom PDF: {e3286bf1-e654-42ff-b4a6-5e111731df6b} - c:\program files\nuance\pdf professional 7\bin\ZeonIEFavClient.dll

EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll

EB: Web Test Recorder 10.0: {5802d092-1784-4908-8cdb-99b6842d353d} - mscoree.dll

uRun: [iSUSPM] "c:\programdata\flexnet\connect\11\ISUSPM.exe" -scheduler

mRun: [ETDWare] %ProgramFiles%\Elantech\ETDCtrl.exe

mRun: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"

mRun: [switchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe

mRun: [AdobeCS6ServiceManager] "c:\program files\common files\adobe\cs6servicemanager\CS6ServiceManager.exe" -launchedbylogin

mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office14\EXCEL.EXE/3000

IE: Open with Nuance PDF Converter 7 - c:\program files\nuance\pdf professional 7\cnvres_eng.dll /100

IE: Open with PDF Professional 7 - c:\program files\nuance\pdf professional 7\bin\PlusIEContextMenu.dll/PlusIEContextMenu.htm

IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hp\digital imaging\smart web printing\hpswp_BHO.dll

DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: DhcpNameServer = 192.168.1.254

TCP: Interfaces\{096B7C05-3AB6-4981-BFDF-2F2ECC6AF8DE} : DhcpNameServer = 192.168.1.254

TCP: Interfaces\{C3A24C77-1FA4-40C5-B947-A9E672F3AB04} : DhcpNameServer = 192.168.1.254

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\nimda\appdata\roaming\mozilla\firefox\profiles\cktzc9uw.default\

FF - plugin: c:\progra~1\micros~2\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~2\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\4.1.10111.0\npctrlui.dll

.

============= SERVICES / DRIVERS ===============

.

R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\n360\0502000.00d\symds.sys [2012-3-1 340088]

R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\n360\0502000.00d\symefa.sys [2012-3-1 744568]

R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.2.1\definitions\bashdefs\20120317.002\BHDrvx86.sys [2012-3-19 820856]

R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\n360_5.0.2.1\definitions\ipsdefs\20120401.001\IDSvix86.sys [2012-4-2 368248]

R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\n360\0502000.00d\ironx86.sys [2012-3-1 136312]

R1 SymNetS;Symantec Network Security WFP Driver;c:\windows\system32\drivers\n360\0502000.00d\symnets.sys [2012-3-1 299640]

R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-1-3 63928]

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

R2 CrossLoopService;CrossLoop Service;c:\users\mom\appdata\local\crossloop\CrossLoopService.exe [2012-3-27 569072]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-1 652360]

R2 N360;Norton 360;c:\program files\norton 360\engine\5.2.0.13\ccsvchst.exe [2012-3-1 130008]

R2 PDFProFiltSrv;PDFProFiltSrv;c:\program files\nuance\pdf professional 7\PDFProFiltSrv.exe [2011-9-9 135016]

R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2012-1-18 450848]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2011-5-16 350248]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2012-3-1 106104]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-1 20464]

R3 rt61x86;Linksys Wireless-G PCI Adapter Driver;c:\windows\system32\drivers\WMP54Gv41x86.sys [2010-4-7 376160]

R3 usbfilter;AMD USB Filter Driver;c:\windows\system32\drivers\usbfilter.sys [2011-5-16 37504]

R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]

R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-2 253600]

S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys [2011-5-16 100328]

S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys [2011-5-16 309224]

S3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiagx.sys [2011-5-16 76840]

S3 BFN7x86;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x86.sys [2011-5-16 129640]

S3 BFNVis32;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\XenoVx86.sys [2011-5-16 129640]

S3 BXOIS;BXOIS;c:\windows\system32\drivers\bxois.sys [2011-5-16 431144]

S3 cbaf;UWB Cable Based Association Framework Driver;c:\windows\system32\drivers\cbaf.sys [2011-5-16 11008]

S3 dfuuwb;Intel Wireless UWB Link 1480M Device Firmware Utility;c:\windows\system32\drivers\DfuUWB.sys [2011-5-16 500736]

S3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464]

S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2011-5-16 109448]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\drivers\EtronHub3.sys [2011-5-16 33152]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\drivers\EtronXHCI.sys [2011-5-16 52992]

S3 HWA;Intel® Wireless USB Host Adapter;c:\windows\system32\drivers\HWA.sys [2011-5-16 53376]

S3 IFCoEMP;IFCoEMP;c:\windows\system32\drivers\ifM60x32.sys [2011-5-16 269584]

S3 IFCoEVB;IFCoEVB;c:\windows\system32\drivers\ifP60x32.sys [2011-5-16 61712]

S3 Impcd;Impcd;c:\windows\system32\drivers\Impcd.sys [2011-5-16 132480]

S3 ioatdma1;ioatdma1;c:\windows\system32\drivers\qd16032.sys [2011-5-16 36552]

S3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\system32\drivers\qd26032.sys [2011-5-16 37576]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-4-2 40776]

S3 MEI;Intel® Management Engine Interface;c:\windows\system32\drivers\HECI.sys [2011-5-16 40832]

S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-3-27 129976]

S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2011-5-16 63872]

S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2011-5-16 141952]

S3 nvamacpi;nvamacpi;c:\windows\system32\drivers\nvamacpi.sys [2011-5-16 24608]

S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-20 15872]

S3 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]

S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys [2011-6-17 77184]

S3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-20 25600]

S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2010-11-20 52224]

S3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]

S3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640]

S3 tvnserver;TightVNC Server;c:\users\mom\appdata\local\crossloop\tvnserver.exe [2012-3-27 814080]

S3 UsbFltr;Razer Copperhead Driver;c:\windows\system32\drivers\copperhd.sys [2011-5-18 11596]

S3 uwbusb;UWB Bus Control USB-Miniport Driver;c:\windows\system32\drivers\usbuwbmini.sys [2011-5-16 9600]

S3 VSPerfDrv100;Performance Tools Driver 10.0;c:\program files\microsoft visual studio 10.0\team tools\performance tools\VSPerfDrv100.sys [2011-1-18 54144]

S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2012-3-3 1343400]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files\microsoft sql server\100\shared\sqladhlp.exe [2009-7-22 47128]

S4 RsFx0105;RsFx0105 Driver;c:\windows\system32\drivers\RsFx0105.sys [2011-9-22 238696]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);c:\program files\microsoft sql server\mssql10.sqlexpress\mssql\binn\SQLAGENT.EXE [2011-9-22 370024]

.

=============== Created Last 30 ================

.

2012-04-03 18:59:02 -------- d-----w- C:\f1bf0072615ea8aa8e90

2012-04-03 05:47:26 418464 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-04-03 05:35:38 -------- d-----w- c:\programdata\PreEmptive Solutions

2012-04-03 04:39:08 -------- d-----w- C:\a3e13c58a3d203d2982d2978

2012-04-03 04:30:31 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2012-04-03 04:26:34 -------- d-----w- C:\a45fcc22a60094f3c0d0e3e688

2012-04-03 04:22:56 73064 ----a-w- c:\windows\system32\perf-MSSQL$SQLEXPRESS-sqlctr10.3.5500.0.dll

2012-04-03 04:22:55 89960 ----a-w- c:\windows\system32\SQSRVRES.DLL

2012-04-02 04:38:20 -------- d-----w- c:\program files\Advanced Port Scanner

2012-04-02 01:17:21 -------- d-----w- c:\programdata\regid.1986-12.com.adobe

2012-03-31 21:35:40 -------- d-----w- c:\users\nimda\appdata\local\Adobe

2012-03-27 23:07:20 -------- d-----w- c:\program files\Mozilla Maintenance Service

2012-03-27 23:07:16 145960 ----a-w- c:\program files\mozilla firefox\maintenanceservice_installer.exe

2012-03-27 23:07:16 129976 ----a-w- c:\program files\mozilla firefox\maintenanceservice.exe

2012-03-26 01:28:47 -------- d-----w- c:\users\nimda\appdata\roaming\IconChanger

2012-03-26 01:21:14 -------- d-----w- c:\program files\IconChanger

2012-03-26 01:06:08 -------- d-----w- c:\users\nimda\appdata\local\Deployment

2012-03-26 01:06:08 -------- d-----w- c:\users\nimda\appdata\local\Apps

2012-03-26 00:18:31 -------- d-----w- c:\programdata\Microsoft Visual Studio

2012-03-26 00:14:39 -------- d-----w- c:\users\nimda\appdata\roaming\Microsoft Corporation

2012-03-25 18:34:10 -------- d-----w- c:\program files\FBP - Facebook Blaster Pro

2012-03-19 03:26:24 -------- d-----w- c:\users\nimda\appdata\roaming\Dev-Cpp

2012-03-18 22:27:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin7.dll

2012-03-18 22:27:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin6.dll

2012-03-18 22:27:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin5.dll

2012-03-18 22:27:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin4.dll

2012-03-18 22:27:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin3.dll

2012-03-18 22:27:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin2.dll

2012-03-18 22:27:45 159744 ----a-w- c:\program files\internet explorer\plugins\npqtplugin.dll

2012-03-18 22:25:47 -------- d-----w- c:\users\nimda\appdata\local\Apple

2012-03-17 04:01:21 -------- d-----w- c:\users\nimda\appdata\local\ElevatedDiagnostics

2012-03-15 00:43:22 -------- d-----w- c:\programdata\VS

2012-03-15 00:40:13 -------- d-----w- c:\program files\Microsoft Windows Performance Toolkit

2012-03-15 00:38:39 -------- d-----w- C:\484bfc10b1ea60baa5

2012-03-15 00:38:35 -------- d-----w- c:\program files\Debugging Tools for Windows (x86)

2012-03-15 00:38:13 -------- d-----w- c:\program files\Application Verifier

2012-03-15 00:25:55 -------- d-----w- c:\windows\system32\appmgmt

2012-03-14 22:56:56 -------- d-----w- C:\TDSSKiller_Quarantine

2012-03-14 05:28:41 3971440 ----a-w- c:\windows\system32\ntkrnlpa.exe

2012-03-14 05:28:41 3916656 ----a-w- c:\windows\system32\ntoskrnl.exe

2012-03-14 04:32:58 2343424 ----a-w- c:\windows\system32\win32k.sys

2012-03-14 04:32:56 1077248 ----a-w- c:\windows\system32\DWrite.dll

2012-03-14 04:07:19 8192 ----a-w- c:\windows\system32\rdrmemptylst.exe

2012-03-14 04:07:19 58880 ----a-w- c:\windows\system32\rdpwsx.dll

2012-03-14 04:07:19 129536 ----a-w- c:\windows\system32\rdpcorekmts.dll

2012-03-14 04:07:17 919040 ----a-w- c:\windows\system32\rdpcorets.dll

2012-03-14 04:07:17 826880 ----a-w- c:\windows\system32\rdpcore.dll

2012-03-14 04:07:16 24576 ----a-w- c:\windows\system32\drivers\tdtcp.sys

2012-03-14 04:07:16 183808 ----a-w- c:\windows\system32\drivers\rdpwd.sys

2012-03-13 03:36:39 50200 ----a-w- c:\windows\system32\perf-SQLAgent$SQLEXPRESS-sqlagtctr10.1.2531.0.dll

2012-03-13 03:35:20 -------- d-----w- c:\windows\system32\RsFx

2012-03-13 03:29:56 -------- d-----w- c:\program files\Microsoft SQL Server

2012-03-13 03:29:13 -------- d-----w- c:\program files\Microsoft Synchronization Services

2012-03-13 03:29:13 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-03-13 03:22:47 -------- d-----w- c:\program files\Microsoft ASP.NET

2012-03-13 03:22:42 -------- d-----w- c:\program files\IIS

2012-03-13 03:21:29 2480064 ----a-w- c:\programdata\microsoft\visualstudio\10.0\1033\ResourceCache.dll

2012-03-13 03:11:36 -------- d-----w- c:\windows\system32\1033

2012-03-13 03:11:11 -------- d-----w- c:\program files\Microsoft F#

2012-03-13 03:11:11 -------- d-----w- c:\program files\HTML Help Workshop

2012-03-13 03:11:10 -------- d-----w- c:\program files\Microsoft Visual Studio 10.0

2012-03-13 03:11:10 -------- d-----w- c:\program files\Microsoft Help Viewer

2012-03-13 03:11:10 -------- d-----w- c:\program files\common files\Merge Modules

2012-03-12 22:22:02 473656 ----a-w- c:\windows\system32\drivers\sptd.sys

2012-03-12 22:20:59 -------- d-----w- c:\users\nimda\appdata\roaming\DAEMON Tools Lite

2012-03-12 22:20:56 -------- d-----w- c:\programdata\DAEMON Tools Lite

2012-03-12 17:08:32 -------- d-----w- c:\users\nimda\appdata\roaming\Image-Line

2012-03-12 15:24:20 -------- d-----w- c:\users\nimda\appdata\roaming\NoNameScript

2012-03-12 15:23:35 -------- d-----w- c:\windows\MSAgent

2012-03-12 15:15:25 -------- d-----w- c:\users\nimda\appdata\roaming\mIRC

2012-03-12 01:39:51 -------- d-----w- c:\users\nimda\appdata\local\Diagnostics

2012-03-12 00:43:37 -------- d-----w- c:\users\nimda\appdata\local\Mozilla

2012-03-10 16:44:26 -------- d-----w- c:\windows\PIXTRAN

2012-03-10 16:44:08 -------- d-----w- c:\program files\common files\ScanSoft Shared

2012-03-10 16:44:05 -------- d-----w- c:\program files\Nuance

2012-03-10 16:40:43 -------- d-----w- C:\Pro_11459.1

2012-03-10 15:54:17 -------- d-----w- c:\users\nimda\appdata\roaming\FLEXnet

2012-03-10 15:54:15 -------- d-----w- c:\users\nimda\appdata\roaming\Nuance

2012-03-10 15:51:14 -------- d-----w- c:\users\nimda\appdata\roaming\Zeon

2012-03-10 15:51:05 -------- d-----w- c:\programdata\Nuance

2012-03-10 15:50:21 -------- d-----w- c:\programdata\zeon

2012-03-10 06:14:07 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-03-10 06:14:07 1060864 ----a-w- c:\windows\system32\mfc71.dll

2012-03-10 06:13:28 -------- d-----w- c:\program files\ASIO4ALL v2

2012-03-10 06:13:01 225280 ----a-w- c:\windows\system32\rewire.dll

2012-03-10 06:13:01 -------- d-----w- c:\program files\VstPlugins

2012-03-10 06:12:43 1554944 ----a-w- c:\windows\system32\vorbis.acm

2012-03-10 06:12:31 -------- d-----w- c:\program files\Outsim

2012-03-10 06:08:44 -------- d-----w- c:\program files\Image-Line

2012-03-09 02:03:03 -------- d-----w- c:\windows\pss

2012-03-07 22:05:07 -------- d-----w- c:\program files\MSXML 4.0

2012-03-07 04:33:39 -------- d-----w- c:\users\nimda\appdata\local\HP

2012-03-07 04:17:58 -------- d-----w- c:\program files\common files\Hewlett-Packard

2012-03-07 04:17:40 -------- d-----w- c:\program files\common files\HP

2012-03-07 04:12:53 452408 ----a-w- c:\windows\system32\hpzids01.dll

2012-03-07 02:36:39 -------- d-----w- c:\program files\HP

2012-03-05 01:22:18 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-05 00:00:58 -------- d-----w- c:\windows\system32\Adobe

.

==================== Find3M ====================

.

2012-03-11 17:41:34 13824 ----a-w- c:\windows\system32\slwga.dll

2012-03-11 17:41:33 409088 ----a-w- c:\windows\system32\systemcpl.dll

2012-03-11 17:41:32 811520 ----a-w- c:\windows\system32\user32.dll

2012-03-03 22:28:45 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-03-02 00:28:00 126584 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS

2012-03-01 23:28:22 0 ----a-w- c:\windows\ativpsrm.bin

2012-01-29 13:10:42 237072 ------w- c:\windows\system32\MpSigStub.exe

2012-01-18 14:44:52 540960 ----a-w- c:\windows\system32\LVUI2RC.dll

2012-01-18 14:44:52 4332960 ----a-w- c:\windows\system32\drivers\lvuvc.sys

2012-01-18 14:44:40 545056 ----a-w- c:\windows\system32\LVUI2.dll

2012-01-18 14:44:28 312096 ----a-w- c:\windows\system32\drivers\lvrs.sys

2012-01-18 14:44:26 307488 ----a-w- c:\windows\system32\lvcodec2.dll

2012-01-18 14:44:26 196896 ----a-w- c:\windows\system32\lvci13311044.dll

2012-01-18 14:44:00 336408 ----a-w- c:\windows\system32\DevManagerCore.dll

2012-01-18 14:44:00 10920984 ----a-w- c:\windows\system32\LogiDPP.dll

2012-01-18 14:44:00 104472 ----a-w- c:\windows\system32\LogiDPPApp.exe

2012-01-18 14:23:12 38958 ----a-w- c:\windows\system32\Repository.reg

.

============= FINISH: 12:27:19.69 ===============

Attach.zip

[D-FRED-BROWN]

Hello killallmalware and welcome to Malwarebytes!

I am D-FRED-BROWN and I will be helping you.

Please print or save this topic: it will make it easier for you to follow the instructions and complete all of the necessary steps.

-------------

Please download to your Desktop:

• TDSSKiller.zip from here and extract it (right click on it => "Extract here").
  

>>> TDSSKiller: Double-click on TDSSKiller.exe to run the application.

• Click on the Start Scan button and wait for the scan and disinfection process to be over.
  
• If an infected file is detected, the default action will be Cure, click on Continue
  
• If a suspicious file is detected, the default action will be Skip, click on Continue
  
• If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.
  
• If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.
  

In your next reply, please include the following (you may need to use two posts to get it all in):

• TDSSKiller_log.txt
  

how the PC is running now?

-------------

Please download ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool:

http://www.bleepingc...to-use-combofix

***IMPORTANT: save ComboFix to your Desktop***

* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Please go here to see a list of programs that should be disabled.

**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall**

Please include the C:\ComboFix.txt in your next reply for further review.

Also, please let me know if any problems still remain.

-------------

Please download Security Check by screen317 from here or here.

• Save it to your Desktop.
  
• Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  
• A Notepad document should open automatically called checkup.txt; please post the contents of that document.
  

-------------

In your next reply, please include:

• TDSSKiller logfile
  
• C:\ComboFix.txt
  
• Security Check checkup.txt
  

How is your computer running now?

[Maurice Naggar]

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!